LightNews LightNews
kreona.bsky.social
@kreona.bsky.social
53 followers 520 following 2 posts
Posts Replies Media Videos
kreona.bsky.social
Crazy times we live in.

jdstaerk.substack.com/p/we-just-fo...
September 8, 2025 at 7:35 PM
Reposted
kennwhite.bsky.social
For those annoyed w/ the final Chrome shutdown of v2 extensions in the last update, I moved from uBlock Origin & Dom Distiller Reader to:
github.com/uBlockOrigin...
and
github.com/ZachSaucier/...
Happy so far. No 3rd party ads & clean Reader mode on demand like Safari. Recommend pinning to toolbar.
GitHub - ZachSaucier/Just-Read: A customizable read mode web extension.
A customizable read mode web extension. Contribute to ZachSaucier/Just-Read development by creating an account on GitHub.
github.com
July 11, 2025 at 5:27 PM
Reposted
whyli.me
Great explainer about why tracking "Salt Typhoon" feels like trying to find a needle in a haystack, when there may or may not even be needles in said haystack
June 11, 2025 at 8:34 PM
Reposted
cwebbonline.com
ICE raids hit across Los Angeles today—and locals are rising up. This is what resistance looks like. ✊🏾

This was about an hour ago…
June 7, 2025 at 1:43 AM
Reposted
markasimos.bsky.social
Does your organization formalize security experts as a powerless scapegoat?

If your security team is blamed (implicitly or explicitly) for decisions they don't make, then your accountability structure is broken.

🧵 - 1 of x
April 19, 2025 at 1:38 PM
Reposted
ciaranm.bsky.social
Chris Krebs is a cyber security hero.
April 11, 2025 at 6:35 PM
Reposted
nathanmcnulty.com
So, uhh, this seems like something that is highly abusable that I bet almost nobody is monitoring for... :-/

learn.microsoft.com/...
April 8, 2025 at 5:24 AM
Reposted
404media.co
Framework Stops Selling Some of Its Laptops in the U.S. Due to Tariffs

The manufacturer says it would now have to sell its laptops at a loss.

🔗 www.404media.co/framework-st...
Framework Stops Selling Some of Its Laptops in the U.S. Due to Tariffs
The manufacturer says it would now have to sell its laptops at a loss.
www.404media.co
April 8, 2025 at 4:35 AM
Reposted
timhodgson.bsky.social
It is 2002. I am 18 years old. We are in a once-in-a-generation economic crisis.

It is 2008. I am 24 years old. We are in a once-in-a-generation economic crisis.

It is 2020. I am 36 years old. We are in a once-in-a-generation economic crisis.

It is 2025. I am 41 years old. We are in a—
image of watchmen's doctor manhattan, a superhero who is entirely blue and nude, sitting on a rock, small in frame, on what is depicted to be a very pink version of the surface of the planet mars. he looks pensive.
April 2, 2025 at 10:01 PM
Reposted
dianafulmer.bsky.social
This is horrifying for the future of American #science. 🧪

F grants fund pre and postdoctoral trainees. If we don’t reverse this trend, we are going to lose a whole generation of scientists.
jeremymberg.bsky.social Jeremy Berg @jeremymberg.bsky.social · Mar 29
F mechanisms (New and Competitive renewals)

Oof!

3/n
March 29, 2025 at 5:49 PM
Reposted
sketchesbyboze.bsky.social
Ray Bradbury; reading for just a few minutes a night can save your life
“I’ll give you a program to follow every night. For the next thousand nights, before you go to bed, read one short story. That’ll take you ten minutes, fifteen minutes. Then read one poem a night from the vast history of poetry … Read the great poets, go back and read Shakespeare, read Alexander Pope, read Robert Frost. One poem a night, one short story a night, one essay a night, for the next 1,000 nights. From various fields: archaeology, zoology, biology, all the great philosophers of time … I want you to read essays in every field. Every night, before you go to bed, you’re stuffing your head with one poem, one short story, one essay—at the end of a thousand nights, you’ll be full of stuff, won’t you?”
March 26, 2025 at 8:04 PM
Reposted
molly.wiki
A scan of a linocut print, which has the text “Free people read freely” in block capitals above a person in a dress reaching to take a book from a large bookshelf
March 15, 2025 at 4:24 PM
Reposted
nathanmcnulty.com
If you work with Entra, you'll want to bookmark and monitor this page 😎

Much of this is in Identity / Secure Score, but it's great to see security guidance cleanly laid out in one doc

You might think this is well known stuff, I assure you it is not :(

learn.microsoft.com/...
March 2, 2025 at 12:46 AM
Reposted
eric.zip
I wanted a script I could run on a new Windows box that would install sysmon with @olafhartong.nl's configs, and set logging best practices with Zach Mathis' (Yamato Security) "EnableWindowsLogSettings" configs.

So I made one! Feel free to inspect it and repurpose.

gist.github.com/ecapuano/42f...
A PowerShell script for installing Sysmon and enabling best-practice audit logs.
A PowerShell script for installing Sysmon and enabling best-practice audit logs. - better_event_logging.ps1
gist.github.com
March 1, 2025 at 8:12 PM
Reposted
mmpadellan.bsky.social
Good morning and Happy Thursday to everyone who agrees with General Milley that Americans do not owe our allegiance to a King, Queen, or a wannabe dictator. We owe our allegiance to the Constitution.

Fuck the nonsense trump says about being a king.
February 20, 2025 at 3:33 PM
Reposted
malwaretech.com
It's been fun watching the LinkedIn cybersecurity gatekeeper crowd rapidly pivot from "you're not qualified to work in cybersecurity if you don't have a degree and certifications" to "actually, I think a 25 year old coder is perfectly qualified to perform a financial audit of the federal gov".
February 15, 2025 at 3:24 AM
Reposted
nathanmcnulty.com
This has come up several times lately, so I think it bears repeating:

"Confirm user compromised" doesn't actually do anything other than set RiskLevel=high and RiskState on an Entra object 😩

You have to actually do something to remediate the risk... :(

learn.microsoft.com/...
February 12, 2025 at 11:23 PM
Reposted
kikta.net
It’s important to note that you don’t really “leave” The Com

Even if you try to quit cold turkey, they will haunt you until the end of your days

And they are rather adept at things like extortion and blackmail

Which is a major problem if you have sensitive access and knowledge
February 8, 2025 at 4:16 AM
Reposted
nytimes.com
Here's a look at some of the highlights worth watching from late-night TV.
Jon Stewart Can’t Keep Up With the Purges
As many as 17 inspectors general were fired by President Trump. “That only leaves — no one knows how many left,” Stewart said. “I have no idea.”
www.nytimes.com
January 28, 2025 at 11:15 AM
Reposted
stamos.org
Deepseek-R1...

1) Is very impressive
2) The 32B version runs very well locally on a 4090
3) Will put a lot of pressure on the big US labs to open-source
4) Will be used in a lot of abuse/spam
5) Has some interesting holes in its knowledge:
January 25, 2025 at 10:35 PM
Reposted
campuscodi.risky.biz
CISA has published a playbook on how organizations can fully employ the newly introduced logging capabilities in Microsoft Purview Audit (Standard) to better detect threats

www.cisa.gov/resources-to...
January 19, 2025 at 7:11 PM
kreona.bsky.social
rhinosecuritylabs.com/aws/s3-ranso...

Rhino Security Labs developed a proof of concept “cloud ransomware” using KMS to encrypt objects within Amazon S3 buckets of a compromised AWS account.
S3 Ransomware Part 1: Attack Vector - Rhino Security Labs
In part one of this two-part blog series, we detail the attack vector of Amazon S3 Ransomware. We also include a PoC script to demonstrate the attack.
rhinosecuritylabs.com
January 8, 2025 at 2:49 AM
Reposted
pylos.co
Ooooh this looks like the first in an excellent series of posts from the always awesome SpecterOps folks:
posts.specterops.io/attacking-en...
Attacking Entra Metaverse: Part 1
This is part one in a two (maybe three…) part series regarding attacker tradecraft around the syncing mechanics between Active Directory…
posts.specterops.io
December 27, 2024 at 3:16 PM