Security Engineer and Code Monkey || Code. Cybersecurity. Space. Sarcasm. Tweets are $null.
USA
Joined April 2009
- Tweets 3,398
- Following 180
- Followers 180
- Likes 2,438
Pinned Tweet
If you like thankless customers, steep learning curves, ungodly hours and soul crushing imposter syndrome, then infosec may be the right career for you.
Sign up by giving this random suit all your PII in triplicate and fall down these stairs to begin your life as a security pro
3
2
rx13 retweeted
A friend's father had his PC taken over by scammers.... just doing a bit of forensics on it to work out what happened.
First sign is a download of amazon_security.exe which is actually Supremo Remote Desktop. supremocontrol.com/
55
544
70
2,778
Remember us, PSCB?
We remember you and decided to check your vulns...
Tsk. Tsk. Not patched. We grabbed another 270GB.
Fuck Vladimir Putin.
#SlavaUkraini
90
449
27
3,165
I lost my Facebook Instagram tiktok Gmail Google Amazon Netflix prime PayPal bank youtube whatsapp telegram discord twitter reddit Skype microsoft LinkedIn wechat password. Help lol
I lost my Facebook Instagram tiktok Gmail Google Amazon Netflix prime PayPal bank youtube whatsapp telegram discord twitter reddit Skype microsoft LinkedIn wechat password. Help lol
Show this thread
Holy crap: Although it was barely mentioned in the briefing, the CA9 just held in a single sentence, in a precedential opinion, that Internet content preservation isn't a seizure. And TOS eliminate all Internet privacy. Here's the entire discussion. Lordy.
cdn.ca9.uscourts.gov/datasto…
102
932
253
1,762
🏴 Capture the flag, coming your way from @CISAgov and @INL!
Participants will determine how attackers compromised #IT and #ICS networks & gather the information needed to stop the threat from inflicting lasting damage.
Sign up today: icsjwgctf.com
5
114
10
230
rx13 retweeted
NtHiM (Now, the Host is Mine!) is a Rust-based systems project, enabling security enthusiasts to discover subdomain takeover vulnerabilities in hostnames from different organizations. See a demo from @WHOISbinit at #BHASIA Arsenal informatech.co/3vRls0U
6
2
21
The Brooklyn Public Library has announced that any teenager in America is now eligible for a Brooklyn Public Library card.
Teens can sign out ebooks + audiobooks from wherever they live.
The move is designed to combat censorship, with some titles listed as "always available."
722
25,130
3,995
72,337
rx13 retweeted
This was patched in Oracle's April 2022 security updates.
Also a good thread here:
Welp. It’s the crypto bug of the year. Mark it down for April. Java 15-18 ECDSA doesn’t sanity check that the random x coordinate and signature proof are nonzero; a (0,0) signature validates any message. Breaks JWT, SAML, &c. neilmadden.blog/2022/04/19/p…
Show this thread
1
6
17
rx13 retweeted
WOW.
Bloomberg finally opensourced memray—a new versatile memory profile for Python. Can't way to use it.
Thread 👇
105
3,034
205
14,852
JSC Bank PSCB, you are now controlled by Network Battalion 65. We're very thankful that you store so many credentials in Chrome. Well done.
It's obvious that incident response has started. Good luck getting your data back without us.
Tell your government to GTFO of #Ukraine
173
921
123
4,450
rx13 retweeted
kdigger (short for Kubernetes digger), is a context discovery tool for Kubernetes penetration testing. It’s a compilation of various plugins called buckets, to facilitate pentesting Kubernetes from inside a pod. See a demo at #BHASIA Arsenal informatech.co/3utRi1d
5
1
9
rx13 retweeted
GitHub has uncovered evidence that an attacker abused stolen OAuth user tokens issued to two third-party OAuth integrators, Heroku and Travis-CI. Read more about the impact to GitHub, npm, and our users. github.blog/2022-04-15-secur…
24
832
121
1,125
rx13 retweeted
A "certified ethical hacker" hired to help an elderly man set up security in his home stole the man's Trezor hardware wallet and used a password also found in the home to transfer $600,000 in cryptocurrency from the man's account to his own digital wallets newser.com/story/319147/cops…
35
110
28
354
rx13 retweeted
What most people think hacking is versus what hacking really is.
129
2,105
327
5,975
179,948
rx13 retweeted
Computers are neat!
Re: zgrep, xzgrep: arbitrary-file-write vulnerability: Posted by Levente Polyak on Apr 08CVE-2022-1271 has been assigned to this issue.
Cheers,
Levente dlvr.it/SNCFVt
2
43
1
170
rx13 retweeted
Made a new wardriving/cycling/walking rig, it has a raspberry pi 4, gps hat, four tplink t2u nano Wi-Fi cards, and a pi-sugar 2 pro battery, it auto runs kismet in wardrive mode and has hostapd for control via my phone. Weighs less than a pound. Next up is 3d printing a case
5
2
27
rx13 retweeted
PancakesCon 3 - Elle Armageddon - Keynote invidious.fdn.fr/NvrGZXIIEfQ via @YouTube
1
12
5
50