August 3, 2022

                August 3, 2022

            August 3, 2022

            @mikko @mikko
China is rising as an online superpower, a thread:1:00 PM ∙ Aug 3, 2022
105Likes47Retweets
-
Filip Dragovic @filip_dragovicSpooler service disabled, RPC filters installed to prevent PetitPotam and File Server VSS Agent Service not installed but you still want to relay DC authentication to ADCS?
Don't worry MS-DFSNM have your back ;)

github.com/Wh04m1001/DFSC… 
1:40 PM ∙ Jun 18, 2022
1,348Likes550Retweets
-
The Info Op is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.

dave karpf @davekarpf
By age 40, with your training complete, you should have vanquished those friends, claimed their businesses, money, and fitness, and built a throne out of their skulls. https://t.co/dghrC7SH7s
Steve · Millionaire Habits @SteveOnSpeed
By age 30, you should have a group of friends that talk business, money, and fitness, not politics and pop culture.12:37 PM ∙ Aug 2, 2022
436Likes84Retweets
-
FREYA COMIX🏳️‍⚧️ @JenPallante
Not sure who needs to be reminded of this but: PeeWee Herman was not arrested masturbating at a public theater. Not like you think.

He was at an adult theater (where masturbation is encouraged) and it was a sting operation targeting queers.3:46 AM ∙ Aug 1, 2022
51,477Likes5,724Retweets
Legend!
Sarah Buckley @Sarahgbeee
@JenPallante He also requested that the vampire he played in Buffy, Amilyn, was to look like his mug shot which was the most badassssss thing ever. Ruebens is a freaking boss 
9:09 PM ∙ Aug 1, 2022
2,784Likes85Retweets
-
Chad Read @squirrel74wkgn
Well, this is awkward. Nobody else in the office dressed up like Martin Luther King Jr. today.2:21 PM ∙ Jan 19, 2015
1,350Likes647Retweets
-
TIL: Exploiting Python co_local, a thing you can do.
leo60228 @leo60228@louispilfold @eevee @whitequark @pcwalton github.com/DavidBuchanan3… for a PoC
github.com/python/cpython… for a source on bytecode being "allowed" to cause memory unsafety
github.com/python/cpython… for an issue from last week that hasn't been closed but has multiple people saying it's working as intended
github.comOut of bounds co_* tuple access is allowed · Issue #95222 · python/cpythonWhen a LOAD_* instruction needs to load from a co_*s tuple, it can segfault and crash the program when the index is out of bounds. Examples: eval(compile(&#39;a&#39;, &#39;&lt;string&gt;&#39;, &#39...1:15 PM ∙ Aug 2, 2022
20Likes4Retweets
-
raz @leadinscientistThis attack against Nomad was something, I've never seen before.

People started replicating the attack after a few minutes, while the initial attacker drained out the pool systematically.

At some point, random dudes with ENS names were getting a million USDC per transactions. 11:36 PM ∙ Aug 1, 2022
1,237Likes232Retweets-
Rachel Tobac @RachelTobac
*ANNOUNCEMENT*
Presenting: the trailer for our new 🎶MUSICAL🎶 & spoken Security Awareness Videos! After the infosec sea shanty, dozens of teams DM’d me saying "The song worked! MFA usage up, reporting way up, pls make more songs!" So we got to work & you all it's finally here!🤖 
12:32 PM ∙ Aug 2, 2022
1,036Likes244Retweets
-
Kenn White @kennwhite
Reading this @dangoodin001 piece & it occurs to me what a strange path we've taken: In 10-20 yrs (or 50, or never) we *might* have practical quantum computers, so let's roll out replacement PQ crypto now. Which could be trivially broken today, on a laptop.
arstechnica.comPost-quantum encryption contender is taken out by single-core PC and 1 hourLeave it to mathematicians to muck up what looked like an impressive new algorithm.2:14 PM ∙ Aug 2, 2022
56Likes23Retweets
-
New AC paper.

https://www.atlanticcouncil.org/in-depth-research-reports/issue-brief/technology-change-and-the-changing-face-of-russian-private-military-contractors/

-
Moose @LitMoose
I hate how accurate this is. 
4:57 PM ∙ Jul 30, 2022
2,441Likes406Retweets
-
Alessandro Mantovani @elmant0
And this finally concludes my Ph.D. journey -- my dissertation "An Analysis of Human-in-the-loop Approaches for Binary Analysis Automation" is officially available at: eurecom.frAn analysis of human-in-the-loop approaches for binary analysis automation | EURECOM10:13 PM ∙ Aug 2, 2022
42Likes7Retweets
-
Love it — anti piracy messaging increases piracy.

https://www.theregister.com/2022/08/02/antipiracy_messaging_piracy/

-
Spironolactone Agnew (she/her) @SBElikeswords
JK Rowling is Elon Musk for cis women, in the same way that Joe Rogan is Oprah for cis men5:22 PM ∙ Aug 1, 2022
63,533Likes5,537Retweets
-
rqu @rqu50
I wrote a tool to check master key configuration on palo alto firewalls and so far I haven't run into any instances of people actually changing the master key from p1a2l3o4a5l6t7o8 gist.github.comcheck if a PAN firewall is using the default master key when globalprotect is enabledcheck if a PAN firewall is using the default master key when globalprotect is enabled - checkmk.py8:36 PM ∙ Aug 2, 2022
289Likes101Retweets
-
Kristen Bottema-Beutel @KristenBott
I asked my 11 yo to help me write my vacation away message, and she suggested “I AM ON VACATION SO YOUR EMAIL WILL BE DELETED”12:12 AM ∙ Aug 2, 2022
246,916Likes15,327Retweets
-
Stephen Lacy @stephenlacy
I am uncovering what seems to be a massive widespread malware attack on @github.

- Currently over 35k repositories are infected
- So far found in projects including: crypto, golang, python, js, bash, docker, k8s
- It is added to npm scripts, docker images and install docs 
5:14 AM ∙ Aug 3, 2022
10,555Likes5,003Retweets
-
elle @notfunnyelle
my sister: why do you delete so many tweets? 

me: sometimes you don't know something's really stupid until you send it out into the world 

my mother: *staring at me just a beat too long*3:26 AM ∙ Aug 3, 2022
1,204Likes193Retweets
-
Tansu YEĞEN @TansuYegen
Gentleman Ringo Starr 
11:17 AM ∙ Aug 2, 2022
29,289Likes5,707Retweets
-
Florian Roth ⚡ @cyb3rops
Thanks to @github for removing the crime scenes

#MyJinoRu 
11:12 AM ∙ Aug 3, 2022
169Likes37Retweets
The Info Op is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.

                Don't miss what's next. Subscribe to the grugq's newsletter: