Ron Bowes
LightNews LightNews
banner
iagox86.bsky.social
Ron Bowes
@iagox86.bsky.social
3.2K followers 700 following 1.1K posts
Principal Security Researcher at GreyNoise. https://skullsecurity.org

Mostly post about work stuff, maybe some improv stuff and maybe even magic some day. Seattle-based (originally Canadian), queer, cybersecurity nerd.

(He/him)
Posts Replies Media Videos
iagox86.bsky.social
I'm forever mixing up these two, shape and color both
Jellyfin and Obsidian icons
November 28, 2025 at 5:55 PM
iagox86.bsky.social
Every week or so, the preview that is didn't ask for, don't use, and don't want expires.

After nearly 10 years, all I can think of is how much I miss the old Duolingo
Duolingo pop-up saying that my "Super Family preview" expired
November 14, 2025 at 5:25 AM
iagox86.bsky.social
"It's my fault, I asked if you could read, not if you could count" "if I could count I wouldn't have had four children"

--Gabriella Lester and her volunteer at Scoopfest

@heyscoops.bsky.social
Gabriella Lester and her volunteer
September 27, 2025 at 4:43 AM
iagox86.bsky.social
Couple more
Michael Goudeau eating a tomato while juggling Michael Goudeau getting into a trashbag
September 26, 2025 at 10:56 PM
iagox86.bsky.social
Wow, Michael Goudeau performed at Scoopfest! I didn't think I'd ever get to see him perform!

@heyscoops.bsky.social
Michael Goudeau juggling tomatoes Michael Goudeau wondering how tall the room is Michael Goudeau with a rubber band in his hair Michael Goudeau passing clubs
September 26, 2025 at 10:07 PM
iagox86.bsky.social
Nick Paul and @mindnoodler.bsky.social performing magic at Scoopfest!

@heyscoops.bsky.social
Matt shrink-wrapped Matt and Nick Paul on stage Nick Paul with his duplicating wine bottles
September 26, 2025 at 6:27 PM
iagox86.bsky.social
Lindsay Benner and Gary @ Scoopfest! What a cool show!

@heyscoops.bsky.social
Lindsay Benner juggling knives Lindsay Benner balancing cups on her head Lindsay Benner with a ball in her mouth Gary doing a book trick to introduce Lindsay Benner
September 26, 2025 at 6:22 PM
iagox86.bsky.social
The Bucket Show @heyscoops.bsky.social
Rock Opera improv Interrogation improv
September 25, 2025 at 5:37 AM
iagox86.bsky.social
Good job, YouTube app! Video was playing all night behind the sleep notification
A "time's up!" dialog over a video that, I assure you, was still playing
September 24, 2025 at 12:26 PM
iagox86.bsky.social
A trump puppet with a crown on stage with Gwar (Winnipeg 2017)
September 23, 2025 at 3:22 AM
iagox86.bsky.social
Birds are physically healthy but don't like being bird-rritos!

#parrot #conure
Sharp - our green cheek conure - wrapped in a towel Sharp - our green cheek conure - wrapped in a towel Clang - our green cheek conure - wrapped in a towel Clang - our green cheek conure - wrapped in a towel
September 18, 2025 at 7:26 PM
iagox86.bsky.social
Created a Bluesky account for the improv troupe I'm a part of, @theymightbeghosts.bsky.social!

I created an Instagram account, and they instantly and permanently banned me seconds after creating the account. What an awful platform!
Email from Instagram: " We disabled your account, theymightbeghosts Hi theymightbeghosts, We reviewed your account and found that it still doesn’t follow our Community Standards. As a result, your account has been permanently disabled. Learn how our Community Standards help keep the Instagram community an authentic and respectful place for people to express themselves."
August 27, 2025 at 2:25 AM
iagox86.bsky.social
Who wants to listen to my new podcast?

#bird #birb
A green cheek conure (named Sharp) (American Dilute colors) chewing my microphone
June 24, 2025 at 6:26 PM
iagox86.bsky.social
Of all things for Akamai to flag, it's hilarious that they're mad about a .sys file associated with 20yr old malware
An Akamai abuse report for hosting "boot32drv.sys", associated with the Flame malware from the dark ages
June 17, 2025 at 11:28 PM
iagox86.bsky.social
LOL @ WatchTowr's writeup for CVE-2024-48248!

labs.watchtowr.com/the-best-sec...
"We would be shocked if a vendor tried to sweep a vulnerability this serious under a rug, and knowingly give their customers a misplaced sense of security. Regardless, we applied for a CVE number ourselves and were allocated CVE-2024-48248, so we can at least reference the vulnerability by this name."
March 31, 2025 at 7:36 PM
iagox86.bsky.social
Reading my journal, discovered it's been about 2 years since I got my US citizenship. I wrote down the questions they asked me on my Civics exam.

These days, that first question sure doesn't feel like it aged well...
Questions from my citizenship exam, the first one being: "What is the rule of law? (no one, including the president, is above the law)"
March 11, 2025 at 5:16 PM
iagox86.bsky.social
TIL that ncat needs the `--no-shutdown` flag if you're going to echo-pipe into it - I've run into this issue dozens of times and only just realized what's going on.

You can also use `(echo "..."; sleep 1) | ncat ...`, which is what I've done in the past when I thought it was the server's fault
Two commands: The first one, which fails: $ echo -ne 'HEAD / HTTP/1.0\r\n\r\n' | ncat -v 127.0.0.1 4080 The second one, which works: $ echo -ne 'HEAD / HTTP/1.0\r\n\r\n' | ncat -v --no-shutdown 127.0.0.1 4080
March 10, 2025 at 8:22 PM
iagox86.bsky.social
Hey, uh, people scanning the internet? Y'all're supposed to populate the Nuclei templates, not just send them whole cloth.

Hope this helps!
An exploit body containing placeholders such as {{csrf}} and {{randstr}} (instead of actually generating values)
March 4, 2025 at 9:36 PM
iagox86.bsky.social
Holy shit Metasploit added this feature. We're doomed y'all!
Starting a Metasploit handler on port 60103
February 26, 2025 at 9:12 PM
iagox86.bsky.social
Oh no, I found one that uses port 59142, which I guess is 960 ports less sophisticated than these attackers
A screenshot of an HTTP request that wgets malware over port 59142
February 26, 2025 at 8:51 PM
iagox86.bsky.social
I don't want to scare y'all, but I just checked the @greynoise.io sensor logs and found over 1000 sessions in the last hour that used this sophisticated technique (ie, attempted to download malware over ephemeral ports)!!
A news story from today: Headline: Threat Actors Using Ephemeral Port 60102 for Covert Malware Communications Recent cybersecurity investigations have uncovered a sophisticated technique employed by threat actors to evade detection during malware distribution. Attackers are leveraging ephemeral port 60102, typically reserved for temporary communications, as a service port for covert malware transmission. This approach bypasses traditional monitoring systems, which often focus on scanning standard service ports such as 80 or 443.
February 26, 2025 at 8:49 PM
iagox86.bsky.social
Screenshots so you don't have to visit that site

Their link is: t.co/nKGXFBXSxB
A statement from Newsmax on the Trump administration's barring of The Associated Press. Newsmax was one of dozens of media orgs that signed a letter to the White House in support of The Α.Ρ We can understand President Trump's frustration because the media has often been unfair to him, but Newsmax stil supports the A's right, as a private organization, to use the language it wants to use in its reporting. We fear a tuture administration may not like something Newsmax writes and seek to ban us. This is why news organizations like Newsmax and Fox News are supporting the AP's First Amenciment rights though we may disagree with its editorial point of view from time to time.
February 21, 2025 at 3:57 PM
iagox86.bsky.social
I don't think I realized that `strncpy()` will pad the buffer with NUL bytes, I thought it simply stopped copying at the NUL.

Even after decades of doing this, there's always more to learn!
Manpage for strncpy with the text highlighted: These functions copy non-null bytes from the string pointed to by src into the array pointed to by dst. If the source has too few non-null bytes to fill the destination, the functions pad the destination with trailing null bytes.
January 23, 2025 at 10:22 PM
iagox86.bsky.social
Speaking of David Lynch, the local coffee shop has my number.. maple syrup AND David Lynch reference??
Seasonal drink menu at a coffee shop including the "Laura Dern"
January 23, 2025 at 4:31 PM
iagox86.bsky.social
Cute but loud, as always!
Two green cheek conures, one of whom is looking for a nest in my bookshelf
January 20, 2025 at 11:37 PM