August 3, 2022
-
Spooler service disabled, RPC filters installed to prevent PetitPotam and File Server VSS Agent Service not installed but you still want to relay DC authentication to ADCS?
Don't worry MS-DFSNM have your back ;)
github.com/Wh04m1001/DFSC…
-
By age 40, with your training complete, you should have vanquished those friends, claimed their businesses, money, and fitness, and built a throne out of their skulls. https://t.co/dghrC7SH7s
Steve · Millionaire Habits @SteveOnSpeed
-
Not sure who needs to be reminded of this but: PeeWee Herman was not arrested masturbating at a public theater. Not like you think.
He was at an adult theater (where masturbation is encouraged) and it was a sting operation targeting queers.
Legend!
@JenPallante He also requested that the vampire he played in Buffy, Amilyn, was to look like his mug shot which was the most badassssss thing ever. Ruebens is a freaking boss
-
-
TIL: Exploiting Python co_local, a thing you can do.
@louispilfold @eevee @whitequark @pcwalton github.com/DavidBuchanan3… for a PoC
github.com/python/cpython… for a source on bytecode being "allowed" to cause memory unsafety
github.com/python/cpython… for an issue from last week that hasn't been closed but has multiple people saying it's working as intended
-
This attack against Nomad was something, I've never seen before.
People started replicating the attack after a few minutes, while the initial attacker drained out the pool systematically.
At some point, random dudes with ENS names were getting a million USDC per transactions. 
-
*ANNOUNCEMENT*
Presenting: the trailer for our new 🎶MUSICAL🎶 & spoken Security Awareness Videos! After the infosec sea shanty, dozens of teams DM’d me saying "The song worked! MFA usage up, reporting way up, pls make more songs!" So we got to work & you all it's finally here!🤖
-
Reading this @dangoodin001 piece & it occurs to me what a strange path we've taken: In 10-20 yrs (or 50, or never) we *might* have practical quantum computers, so let's roll out replacement PQ crypto now. Which could be trivially broken today, on a laptop.
-
New AC paper.
https://www.atlanticcouncil.org/in-depth-research-reports/issue-brief/technology-change-and-the-changing-face-of-russian-private-military-contractors/-
-
And this finally concludes my Ph.D. journey -- my dissertation "An Analysis of Human-in-the-loop Approaches for Binary Analysis Automation" is officially available at:
-
Love it — anti piracy messaging increases piracy.
https://www.theregister.com/2022/08/02/antipiracy_messaging_piracy/-
-
I wrote a tool to check master key configuration on palo alto firewalls and so far I haven't run into any instances of people actually changing the master key from p1a2l3o4a5l6t7o8
-
I asked my 11 yo to help me write my vacation away message, and she suggested “I AM ON VACATION SO YOUR EMAIL WILL BE DELETED”
-
- Currently over 35k repositories are infected - So far found in projects including: crypto, golang, python, js, bash, docker, k8s - It is added to npm scripts, docker images and install docs
-
my sister: why do you delete so many tweets?
me: sometimes you don't know something's really stupid until you send it out into the world
my mother: *staring at me just a beat too long*
-
-
Don't miss what's next. Subscribe to the grugq's newsletter: