Marc Smeets
@marcoverip.bsky.social
Does a thing or two with red teaming @ Outflank | part time race and drift car instructor
Pinned
Marc Smeets
@marcoverip.bsky.social
· Feb 22
Welcome Project #HammBal
Goals: transferring this 2009 BMW 125i into a full race and drift car, weighing less than 1300kg, able to do Zandvoort sub 2min easily and have some fun along the way.
Not an ‘easy’ project, but also not hard. Ill try to update this thread as I go over the next few months.
Goals: transferring this 2009 BMW 125i into a full race and drift car, weighing less than 1300kg, able to do Zandvoort sub 2min easily and have some fun along the way.
Not an ‘easy’ project, but also not hard. Ill try to update this thread as I go over the next few months.
Reposted by Marc Smeets
June 14, 2025 at 8:19 PM
Reposted by Marc Smeets
Received the news today that my talk "Advanced Active Directory to Entra ID lateral movement techniques" was also accepted for @defcon.bsky.social 🎉 hope to see everyone there!
June 10, 2025 at 12:28 PM
Received the news today that my talk "Advanced Active Directory to Entra ID lateral movement techniques" was also accepted for @defcon.bsky.social 🎉 hope to see everyone there!
Reposted by Marc Smeets
Reposted by Marc Smeets
I ran an experiment, simultaneously posting articles on Bluesky and X, and then testing to see how many people actually clicked and read them. The numbers on Bluesky are higher, both because the X algorithm downranks journalism, and because Bluesky attracts readers, not just shitposters.
June 9, 2025 at 4:37 PM
I ran an experiment, simultaneously posting articles on Bluesky and X, and then testing to see how many people actually clicked and read them. The numbers on Bluesky are higher, both because the X algorithm downranks journalism, and because Bluesky attracts readers, not just shitposters.
Charging our ID.Buzz twice as fast 👌😂
June 7, 2025 at 6:20 AM
Charging our ID.Buzz twice as fast 👌😂
Evidence nr 427 you need to ditch all things Meta if you value your privacy.
Yuck. Meta apps listen on localhost on Android so that tracking scripts can talk to apps, and Meta can monitor your browsing and tie it to identity. Why is that allowed? www.theregister.com/2025/06/03/m...
Meta Pixel halts Android localhost tracking after disclosure
: Zuckercorp and Yandex used localhost loophole to tie browser data to app users, say boffins
www.theregister.com
June 4, 2025 at 4:46 AM
Evidence nr 427 you need to ditch all things Meta if you value your privacy.
Reposted by Marc Smeets
It's all very well calling the Netherlands "the Italy of the North", but it's in fact pretty unfair to Italy which has a boringly stable government these days.
June 3, 2025 at 8:00 AM
It's all very well calling the Netherlands "the Italy of the North", but it's in fact pretty unfair to Italy which has a boringly stable government these days.
No no, the question is why *you* aren’t having champagne with your shoarma.
May 29, 2025 at 5:48 PM
No no, the question is why *you* aren’t having champagne with your shoarma.
Reposted by Marc Smeets
GreyNoise Discovers Stealthy Backdoor Campaign Targeting ASUS Routers. Attacker tradecraft reflects APT-like behavior: quiet, durable, and designed for long-term access. Full blog ⬇️
#Cybersecurity #ThreatIntel #GreyNoise #ASUS
#Cybersecurity #ThreatIntel #GreyNoise #ASUS
GreyNoise Discovers Stealthy Backdoor Campaign Affecting Thousands of ASUS Routers
GreyNoise uncovers a stealth campaign exploiting ASUS routers, enabling persistent backdoor access via CVE-2023-39780 and unpatched techniques. Learn how attackers evade detection, how GreyNoise disco...
www.greynoise.io
May 28, 2025 at 1:33 PM
GreyNoise Discovers Stealthy Backdoor Campaign Targeting ASUS Routers. Attacker tradecraft reflects APT-like behavior: quiet, durable, and designed for long-term access. Full blog ⬇️
#Cybersecurity #ThreatIntel #GreyNoise #ASUS
#Cybersecurity #ThreatIntel #GreyNoise #ASUS
Reposted by Marc Smeets
Something, something, EU in crisis. Time we stop thinking about the EU's impending demise and start thinking about its impending rise.
Trust in European Union at highest since 2007, poll shows reut.rs/4k9VQ5z
Trust in European Union at highest since 2007, poll shows
Trust in the European Union and its institutions has risen to an almost two-decade high, a report released on Wednesday shows, as U.S. President Donald Trump upends global trade and foreign policy.
reut.rs
May 28, 2025 at 3:02 PM
Something, something, EU in crisis. Time we stop thinking about the EU's impending demise and start thinking about its impending rise.
Reposted by Marc Smeets
If your business model doesn’t work without breaking the law, then you’re not in business.
You’re in organized crime.
You’re in organized crime.
Nick Clegg says asking artists for use permission would ‘kill’ the AI industry
Nick Clegg says asking artists for use permission would ‘kill’ the AI industry
Paul McCartne, Elton John and others signed an open letter.
buff.ly
May 26, 2025 at 9:09 PM
If your business model doesn’t work without breaking the law, then you’re not in business.
You’re in organized crime.
You’re in organized crime.
Once again Saturday at the Monaco F1 GP is just pure awesomeness. Mind blowing how fast these cars go through the streets. Top notch stuff. Congrats to Norris for taking pole position.
May 24, 2025 at 3:25 PM
Once again Saturday at the Monaco F1 GP is just pure awesomeness. Mind blowing how fast these cars go through the streets. Top notch stuff. Congrats to Norris for taking pole position.
Reposted by Marc Smeets
America is in danger of experiencing an academic brain drain
economist.com/science-and-...
economist.com/science-and-...
May 22, 2025 at 8:59 PM
America is in danger of experiencing an academic brain drain
economist.com/science-and-...
economist.com/science-and-...
Reposted by Marc Smeets
Wow: after 15 years, YouTube has taken down the original 'Rick Roll' video due to a "licensing issue," likely due to the acquisition of Astley's record lable.
The metadata remains, but if you click through it goes to 'video not found':
www.youtube.com/watch?v=dQw4...
The metadata remains, but if you click through it goes to 'video not found':
www.youtube.com/watch?v=dQw4...
Rick Astley - Never Gonna Give You Up (Official Music Video)
YouTube video by Rick Astley
www.youtube.com
May 19, 2025 at 6:45 PM
Wow: after 15 years, YouTube has taken down the original 'Rick Roll' video due to a "licensing issue," likely due to the acquisition of Astley's record lable.
The metadata remains, but if you click through it goes to 'video not found':
www.youtube.com/watch?v=dQw4...
The metadata remains, but if you click through it goes to 'video not found':
www.youtube.com/watch?v=dQw4...
Reposted by Marc Smeets
Microsoft has disabled the ICC Chief prosecutors email account.
But let’s keep all dependencies on US IT alive. What could possibly go wrong?
www.techzine.eu/news/privacy...
But let’s keep all dependencies on US IT alive. What could possibly go wrong?
www.techzine.eu/news/privacy...
Microsoft's ICC blockade: digital dependence comes at a cost
In February, the United States imposed sanctions on the International Criminal Court (ICC) in The Hague. As a result, Chief Prosecutor Karim Khan has no
www.techzine.eu
May 20, 2025 at 6:07 AM
Microsoft has disabled the ICC Chief prosecutors email account.
But let’s keep all dependencies on US IT alive. What could possibly go wrong?
www.techzine.eu/news/privacy...
But let’s keep all dependencies on US IT alive. What could possibly go wrong?
www.techzine.eu/news/privacy...
Reposted by Marc Smeets
Volkswagen fixed vulnerabilities in its mobile app that could allow attackers to hijack user accounts and retrieve car/owner details.
The app lacked brute-force protection, stored internal credentials in plaintext, and exposed any car owner's details via a VIN.
loopsec.medium.com/hacking-my-c...
The app lacked brute-force protection, stored internal credentials in plaintext, and exposed any car owner's details via a VIN.
loopsec.medium.com/hacking-my-c...
Hacking My Car, and probably yours— Security Flaws in Volkswagen’s App
This flaw made me the owner of thousands of cars (sort of).
loopsec.medium.com
May 18, 2025 at 2:16 PM
Volkswagen fixed vulnerabilities in its mobile app that could allow attackers to hijack user accounts and retrieve car/owner details.
The app lacked brute-force protection, stored internal credentials in plaintext, and exposed any car owner's details via a VIN.
loopsec.medium.com/hacking-my-c...
The app lacked brute-force protection, stored internal credentials in plaintext, and exposed any car owner's details via a VIN.
loopsec.medium.com/hacking-my-c...
Reposted by Marc Smeets
Europe needs a sovereign cloud, ASAP
May 16, 2025 at 12:51 PM
Europe needs a sovereign cloud, ASAP
Reposted by Marc Smeets
Reposted by Marc Smeets
If I’m elected President, my first executive order will require that no app can ever log you out due to credential expiration, even if you don’t use it for a year.
May 13, 2025 at 10:56 PM
If I’m elected President, my first executive order will require that no app can ever log you out due to credential expiration, even if you don’t use it for a year.
Didn’t know this impressive fact. @xpnsec.com did you?
Each year, Eurovision has more live viewers than the Super Bowl, Oscars and Grammys combined. This shocks Europeans when I tell them.
So check it out. Live semi-final 1 airing now: www.youtube.com/live/0HNXVB2...
So check it out. Live semi-final 1 airing now: www.youtube.com/live/0HNXVB2...
Eurovision Song Contest 2025 - First Semi-Final - Livestream | #Eurovision2025
YouTube video by Eurovision Song Contest
www.youtube.com
May 13, 2025 at 8:47 PM
Didn’t know this impressive fact. @xpnsec.com did you?
“Somehow your engine turning off at stop lights to save you money on fuel is so-called woke or anti-American, I guess?”
Read More: www.jalopnik.com/1857889/trum...
Read More: www.jalopnik.com/1857889/trum...
May 12, 2025 at 8:16 PM
“Somehow your engine turning off at stop lights to save you money on fuel is so-called woke or anti-American, I guess?”
Read More: www.jalopnik.com/1857889/trum...
Read More: www.jalopnik.com/1857889/trum...
Reposted by Marc Smeets
Cobalt Strike 4.11.1 is live--this out of band release addresses and issue with module stomping. Additionally, an "enable SSL" checkbox and deprecation warning for stomp loader have been added. Get more details in the blog:
www.cobaltstrike.com/blog/out-of-...
www.cobaltstrike.com/blog/out-of-...
Out of Band Update: Cobalt Strike 4.11.1 | Cobalt Strike
4.11.1 fixes a module stomping issue. Additionally, an "enable SSL" checkbox and deprecation warning for stomp loader have been added.
www.cobaltstrike.com
May 12, 2025 at 7:10 PM
Cobalt Strike 4.11.1 is live--this out of band release addresses and issue with module stomping. Additionally, an "enable SSL" checkbox and deprecation warning for stomp loader have been added. Get more details in the blog:
www.cobaltstrike.com/blog/out-of-...
www.cobaltstrike.com/blog/out-of-...
What the hell?! What is wrong with people?!
May 12, 2025 at 6:05 AM
What the hell?! What is wrong with people?!
I miss the times when Google was still that “Don’t be evil” company
Google Search quality has reportedly declined in recent years, this change was intentional 😱
May 12, 2025 at 4:53 AM
I miss the times when Google was still that “Don’t be evil” company