ren_daga_otaku
@ren-daga-otaku.bsky.social
Infosec hobbyist, armchair software developer, and wannabe script kiddie. Konohana Kitan is great. Formerly @ren_daga_otaku on X
Reposted by ren_daga_otaku
For a few lexical reasons, I assume this is a DDoS. But the advantage of DDoS is that it doesn't take owning a lot of resources so much as pwning a lot of resources. It's automated hacking, not nation state exclusive work.
Musk claims Twitter outages are due to a "massive cyber attack" by a "coordinated group and/or a country"
March 10, 2025 at 5:55 PM
For a few lexical reasons, I assume this is a DDoS. But the advantage of DDoS is that it doesn't take owning a lot of resources so much as pwning a lot of resources. It's automated hacking, not nation state exclusive work.
Post a great animated villain
March 6, 2025 at 4:13 AM
Post a great animated villain
Reposted by ren_daga_otaku
If Trump is removing all environmental regulation, how about we undo the "memory safe languages" mandate? I mean, how is mandating "memory safe languages" compatible with freedom of speech anyhow?
Enough policing of speech! Raw pointers for raw milk, our youth needs to be hardened by strcpy.
Enough policing of speech! Raw pointers for raw milk, our youth needs to be hardened by strcpy.
January 22, 2025 at 8:32 AM
If Trump is removing all environmental regulation, how about we undo the "memory safe languages" mandate? I mean, how is mandating "memory safe languages" compatible with freedom of speech anyhow?
Enough policing of speech! Raw pointers for raw milk, our youth needs to be hardened by strcpy.
Enough policing of speech! Raw pointers for raw milk, our youth needs to be hardened by strcpy.
Reposted by ren_daga_otaku
An Introduction to Protein Cryptography (Hayder Tirmazi, Tien Phuoc Tran) ia.cr/2025/089
January 22, 2025 at 9:32 AM
An Introduction to Protein Cryptography (Hayder Tirmazi, Tien Phuoc Tran) ia.cr/2025/089
Reposted by ren_daga_otaku
This week's Three Buddy Problem is now available for your eyeballs @craiu.bsky.social @jags.bsky.social
youtu.be/-qrMAg09jD8?...
youtu.be/-qrMAg09jD8?...
Inside the PlugX malware removal operation, CISA takes victory lap and another Fortinet 0day
YouTube video by Ryan Naraine
youtu.be
January 19, 2025 at 5:05 PM
This week's Three Buddy Problem is now available for your eyeballs @craiu.bsky.social @jags.bsky.social
youtu.be/-qrMAg09jD8?...
youtu.be/-qrMAg09jD8?...
Reposted by ren_daga_otaku
You’re still arguing about tabs vs. spaces? May I present…
December 25, 2024 at 6:37 PM
You’re still arguing about tabs vs. spaces? May I present…
N2K's The 12 Days of Malware.
YouTube video by N2K Networks
www.youtube.com
December 25, 2024 at 8:23 PM
Reposted by ren_daga_otaku
I would see computer programming become a discipline within the wider umbrella of Engineering as a regulated and licensed profession. A degree shouldn't be necessary, but you should have to prove you can uphold a standard of ethics and conduct to be able to work as a programmer.
December 19, 2024 at 1:32 PM
I would see computer programming become a discipline within the wider umbrella of Engineering as a regulated and licensed profession. A degree shouldn't be necessary, but you should have to prove you can uphold a standard of ethics and conduct to be able to work as a programmer.
Reposted by ren_daga_otaku
The @phrack.org 72 CFP horny emojipasta has hit the chats
December 18, 2024 at 7:25 PM
The @phrack.org 72 CFP horny emojipasta has hit the chats
Reposted by ren_daga_otaku
My response when @elizas.website sent me this
December 5, 2024 at 6:19 PM
My response when @elizas.website sent me this
Anyone have an rss feed of this. Looks like good stuff!
GreyNoise’s Andrew Morris on using AI to find zero-days
GreyNoise’s Andrew Morris on using AI to find zero-days
In the latest episode of Safe Mode, Greg Otto talks with Andrew Morris, founder and chief architect of GreyNoise. Greg and Andrew talk about some recent work GreyNoise has released including one of…
buff.ly
December 17, 2024 at 7:40 PM
Anyone have an rss feed of this. Looks like good stuff!
Reposted by ren_daga_otaku
threat actor = someone who wants to punch you in the face
threat = the punch being thrown
vulnerability = your inability to defend against the punch
risk = the likelihood of getting punched in the face
threat = the punch being thrown
vulnerability = your inability to defend against the punch
risk = the likelihood of getting punched in the face
November 14, 2024 at 11:19 PM
threat actor = someone who wants to punch you in the face
threat = the punch being thrown
vulnerability = your inability to defend against the punch
risk = the likelihood of getting punched in the face
threat = the punch being thrown
vulnerability = your inability to defend against the punch
risk = the likelihood of getting punched in the face
Reposted by ren_daga_otaku
Join me on the @bhinfosecurity.bsky.social Talkin’ About Infosec News today at 4:30 ET!
www.blackhillsinfosec.com/event/bhis-t...
www.blackhillsinfosec.com/event/bhis-t...
BHIS Talkin' About Infosec News - Black Hills Information Security
www.blackhillsinfosec.com
December 16, 2024 at 8:15 PM
Join me on the @bhinfosecurity.bsky.social Talkin’ About Infosec News today at 4:30 ET!
www.blackhillsinfosec.com/event/bhis-t...
www.blackhillsinfosec.com/event/bhis-t...
Thrilling. 🔥
Surely all you really need is a copy of the firmware (probably shared increasingly in public/semi-public spaces ). I don’t see why all manner of remote attacks aren’t discoverable. It’s just a wireless computer at the end of the day.
Surely all you really need is a copy of the firmware (probably shared increasingly in public/semi-public spaces ). I don’t see why all manner of remote attacks aren’t discoverable. It’s just a wireless computer at the end of the day.
Reviver, the company that's sold 65k of these plates, says it will replace its chips going forward, but can't patch this in existing plates.
Transit policymakers should understand this is a vulnerability not just in these plates, but in any system that depends on plate numbers.
Transit policymakers should understand this is a vulnerability not just in these plates, but in any system that depends on plate numbers.
Digital license plates, legal to buy in some states and drive with nationwide, can be jailbroken. Hackers can install new firmware in minutes, then change plate numbers via a Bluetooth app to evade surveillance, tolls and tickets—or make someone else pay. www.wired.com/story/digita...
December 16, 2024 at 5:17 PM
Thrilling. 🔥
Surely all you really need is a copy of the firmware (probably shared increasingly in public/semi-public spaces ). I don’t see why all manner of remote attacks aren’t discoverable. It’s just a wireless computer at the end of the day.
Surely all you really need is a copy of the firmware (probably shared increasingly in public/semi-public spaces ). I don’t see why all manner of remote attacks aren’t discoverable. It’s just a wireless computer at the end of the day.
Reposted by ren_daga_otaku
The year is 2074.
After the exposure of another hostile state cyber espionage campaign against the Five Eyes, leaders announce they've found the answer this time.
They're "going on offense" to "impose costs"
(We could just try protecting the telcos a bit better)
www.reuters.com/technology/c...
After the exposure of another hostile state cyber espionage campaign against the Five Eyes, leaders announce they've found the answer this time.
They're "going on offense" to "impose costs"
(We could just try protecting the telcos a bit better)
www.reuters.com/technology/c...
US needs to do more make cyber attackers pay, Trump adviser says
U.S. President-elect Donald Trump's administration will examine ways to impose higher costs on private actors and U.S. adversaries who wage cyber attacks on America, Trump's pick for national security adviser, Representative Mike Waltz, said on Sunday.
www.reuters.com
December 16, 2024 at 1:34 PM
The year is 2074.
After the exposure of another hostile state cyber espionage campaign against the Five Eyes, leaders announce they've found the answer this time.
They're "going on offense" to "impose costs"
(We could just try protecting the telcos a bit better)
www.reuters.com/technology/c...
After the exposure of another hostile state cyber espionage campaign against the Five Eyes, leaders announce they've found the answer this time.
They're "going on offense" to "impose costs"
(We could just try protecting the telcos a bit better)
www.reuters.com/technology/c...
They’re just feeding the watchdog by making a statement about processes, efforts that long precede their administration. It’s a formality, a performance for domestic audiences.
What even is the implication of this kind of talk? Is it meant to be a physical threat? A financial threat? A hacking back threat? I don’t get it.
December 16, 2024 at 2:58 PM
They’re just feeding the watchdog by making a statement about processes, efforts that long precede their administration. It’s a formality, a performance for domestic audiences.
Reposted by ren_daga_otaku
This is closing in 5 days. Add your response to the mix as soon as possible!!
📢 It's time for you to MAKE YOUR VOICE HEARD 🗣️ ...
... In the C Survey for the Name of a new Operator!! This one, being something a LOT of you are familiar with!
Read up, let us know, and SPREAD THE WORD: thephd.dev/the-big-arra...
... In the C Survey for the Name of a new Operator!! This one, being something a LOT of you are familiar with!
Read up, let us know, and SPREAD THE WORD: thephd.dev/the-big-arra...
The Big Array Size Survey for C
New in C2y is an operator that does something people have been asking us for, for decades:
thephd.dev
December 15, 2024 at 10:18 PM
This is closing in 5 days. Add your response to the mix as soon as possible!!
Reposted by ren_daga_otaku
Great convo here between @patrick.risky.biz and some guy named @thekrebscycle.bsky.social with medium fashion sense.
If listening to @thekrebscycle.bsky.social and yours truly talking about Chinese cyber operations for an hour in front of a live audience in Sydney sounds like a good time to you, boy do I have some great news
www.youtube.com/watch?v=MQaV...
www.youtube.com/watch?v=MQaV...
Wide World of Cyber: SentinelOne's Chris Krebs on Chinese cyber operations
YouTube video by Risky Business Media
www.youtube.com
December 16, 2024 at 2:15 AM
Great convo here between @patrick.risky.biz and some guy named @thekrebscycle.bsky.social with medium fashion sense.
Reposted by ren_daga_otaku
Reposted by ren_daga_otaku
Still blown away that you can literally cut down a Wii PCB and end up with a fully functional tiny GameCube! 🤯
For reference, here’s what a full motherboard looks like before the dremmel:
For reference, here’s what a full motherboard looks like before the dremmel:
November 27, 2024 at 2:48 PM
Still blown away that you can literally cut down a Wii PCB and end up with a fully functional tiny GameCube! 🤯
For reference, here’s what a full motherboard looks like before the dremmel:
For reference, here’s what a full motherboard looks like before the dremmel:
Reposted by ren_daga_otaku
A younger me, as a pentester and bug hunter, had exactly the bias described in this article 🤫
Luckily, I later worked with and for "the other side" and it changed my mind 🤯
I hope young people reading it will avoid taking years to understand the complexities of fixing bugs in a timely manner 🤞
Luckily, I later worked with and for "the other side" and it changed my mind 🤯
I hope young people reading it will avoid taking years to understand the complexities of fixing bugs in a timely manner 🤞
Why Can't You Fix This Bug Faster?
Fixing security vulnerabilities in a timely manner is more complicated than you realize.
maxwelldulin.com
December 14, 2024 at 11:02 PM
A younger me, as a pentester and bug hunter, had exactly the bias described in this article 🤫
Luckily, I later worked with and for "the other side" and it changed my mind 🤯
I hope young people reading it will avoid taking years to understand the complexities of fixing bugs in a timely manner 🤞
Luckily, I later worked with and for "the other side" and it changed my mind 🤯
I hope young people reading it will avoid taking years to understand the complexities of fixing bugs in a timely manner 🤞
Depending on how time-sensitive the subject is, adjusting the date range for results to be capped around 2022 (when AI took off) clears away much of the slop results.
Something is very very very wrong with Google
I can barely find stuff anymore, even if I'm narrowing down my search with 4-5 terms I know they are in an item's title and content
Back in 2010, I never thought I'd say that Google is legitimately useless now
I can barely find stuff anymore, even if I'm narrowing down my search with 4-5 terms I know they are in an item's title and content
Back in 2010, I never thought I'd say that Google is legitimately useless now
December 14, 2024 at 4:16 PM
Depending on how time-sensitive the subject is, adjusting the date range for results to be capped around 2022 (when AI took off) clears away much of the slop results.
Reposted by ren_daga_otaku
wrote some code in my sleep, woke up and typed it into the computer. didn't work.
December 14, 2024 at 8:47 AM
wrote some code in my sleep, woke up and typed it into the computer. didn't work.