Security Engineer and Code Monkey || Code. Cybersecurity. Space. Sarcasm. Tweets are $null.

USA
Joined April 2009
Pinned Tweet
If you like thankless customers, steep learning curves, ungodly hours and soul crushing imposter syndrome, then infosec may be the right career for you. Sign up by giving this random suit all your PII in triplicate and fall down these stairs to begin your life as a security pro
3
2
Show this thread
A friend's father had his PC taken over by scammers.... just doing a bit of forensics on it to work out what happened. First sign is a download of amazon_security.exe which is actually Supremo Remote Desktop. supremocontrol.com/
55
544
70
2,778
Show this thread
rx13 retweeted
Remember us, PSCB? We remember you and decided to check your vulns... Tsk. Tsk. Not patched. We grabbed another 270GB. Fuck Vladimir Putin. #SlavaUkraini
90
449
27
3,165
Advantages of insomnia.
11
21
4
189
Show this thread
I lost my Facebook Instagram tiktok Gmail Google Amazon Netflix prime PayPal bank youtube whatsapp telegram discord twitter reddit Skype microsoft LinkedIn wechat password. Help lol
I lost my Facebook Instagram tiktok Gmail Google Amazon Netflix prime PayPal bank youtube whatsapp telegram discord twitter reddit Skype microsoft LinkedIn wechat password. Help lol
Show this thread
rx13 retweeted
Replying to @SwiftOnSecurity
It does.
28
161
18
1,168
rx13 retweeted
Holy crap: Although it was barely mentioned in the briefing, the CA9 just held in a single sentence, in a precedential opinion, that Internet content preservation isn't a seizure. And TOS eliminate all Internet privacy. Here's the entire discussion. Lordy. cdn.ca9.uscourts.gov/datasto…
102
932
253
1,762
Show this thread
rx13 retweeted
🏴 Capture the flag, coming your way from @CISAgov and @INL! Participants will determine how attackers compromised #IT and #ICS networks & gather the information needed to stop the threat from inflicting lasting damage. Sign up today: icsjwgctf.com
5
114
10
230
One man's EDR is another's man's surveillance apparatus
1
3
4
19
Show this thread
NtHiM (Now, the Host is Mine!) is a Rust-based systems project, enabling security enthusiasts to discover subdomain takeover vulnerabilities in hostnames from different organizations. See a demo from @WHOISbinit at #BHASIA Arsenal informatech.co/3vRls0U
6
2
21
rx13 retweeted
The Brooklyn Public Library has announced that any teenager in America is now eligible for a Brooklyn Public Library card. Teens can sign out ebooks + audiobooks from wherever they live. The move is designed to combat censorship, with some titles listed as "always available."
722
25,130
3,995
72,337
Show this thread
This was patched in Oracle's April 2022 security updates. Also a good thread here:
Welp. It’s the crypto bug of the year. Mark it down for April. Java 15-18 ECDSA doesn’t sanity check that the random x coordinate and signature proof are nonzero; a (0,0) signature validates any message. Breaks JWT, SAML, &c. neilmadden.blog/2022/04/19/p…
Show this thread
1
6
17
Show this thread
rx13 retweeted
WOW. Bloomberg finally opensourced memray—a new versatile memory profile for Python. Can't way to use it. Thread 👇
105
3,034
205
14,852
Show this thread
rx13 retweeted
JSC Bank PSCB, you are now controlled by Network Battalion 65. We're very thankful that you store so many credentials in Chrome. Well done. It's obvious that incident response has started. Good luck getting your data back without us. Tell your government to GTFO of #Ukraine
173
921
123
4,450
Show this thread
kdigger (short for Kubernetes digger), is a context discovery tool for Kubernetes penetration testing. It’s a compilation of various plugins called buckets, to facilitate pentesting Kubernetes from inside a pod. See a demo at #BHASIA Arsenal informatech.co/3utRi1d
5
1
9
rx13 retweeted
A "certified ethical hacker" hired to help an elderly man set up security in his home stole the man's Trezor hardware wallet and used a password also found in the home to transfer $600,000 in cryptocurrency from the man's account to his own digital wallets newser.com/story/319147/cops…
35
110
28
354
What most people think hacking is versus what hacking really is.
129
2,105
327
5,975
179,948
rx13 retweeted
Computers are neat!
Re: zgrep, xzgrep: arbitrary-file-write vulnerability: Posted by Levente Polyak on Apr 08CVE-2022-1271 has been assigned to this issue. Cheers, Levente dlvr.it/SNCFVt
2
43
1
170
rx13 retweeted
Replying to @Cannibal
Made a new wardriving/cycling/walking rig, it has a raspberry pi 4, gps hat, four tplink t2u nano Wi-Fi cards, and a pi-sugar 2 pro battery, it auto runs kismet in wardrive mode and has hostapd for control via my phone. Weighs less than a pound. Next up is 3d printing a case
5
2
27