André 3001
@andrevdw.bsky.social
Cyber Janitor. Mangler of machines.
Defender of the realm.
Defender of the realm.
Reposted by André 3001
There's a prevailing idea in the UK that a customs union with the EU would be a compromise solution if single market membership is not possible, e.g @eddavey.libdems.org.uk and @jonathanfreedland.bsky.social recently. But a customs union is, from a trade policy, a more radical step. (1/N)
November 23, 2025 at 1:25 PM
There's a prevailing idea in the UK that a customs union with the EU would be a compromise solution if single market membership is not possible, e.g @eddavey.libdems.org.uk and @jonathanfreedland.bsky.social recently. But a customs union is, from a trade policy, a more radical step. (1/N)
Reposted by André 3001
The government could, of course, just fix the bizarre (and bad) flaw in the tax system that makes people pay a marginal rate of 62% (or 71% with student loans) at £100k, vs 42% at £99k or £126k – which is why people use salary sacrifice.
They could do this in ways that *raise more revenue*.
They could do this in ways that *raise more revenue*.
FT WEEKEND: Ukraine deal risks loss of dignity or US support, Zelenskyy warns #TomorrowsPapersToday
November 21, 2025 at 10:02 PM
The government could, of course, just fix the bizarre (and bad) flaw in the tax system that makes people pay a marginal rate of 62% (or 71% with student loans) at £100k, vs 42% at £99k or £126k – which is why people use salary sacrifice.
They could do this in ways that *raise more revenue*.
They could do this in ways that *raise more revenue*.
Reposted by André 3001
“Silently patching vulnerabilities is an established bad practice that enables attackers and harms defenders." @catc0n.bsky.social
decipher.sc/2025/11/17/f...
decipher.sc/2025/11/17/f...
Fortinet CVE-2025-64446 Under Active Attack - Decipher
That vulnerability (CVE-2025-64446) affects several versions of FortiWeb and CISA has added it to its Known Exploited Vulnerabilities catalog.
decipher.sc
November 17, 2025 at 3:28 PM
“Silently patching vulnerabilities is an established bad practice that enables attackers and harms defenders." @catc0n.bsky.social
decipher.sc/2025/11/17/f...
decipher.sc/2025/11/17/f...
Reposted by André 3001
Researchers tried plugging every possible phone number into WhatsApp's web app. They found they could collect 3.5 billion users' phone numbers, plus photos for half and profile text for more than a third, the biggest personal data exposure ever by some measures. www.wired.com/story/a-simp...
A Simple WhatsApp Security Flaw Exposed 3.5 Billion Phone Numbers
By plugging tens of billions of phone numbers into WhatsApp’s contact discovery tool, researchers found “the most extensive exposure of phone numbers” ever—along with profile photos and more.
www.wired.com
November 18, 2025 at 2:04 PM
Researchers tried plugging every possible phone number into WhatsApp's web app. They found they could collect 3.5 billion users' phone numbers, plus photos for half and profile text for more than a third, the biggest personal data exposure ever by some measures. www.wired.com/story/a-simp...
Reposted by André 3001
Dutch police have seized 250 servers linked to an unnamed bulletproof hosting provider
www.politie.nl/nieuws/2025/...
www.politie.nl/nieuws/2025/...
Duizenden servers in beslaggenomen in omvangrijk cybercrime onderzoek
In een onderzoek naar een malafide hostingbedrijf zijn door het team cybercrime Oost-Nederland duizenden servers in beslaggenomen. Het hostingbedrijf wordt volgens de politie enkel en alleen gebruikt ...
www.politie.nl
November 16, 2025 at 7:51 PM
Dutch police have seized 250 servers linked to an unnamed bulletproof hosting provider
www.politie.nl/nieuws/2025/...
www.politie.nl/nieuws/2025/...
Reposted by André 3001
Reposted by André 3001
A brand new unlisted extension with 100,000 users? 41 ratings? Must be really valuable.
Nope - completely manipulated stats and it doesn't even contain real code. It exists only to collect your searches and earn Bing Rewards.
Nope - completely manipulated stats and it doesn't even contain real code. It exists only to collect your searches and earn Bing Rewards.
November 14, 2025 at 5:14 PM
A brand new unlisted extension with 100,000 users? 41 ratings? Must be really valuable.
Nope - completely manipulated stats and it doesn't even contain real code. It exists only to collect your searches and earn Bing Rewards.
Nope - completely manipulated stats and it doesn't even contain real code. It exists only to collect your searches and earn Bing Rewards.
Reposted by André 3001
While AI companies are allowed to slurp everything they want, Quad9 warns that legal fees are drowning DNS resolvers, which are now being targeted by copyright owners to enforce blocks on piracy sites
quad9.net/news/blog/wh...
quad9.net/news/blog/wh...
Quad9 | A public and free DNS service for a better security and privacy
A public and free DNS service for a better security and privacy
quad9.net
November 10, 2025 at 10:53 PM
While AI companies are allowed to slurp everything they want, Quad9 warns that legal fees are drowning DNS resolvers, which are now being targeted by copyright owners to enforce blocks on piracy sites
quad9.net/news/blog/wh...
quad9.net/news/blog/wh...
Reposted by André 3001
From vendor to ESC1 medium.com/@Debugger/fr...
From vendor to ESC1
This post isn’t about vendor-bashing. With attacks against Active Directory Certificate Services (ADCS) increasing, I want to show how…
medium.com
November 8, 2025 at 7:31 PM
From vendor to ESC1 medium.com/@Debugger/fr...
Reposted by André 3001
"Reactions... in political Brussels are often characterised by surprise or nervousness. Even high-ranking employees responsible for data protection and digital regulation would not have expected the precision of openly traded mobile phone location data." netzpolitik.org/2025/databro...
Databroker Files: Targeting the EU
Precise locations and revealing movement patterns: the mobile phone location data of millions of people in the EU is up for sale. Collected supposedly only for advertising purposes, this data can also...
netzpolitik.org
November 4, 2025 at 2:03 PM
"Reactions... in political Brussels are often characterised by surprise or nervousness. Even high-ranking employees responsible for data protection and digital regulation would not have expected the precision of openly traded mobile phone location data." netzpolitik.org/2025/databro...
Reposted by André 3001
Reposted by André 3001
You know how cybersecurity is a market for lemons? This creates an opportunity for lemonade makers.
I share some thoughts on why and how this happens.
open.substack.com/pub/defender...
I share some thoughts on why and how this happens.
open.substack.com/pub/defender...
Cybersecurity - A Market for Lemonade
What else are you going to do with all these cyber lemons?
open.substack.com
November 3, 2025 at 10:14 PM
You know how cybersecurity is a market for lemons? This creates an opportunity for lemonade makers.
I share some thoughts on why and how this happens.
open.substack.com/pub/defender...
I share some thoughts on why and how this happens.
open.substack.com/pub/defender...
Reposted by André 3001
Blog post about my recent CVE-2025-58726, aka “The Ghost Reflection” is out, read it here:
semperis.com/blog/exploit...
🙃
semperis.com/blog/exploit...
🙃
Exploiting Ghost SPNs and Kerberos Reflection for SMB Privilege Elevation
Understanding how attackers use Ghost Service Principal Names to initiate authentication reflection can help you avoid similar vulnerabilities.
semperis.com
October 29, 2025 at 5:19 PM
Blog post about my recent CVE-2025-58726, aka “The Ghost Reflection” is out, read it here:
semperis.com/blog/exploit...
🙃
semperis.com/blog/exploit...
🙃
Reposted by André 3001
Some new #WTFBins for your entertainment/edification! We now have 50 total in the catalogue!
wtfbins.wtf
wtfbins.wtf
WTFBins
WTFBins: benign applications that exhibit suspicious behavior
wtfbins.wtf
October 29, 2025 at 5:27 AM
Some new #WTFBins for your entertainment/edification! We now have 50 total in the catalogue!
wtfbins.wtf
wtfbins.wtf
Reposted by André 3001
Firewalls and VPNs are so complex now, they can actually make you less secure
Firewalls and VPNs are so complex now, they can actually make you less secure
A report from cyber-insurer At-Bay fingers Cisco and Citrix VPNs as
Organizations using Cisco and Citrix VPN devices were nearly seven times as likely to suffer a ransomware infection over a 15-month period, according to At-Bay, a provider of cyber insurance and a vendor of managed detection and response products.…
dlvr.it
October 28, 2025 at 11:32 PM
Firewalls and VPNs are so complex now, they can actually make you less secure
Reposted by André 3001
I have a very bad feeling about this...
October 27, 2025 at 4:51 PM
I have a very bad feeling about this...
Reposted by André 3001
Reposted by André 3001
Today I learned: SeManageVolumePrivilege
While reading the HTB write-up for Certificate, I learned about SeManageVolumePrivilege. [1]
A video by Grzegorz Tworek goes into great detail about how to abuse SeManageVolumePrivilege.[2]
While reading the HTB write-up for Certificate, I learned about SeManageVolumePrivilege. [1]
A video by Grzegorz Tworek goes into great detail about how to abuse SeManageVolumePrivilege.[2]
October 25, 2025 at 7:32 AM
Today I learned: SeManageVolumePrivilege
While reading the HTB write-up for Certificate, I learned about SeManageVolumePrivilege. [1]
A video by Grzegorz Tworek goes into great detail about how to abuse SeManageVolumePrivilege.[2]
While reading the HTB write-up for Certificate, I learned about SeManageVolumePrivilege. [1]
A video by Grzegorz Tworek goes into great detail about how to abuse SeManageVolumePrivilege.[2]
Reposted by André 3001
Just discovered a new RAT at #hacklu and it seems the name can confuse a lot of french-speaking persons.
RATatouille
Not sure it''s a good idea for the SEO of the RAT author. ;-)
🔗 https://www.aikido.dev/blog/catching-a-rat-remote-access-trojian-rand-user-agent-supply-chain-compromise
#rat […]
RATatouille
Not sure it''s a good idea for the SEO of the RAT author. ;-)
🔗 https://www.aikido.dev/blog/catching-a-rat-remote-access-trojian-rand-user-agent-supply-chain-compromise
#rat […]
Original post on infosec.exchange
infosec.exchange
October 21, 2025 at 1:08 PM
Just discovered a new RAT at #hacklu and it seems the name can confuse a lot of french-speaking persons.
RATatouille
Not sure it''s a good idea for the SEO of the RAT author. ;-)
🔗 https://www.aikido.dev/blog/catching-a-rat-remote-access-trojian-rand-user-agent-supply-chain-compromise
#rat […]
RATatouille
Not sure it''s a good idea for the SEO of the RAT author. ;-)
🔗 https://www.aikido.dev/blog/catching-a-rat-remote-access-trojian-rand-user-agent-supply-chain-compromise
#rat […]
Reposted by André 3001
Second story from a recent coffee break with my pentest colleague. During a retest for a client, they discovered the same ESC1 vulnerability they had reported before. Why is that dangerous and also super critical?
October 18, 2025 at 6:46 AM
Second story from a recent coffee break with my pentest colleague. During a retest for a client, they discovered the same ESC1 vulnerability they had reported before. Why is that dangerous and also super critical?
Reposted by André 3001
When you find £3bn down the back of the sofa: www.theguardian.com/business/202...
Rachel Reeves given extra £3bn for budget after VAT error fixed
ONS says public borrowing estimates have been out by £200m-£500m a month since January
www.theguardian.com
October 8, 2025 at 9:29 AM
When you find £3bn down the back of the sofa: www.theguardian.com/business/202...
Reposted by André 3001
📣 Big thanks to MalwareBazaar Top Contributor "JAMESWT_WT" 🙇
First seen: 30 March 2020 and since then, they’ve shared 45,994 malware samples.
In the last 30 days alone, they have dropped 1,472 new samples, that’s +30% ⬆️ from the previous month, with 631 samples shared on September 30th. 🔥🔥
First seen: 30 March 2020 and since then, they’ve shared 45,994 malware samples.
In the last 30 days alone, they have dropped 1,472 new samples, that’s +30% ⬆️ from the previous month, with 631 samples shared on September 30th. 🔥🔥
October 6, 2025 at 12:30 PM
📣 Big thanks to MalwareBazaar Top Contributor "JAMESWT_WT" 🙇
First seen: 30 March 2020 and since then, they’ve shared 45,994 malware samples.
In the last 30 days alone, they have dropped 1,472 new samples, that’s +30% ⬆️ from the previous month, with 631 samples shared on September 30th. 🔥🔥
First seen: 30 March 2020 and since then, they’ve shared 45,994 malware samples.
In the last 30 days alone, they have dropped 1,472 new samples, that’s +30% ⬆️ from the previous month, with 631 samples shared on September 30th. 🔥🔥
Reposted by André 3001
GDPR is a great example of the sort of regulation which (I) creates a bunch of effort for people who want to comply (ii) gets innocently over-zealously deployed (III) becomes deployed as an excuse for orgs not to do things they don't want to and (iv)is fairly easily disregarded by those who want to.
Also actually I am sick of how much you hear about GDPR when absolutely every fucker signs you up to their email list by default no matter how careful you are not to opt in.
October 3, 2025 at 9:29 PM
GDPR is a great example of the sort of regulation which (I) creates a bunch of effort for people who want to comply (ii) gets innocently over-zealously deployed (III) becomes deployed as an excuse for orgs not to do things they don't want to and (iv)is fairly easily disregarded by those who want to.
Reposted by André 3001
September 24, 2025 at 3:10 PM