no alarms and no surprises please..
-
Critical Flaw in ProjectSend Under Active Exploitation Against Public-Facing Servers
Critical Flaw in ProjectSend Under Active Exploitation Against Public-Facing Servers A critical security flaw impacting the ProjectSend open-source file-sharing application has likely come under active exploitation in the wild, according to findings from VulnCheck. The vulnerability, originally patched over a year-and-a-half ago as part of a commit pushed in May 2023 , was not officially…
-
Researchers Discover “Bootkitty” – First UEFI Bootkit Targeting Linux Kernels
Researchers Discover “Bootkitty” – First UEFI Bootkit Targeting Linux Kernels Cybersecurity researchers have shed light on what has been described as the first Unified Extensible Firmware Interface (UEFI) bootkit designed for Linux systems. Dubbed Bootkitty by its creators who go by the name BlackCat, the bootkit is assessed to be a proof-of-concept (PoC) and there…
-
Latest Multi-Stage Attack Scenarios with Real-World Examples
Latest Multi-Stage Attack Scenarios with Real-World Examples Multi-stage cyber attacks, characterized by their complex execution chains, are designed to avoid detection and trick victims into a false sense of security. Knowing how they operate is the first step to building a solid defense strategy against them. Let’s examine real-world examples of some of the most…
-
APT-C-60 Hackers Exploit StatCounter and Bitbucket in SpyGlace Malware Campaign
APT-C-60 Hackers Exploit StatCounter and Bitbucket in SpyGlace Malware Campaign The threat actor known as APT-C-60 has been linked to a cyber attack targeting an unnamed organization in Japan that used a job application-themed lure to deliver the SpyGlace backdoor. That’s according to findings from JPCERT/CC, which said the intrusion leveraged legitimate services like Google…
-
NSO Group Spies on People on Behalf of Governments
NSO Group Spies on People on Behalf of Governments The Israeli company NSO Group sells Pegasus spyware to countries around the world (including countries like Saudi Arabia, UAE, India, Mexico, Morocco and Rwanda). We assumed that those countries use the spyware themselves. Now we’ve learned that that’s not true: that NSO Group employees operate the…
-
Hacker in Snowflake Extortions May Be a U.S. Soldier
Hacker in Snowflake Extortions May Be a U.S. Soldier Two men have been arrested for allegedly stealing data from and extorting dozens of companies that used the cloud data storage company Snowflake, but a third suspect — a prolific hacker known as Kiberphant0m — remains at large and continues to publicly extort victims. However, this…
-
Feds Charge Five Men in ‘Scattered Spider’ Roundup
Feds Charge Five Men in ‘Scattered Spider’ Roundup Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. technology companies between 2021 and 2023, including LastPass, MailChimp, Okta, T-Mobile and Twilio. A visual depiction of…
-
Fintech Giant Finastra Investigating Data Breach
Fintech Giant Finastra Investigating Data Breach The financial technology firm Finastra is investigating the alleged large-scale theft of information from its internal file transfer platform, KrebsOnSecurity has learned. Finastra, which provides software and services to 45 of the world’s top 50 banks, notified customers of the security incident after a cybercriminal began selling more than…
-
An Interview With the Target & Home Depot Hacker
An Interview With the Target & Home Depot Hacker In December 2023, KrebsOnSecurity revealed the real-life identity of Rescator, the nickname used by a Russian cybercriminal who sold more than 100 million payment cards stolen from Target and Home Depot between 2013 and 2014. Moscow resident Mikhail Shefel, who confirmed using the Rescator identity in…
-
Microsoft Patch Tuesday, November 2024 Edition
Microsoft Patch Tuesday, November 2024 Edition Microsoft today released updates to plug at least 89 security holes in its Windows operating systems and other software. November’s patch batch includes fixes for two zero-day vulnerabilities that are already being exploited by attackers, as well as two other flaws that were publicly disclosed prior to today. The…
-
FlipaClip animation app data breach exposes details of almost 900,000 users
FlipaClip animation app data breach exposes details of almost 900,000 users Flipaclip, an animation creation app that is particularly popular with youngsters, has exposed the details of over 890,000 users. Read more in my article on the Hot for Security blog. Graham Cluley Go to grahamcluley
-
750,000 patients’ medical records exposed after data breach at French hospital
750,000 patients’ medical records exposed after data breach at French hospital A hacker calling themselves “nears” claims to have compromised the systems of multiple healthcare facilities across France, claiming to have gained access to the records of over 1.5 million people. Read more in my article on the Tripwire State of Security blog. Graham Cluley…
-
151: Chris Rock
151: Chris Rock Chris Rock is known for being a security researcher. But he’s also a black hat incident responder. He tells us about a job he did in the middle east. https://x.com/chrisrockhacker SponsorsSupport for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber…
-
150: mobman 2
150: mobman 2 In Episode 20 of Darknet Diaries, we heard from Greg aka “mobman” who said he created the sub7 malware. Something didn’t sit right with a lot of people about that episode. It’s time to revisit that episode and get to the bottom of things. SponsorsThis show is sponsored by Shopify. Shopify is…
-
149: Mini-Stories: Vol 3
149: Mini-Stories: Vol 3 In this episode we hear EvilMog (https://x.com/Evil_Mog) tell us a story about when he had to troubleshoot networks in Afghanistan. We also get Joe (http://x.com/gonzosec) to tell us a penetration test story. SponsorsSupport for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does…
-
148: Dubsnatch
148: Dubsnatch Ever wondered how far a fan would go to get a sneak peek of their favorite artist’s unreleased tracks? In this episode, we uncover the audacious story of some teens bent on getting their hands on the newest dubstep music before anyone else. SponsorsSupport for this show comes from Varonis. Do you wonder…
-
147: Tornado
147: Tornado In this episode, Geoff White (https://x.com/geoffwhite247) tells us what happened to Axie Infinity and Tornado cash. It’s a digital heist of epic proportions that changes everything. This story comes from part of Geoff’s book “Rinsed” which goes into the world of money laundering. Get yours here https://amzn.to/3VJs7pb. Jack Rhysider Go to darknetdiaries
-
Weekly Update 427
Weekly Update 427 I was going to write about how much I’ve enjoyed “tinkering” with the HIBP API, but somehow, that term doesn’t really seem appropriate any more for a service of this scale. On the contrary, we’re putting in huge amounts of effort to get this thing fast, stable, and sustainable. We could do…
-
Closer to the Edge: Hyperscaling Have I Been Pwned with Cloudflare Workers and Caching
Closer to the Edge: Hyperscaling Have I Been Pwned with Cloudflare Workers and Caching I’ve spent more than a decade now writing about how to make Have I Been Pwned (HIBP) fast. Really fast. Fast to the extent that sometimes, it was even too fast: The response from each search was coming back so quickly…
-
Weekly Update 426
Weekly Update 426 I have absolutely no problem at all talking about the code I’ve screwed up. Perhaps that’s partly because after 3 decades of writing software (and doing some meaningful stuff along the way), I’m not particularly concerned about showing my weaknesses. And this week, I screwed up a bunch of stuff; database queries…
-
Inside the DemandScience by Pure Incubation Data Breach
Inside the DemandScience by Pure Incubation Data Breach Apparently, before a child reaches the age of 13, advertisers will have gathered more 72 million data points on them. I knew I’d seen a metric about this sometime recently, so I went looking for “7,000”, which perfectly illustrates how unaware we are of the extent of…
-
Weekly Update 425
Weekly Update 425 This was a much longer than usual update, largely due to the amount of time spent discussing the Earth 2 incident. As I said in the video (many times!), the amount of attention this has garnered from both Earth 2 users and the company itself is incommensurate with the impact of the…
-
NVIDIA UFM Vulnerability Leads to Privilege Escalation & Data Tampering
NVIDIA UFM Vulnerability Leads to Privilege Escalation & Data Tampering NVIDIA has released a critical security update addressing a significant vulnerability in its Unified Fabric Manager (UFM) products.This flaw, identified as CVE-2024-0130, poses a… Go to gbhackers.com
-
Junior School Student Indicted for Infecting Computers With Malware
Junior School Student Indicted for Infecting Computers With Malware Fukui Prefectural Police have indicted a 15-year-old junior high school student from Saitama Prefecture for allegedly creating and distributing malware.The young suspect, who… Go to gbhackers.com
-
Critical Gitlab Vulnerability Let Attackers Escalate Privileges
Critical Gitlab Vulnerability Let Attackers Escalate Privileges GitLab, a widely used platform for DevOps lifecycle management, has released critical security updates for its Community Edition (CE) and Enterprise Edition (EE).The… Go to gbhackers.com
-
Firefox 133.0 Released with Multiple Security Updates – What’s New!
Firefox 133.0 Released with Multiple Security Updates – What’s New! Mozilla has officially launched Firefox 133.0, offering enhanced features, significant performance improvements, and critical security fixes.This latest release enhances privacy, developer tools, and enterprise… Go to gbhackers.com
-
RomCom Hackers Exploits Windows & Firefox Zero-Day in Advanced Cyberattacks
RomCom Hackers Exploits Windows & Firefox Zero-Day in Advanced Cyberattacks In a new wave of cyberattacks, the Russia-aligned hacking group “RomCom” has been found exploiting critical zero-day vulnerabilities in Microsoft Windows and Mozilla Firefox… Go to gbhackers.com
-
New NachoVPN attack uses rogue VPN servers to install malicious updates
New NachoVPN attack uses rogue VPN servers to install malicious updates A set of vulnerabilities dubbed “NachoVPN” allows rogue VPN servers to install malicious updates when unpatched Palo Alto and SonicWall SSL-VPN clients connect to them. […] Sergiu Gatlan Go to bleepingcomputer
-
NordVPN Black Friday Deal: Save up to 74% on yearly subscriptions
NordVPN Black Friday Deal: Save up to 74% on yearly subscriptions Want the best VPN with a 74% discount? The NordVPN Black Friday deal is live and runs until December 10. This is the perfect chance to lock in a 2-year plan for the low cost of $2.99 per month, with an extra 3 months for…
-
Over 1,000 arrested in massive ‘Serengeti’ anti-cybercrime operation
Over 1,000 arrested in massive ‘Serengeti’ anti-cybercrime operation Law enforcement agencies in Africa arrested as part of ‘Operation Serengeti’ more than a thousand individuals suspected of being involved in major cybercriminal activities that caused close to $193 million in financial losses all over the world. […] Bill Toulas Go to bleepingcomputer
-
Get 50% off Malwarebytes during Black Friday 2024
Get 50% off Malwarebytes during Black Friday 2024 Malwarebytes’ Black Friday 2024 deals are now live, offering a 50% discount for one and two-year subscriptions to personal, family, and business subscriptions to its standalone anti-malware software, VPN, and Personal Data Remover services. […] Lawrence Abrams Go to bleepingcomputer
-
Why Cybersecurity Leaders Trust the MITRE ATT&CK Evaluations
Why Cybersecurity Leaders Trust the MITRE ATT&CK Evaluations The “MITRE Engenuity ATT&CK Evaluations: Enterprise” stand out as an essential resource for cybersecurity decision makers. Learn more from Cynet on what to expect in the upcoming 2024 MITRE ATT&CK Evaluation results. […] Sponsored by Cynet Go to bleepingcomputer
-
Mario Duarte, Former Snowflake Cybersecurity Leader, Joins Aembit as CISO to Tackle Non-Human Identities
Mario Duarte, Former Snowflake Cybersecurity Leader, Joins Aembit as CISO to Tackle Non-Human Identities Aembit, the non-human IAM company, today announced the appointment of Mario Duarte as chief information security officer (CISO). Duarte, formerly head of security at Snowflake, joins Aembit with a deep commitment to address pressing gaps in non-human identity security. Duarte’s journey…
-
Zimbra Remote Command Execution Vulnerability (CVE-2024-45519) – Exploit POC Released
Zimbra Remote Command Execution Vulnerability (CVE-2024-45519) – Exploit POC Released Zimbra, a popular email and collaboration platform, has issued a crucial security update to patch a severe vulnerability in its postjournal service. Identified as CVE-2024-45519, this flaw allows unauthenticated attackers to execute arbitrary commands on affected Zimbra installations. The vulnerability was discovered in Zimbra’s post-journal…
-
Evil Corp Cyber Criminals Group Identity Exposed Along with Lockbit Affiliate
Evil Corp Cyber Criminals Group Identity Exposed Along with Lockbit Affiliate Authorities in the UK, US, and Australia have sanctioned sixteen individuals linked to Evil Corp, a group once considered the pinnacle of global cyber threats. This move exposes their connections to the Russian state and other infamous ransomware groups, including LockBit. The National Crime…
-
New Bluetooth Vulnerability Leak Your Passcode to Hackers While Pairing
New Bluetooth Vulnerability Leak Your Passcode to Hackers While Pairing A recently identified vulnerability in Bluetooth technology, identified as CVE-2020-26558, poses a significant security risk to devices supporting various Bluetooth Core Specifications. This vulnerability, known as “Impersonation in the Passkey Entry Protocol,” affects devices using the Passkey Entry association model in BR/EDR Secure Simple Pairing,…
-
Authorities Unmasked LockBit Affiliate Evil Corp Key Member
Authorities Unmasked LockBit Affiliate Evil Corp Key Member Law enforcement agencies have identified Russian national Aleksandr Viktorovich Ryzhenkov as a key member of the notorious Evil Corp cybercrime group and a LockBit ransomware affiliate. Ryzhenkov, also known by his alias “Beverley,” has been linked to over 60 LockBit ransomware builds and is believed to have…
-
Jane Goodall: Reasons for hope | Starmus highlights
Jane Goodall: Reasons for hope | Starmus highlights The trailblazing scientist shares her reasons for hope in the fight against climate change and how we can tackle seemingly impossible problems and keep going in the face of adversity Go to eset
-
Life on a crooked RedLine: Analyzing the infamous infostealer’s backend
Life on a crooked RedLine: Analyzing the infamous infostealer’s backend Following the takedown of RedLine Stealer by international authorities, ESET researchers are publicly releasing their research into the infostealer’s backend modules Go to eset
-
ESET APT Activity Report Q2 2024–Q3 2024
ESET APT Activity Report Q2 2024–Q3 2024 An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q2 2024 and Q3 2024 Go to eset
-
Month in security with Tony Anscombe – October 2024 edition
Month in security with Tony Anscombe – October 2024 edition Election interference, American Water and the Internet Archive breaches, new cybersecurity laws, and more – October saw no shortage of impactful cybersecurity news stories Go to eset
-
How to remove your personal information from Google Search results
How to remove your personal information from Google Search results Have you ever googled yourself? Were you happy with what came up? If not, consider requesting the removal of your personal information from search results. Go to eset
-
08-09 Mart 2024 tarihlerinde gerçekleştirilecek Siber Yıldız 2024’te zekanı yeteneğin ile buluştur, bayrakları yakala, yıldız ol!
08-09 Mart 2024 tarihlerinde gerçekleştirilecek Siber Yıldız 2024’te zekanı yeteneğin ile buluştur, bayrakları yakala, yıldız ol! Go to usom.gov
-
Zararlı Bağlantılar Listesinde Yapılacak Değişiklik Hakkında
Zararlı Bağlantılar Listesinde Yapılacak Değişiklik Hakkında Go to usom.gov
-
OCWAR-C Projesi Kapsamında 25-29 Eylül 2023 Tarihlerinde Mauritius Cumhuriyeti’nde “Regional CSIRT/LEA Inter-agency Co-operation Exercise” Tatbikatı Düzenlendi
OCWAR-C Projesi Kapsamında 25-29 Eylül 2023 Tarihlerinde Mauritius Cumhuriyeti’nde “Regional CSIRT/LEA Inter-agency Co-operation Exercise” Tatbikatı Düzenlendi Go to usom.gov
-
TMMOB Elektrik Mühendisleri Odası Siber Güvenlik Farkındalık Eğitimi
TMMOB Elektrik Mühendisleri Odası Siber Güvenlik Farkındalık Eğitimi Go to usom.gov
-
Hava Kuvvetleri Komutanlığı Fetih Siber Talimhane Eğitimi
Hava Kuvvetleri Komutanlığı Fetih Siber Talimhane Eğitimi Go to usom.gov
-
TR-24-1869 (Special Minds 7/24 Tasarım ve Yazılım Ajansı – Special Commerce (e-Ticaret) – Özel E-Ticaret Sistemleri Güvenlik Bildirimi)
TR-24-1869 (Special Minds 7/24 Tasarım ve Yazılım Ajansı – Special Commerce (e-Ticaret) – Özel E-Ticaret Sistemleri Güvenlik Bildirimi) Go to usom.gov
-
TR-24-1868 (Firmanet Yazılım Ve Teknoloji A.Ş. – Firmanet ERP Güvenlik Bildirimi)
TR-24-1868 (Firmanet Yazılım Ve Teknoloji A.Ş. – Firmanet ERP Güvenlik Bildirimi) Go to usom.gov
-
TR-24-1867 (Kion Bilgisayar – KION Exchange Güvenlik Bildirimi)
TR-24-1867 (Kion Bilgisayar – KION Exchange Güvenlik Bildirimi) Go to usom.gov
-
TR-24-1866 (Teknogis Bilişim – Kapalı Devre Araç Takip Yazılımı Güvenlik Bildirimi)
TR-24-1866 (Teknogis Bilişim – Kapalı Devre Araç Takip Yazılımı Güvenlik Bildirimi) Go to usom.gov
-
TR-24-1865 (Smarttek Bilişim – Smart Doktor Ürünü Güvenlik Bildirimi)
TR-24-1865 (Smarttek Bilişim – Smart Doktor Ürünü Güvenlik Bildirimi) Go to usom.gov
-
Matrix Botnet Exploits IoT Devices in Widespread DDoS Botnet Campaign
Matrix Botnet Exploits IoT Devices in Widespread DDoS Botnet Campaign A threat actor named Matrix has been linked to a widespread distributed denial-of-service (DoD) campaign that leverages vulnerabilities and misconfigurations in Internet of Things (IoT) devices to co-opt them into a disruptive botnet. “This operation serves as a comprehensive one-stop shop for scanning, exploiting vulnerabilities,…
-
Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks
Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks Two critical security flaws impacting the Spam protection, Anti-Spam, and FireWall plugin WordPress could allow an unauthenticated attacker to install and enable malicious plugins on susceptible sites and potentially achieve remote code execution. The vulnerabilities, tracked as CVE-2024-10542 and CVE-2024-10781, carry a CVSS score…
-
Intruder Launches Intel: A Free Vulnerability Intelligence Platform For Staying Ahead of the Latest Threats
Intruder Launches Intel: A Free Vulnerability Intelligence Platform For Staying Ahead of the Latest Threats When CVEs go viral, separating critical vulnerabilities from the noise is essential to protecting your organization. That’s why Intruder, a leader in attack surface management, built Intel – a free vulnerability intelligence platform designed to help you act fast and…
-
RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated Cyberattacks
RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated Cyberattacks The Russia-aligned threat actor known as RomCom has been linked to the zero-day exploitation of two security flaws, one in Mozilla Firefox and the other in Microsoft Windows, as part of attacks designed to deliver the eponymous backdoor on victim systems. “In a successful attack,…
-
Chinese Hackers Use GHOSTSPIDER Malware to Hack Telecoms Across 12+ Countries
Chinese Hackers Use GHOSTSPIDER Malware to Hack Telecoms Across 12+ Countries The China-linked threat actor known as Earth Estries has been observed using a previously undocumented backdoor called GHOSTSPIDER as part of its attacks targeting Southeast Asian telecommunications companies. Trend Micro, which described the hacking group as an aggressive advanced persistent threat (APT), said the…
-
Sophos MDR blocks and tracks activity from probable Iranian state actor “MuddyWater”
Sophos MDR blocks and tracks activity from probable Iranian state actor “MuddyWater” Sophos MDR has observed a new campaign that uses targeted phishing to entice the target to download a legitimate remote machine management tool to dump credentials. We believe with moderate confidence that this activity, which we track as STAC 1171, is related to…
-
VEEAM exploit seen used again with a new ransomware: “Frag”
VEEAM exploit seen used again with a new ransomware: “Frag” Last month, Sophos X-Ops reported several MDR cases where threat actors exploited a vulnerability in Veeam backup servers. We continue to track the activities of this threat cluster, which recently included deployment of a new ransomware. The vulnerability, CVE-2024-40711, was used as part of a…
-
Bengal cat lovers in Australia get psspsspss’d in Google-driven Gootloader campaign
Bengal cat lovers in Australia get psspsspss’d in Google-driven Gootloader campaign The Internet is full of cats—and in this case, malware-delivering fake cat websites used for very targeted search engine optimization. gallagherseanm Go to sophos
-
From the frontlines: Our CISO’s view of Pacific Rim
From the frontlines: Our CISO’s view of Pacific Rim On beyond “Detect and Respond” and “Secure by Design” Ross McKerchar Go to sophos
-
What Graykey Can and Can’t Unlock
What Graykey Can and Can’t Unlock This is from 404 Media: The Graykey, a phone unlocking and forensics tool that is used by law enforcement around the world, is only able to retrieve partial data from all modern iPhones that run iOS 18 or iOS 18.0.1, which are two recently released versions of Apple’s mobile…
-
Security Analysis of the MERGE Voting Protocol
Security Analysis of the MERGE Voting Protocol Interesting analysis: An Internet Voting System Fatally Flawed in Creative New Ways. Abstract: The recently published “MERGE” protocol is designed to be used in the prototype CAC-vote system. The voting kiosk and protocol transmit votes over the internet and then transmit voter-verifiable paper ballots through the mail. In…
-
Friday Squid Blogging: Transcriptome Analysis of the Indian Squid
Friday Squid Blogging: Transcriptome Analysis of the Indian Squid Lots of details that are beyond me. Blog moderation policy. Bruce Schneier Go to bruce schneier
-
The Scale of Geoblocking by Nation
The Scale of Geoblocking by Nation Interesting analysis: We introduce and explore a little-known threat to digital equality and freedomwebsites geoblocking users in response to political risks from sanctions. U.S. policy prioritizes internet freedom and access to information in repressive regimes. Clarifying distinctions between free and paid websites, allowing trunk cables to repressive states, enforcing…
-
Secret Service Tracking People’s Locations without Warrant
Secret Service Tracking People’s Locations without Warrant This feels important: The Secret Service has used a technology called Locate X which uses location data harvested from ordinary apps installed on phones. Because users agreed to an opaque terms of service page, the Secret Service believes it doesn’t need a warrant. Bruce Schneier Go to bruce…
-
Infocon: green
Infocon: green ISC Stormcast For Wednesday, November 27th, 2024 https://isc.sans.edu/podcastdetail/9234 Go to boat international
-
ISC Stormcast For Wednesday, November 27th, 2024 https://isc.sans.edu/podcastdetail/9234, (Wed, Nov 27th)
ISC Stormcast For Wednesday, November 27th, 2024 https://isc.sans.edu/podcastdetail/9234, (Wed, Nov 27th) (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Go to boat international
-
[Guest Diary] Using Zeek, Snort, and Grafana to Detect Crypto Mining Malware, (Tue, Nov 26th)
[Guest Diary] Using Zeek, Snort, and Grafana to Detect Crypto Mining Malware, (Tue, Nov 26th) [This is a Guest Diary by David Fitzmaurice, an ISC intern as part of the SANS.edu Bachelor’s Degree in Applied Cybersecurity (BACS) program [1]. Over the last six months there have been frequent SSH connections leaving versions of the RedTail…
-
ISC Stormcast For Tuesday, November 26th, 2024 https://isc.sans.edu/podcastdetail/9232, (Tue, Nov 26th)
ISC Stormcast For Tuesday, November 26th, 2024 https://isc.sans.edu/podcastdetail/9232, (Tue, Nov 26th) (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Go to boat international
-
The strange case of disappearing Russian servers, (Mon, Nov 25th)
The strange case of disappearing Russian servers, (Mon, Nov 25th) Few months ago, I noticed that something strange was happening with the number of servers seen by Shodan in Russia… In order to identify any unusual changes on the internet that might be worth a closer look, I have put together a simple script few…
-
Case Studies: Real-World Examples of AI Enhancing Cybersecurity Measures
Artificial intelligence (AI) and machine learning are revolutionizing the field of cybersecurity, providing advanced tools and techniques to protect against evolving threats. By leveraging data science and sophisticated algorithms, AI is able to enhance security measures and detect potential risks before they can cause harm. One of the key benefits of AI in cybersecurity is…
-
12 times less CPU and 486 times more memory efficient!!!
https://medium.com/cimb-niaga-engineering/delivering-superior-banking-experiences-bc7ca491eae5
-
they say its right up there with orbstack
https://podman-desktop.io/
-
i m a small shop
https://minituff.github.io/nautical-backup/introduction/ https://github.com/MODSetter/SurfSense https://almeidapaulopt.github.io/tsdproxy/
-
life so complicated
Musk’s Five Commandments Musk’s five sequential commandments (aka “The Algorithm”) include:
-
the mtr of trace
https://github.com/sectordistrict/intentrace
-
is your internet so slow?
https://mlumiste.com/technical/liveportrait-compression/
-
i want to play too
https://taipangame.com/play https://store.steampowered.com/app/2943280/Dustland_Delivery/
-
i thought we use dns because ip addresses were hard to remember?
https://github.com/pubky/pkdns https://github.com/anacrolix/btlink https://dnslink.io/ https://github.com/mwarning/KadNode but whats wrong with https://www.namecoin.org/ https://ens.domains/ and yes, this! https://github.com/okTurtles/dnschain
-
more auto scanning
https://magicloops.dev/loop/3f3781f3-f987-4672-8500-bacbeefca6db/view https://www.mayhem.security/ – https://en.m.wikipedia.org/wiki/2016_Cyber_Grand_Challenge https://googleprojectzero.blogspot.com/2024/10/from-naptime-to-big-sleep.html?m=1
-
real men have fabs!
https://semiwiki.com/semiconductor-manufacturers/344511-real-men-have-fabs/
-
free money?
https://www.patched.codes/
-
where does the actual content sit?
https://github.com/ghobs91/chronicl
-
a free scanner for your api server
https://github.com/akto-api-security/akto
-
so its not a static analysis thing?
https://github.com/mindersec/minder
-
why not all the other things too?
https://www.itpro.com/infrastructure/data-centres/microsoft-wants-to-drastically-cut-carbon-emissions-so-its-building-data-centers-with-wood
-
u play with dji i play with skydio
https://archive.is/eJsQq but u see.. if china ever…for every $ of military aid the usa gives to taiwan, pledge to give the same to russia or the dprk.. ah i think we got ww3 on the table…
-
free computers!
ok i look at it this way. if u have 40-50 nodes. 1 of them is free. https://lwn.net/SubscriberLink/993828/eb9b437bf7604da3/ as in beer
-
on remote programming
https://zed.dev/faq https://orbstack.dev/ and a bit more https://github.com/rockyzhang24/dotfiles/blob/master/.config/nvim/colors/monokai.lua https://github.com/catppuccin/catppuccin
-
pwn me
so my bank wanted me to uninstall https://whowho.en.aptoide.com/app which I’m ok with.. it shipped with the phone, pops up korean notifications n i never actually opened it before.. and https://github.com/KieronQuinn/Smartspacer which i disagree with. i mean. how about tell me exactly why? i might contact the dev to talk about it? ok i actually don’t…
-
bash backend?
https://github.com/OliveTin/OliveTin https://clace.io/docs/quickstart/
-
wal vs zil vs journaling
https://www.infoq.com/presentations/tigerbeetle/ https://en.m.wikipedia.org/wiki/FoundationDB https://www.truenas.com/docs/references/zilandslog/ https://en.m.wikipedia.org/wiki/Journaling_file_system
-
i dont even program ok
so once upon ppl had php which go talk to the sql. and js which displayed the output it was a tossup..if u had to count. count with js or with php. but eventually js won. and whole websites were just 1 html n 1 div. js did everything on the client. including talk to…
-
why not a txt record?
https://blog.apnic.net/2022/12/02/improving-sshs-security-with-sshfp-dns-records/
-
cloudflare workers?
https://gitlip.com/blog/infinite-git-repos-on-cloudflare-workers https://github.com/jonfraser/simpletext