Reposted
Is now a good time to remind folks that Oracle had a breach of their Gen1 cloud environment they covered up earlier this year?
October 2, 2025 at 10:31 PM
Is now a good time to remind folks that Oracle had a breach of their Gen1 cloud environment they covered up earlier this year?
Reposted
The `asn` is command line ASN lookup tool. It can do RPKI validity, BGP stats, ASPath, IP reputation, IP geolocation, IP fingerprinting, Network recon / lookup tool and web traceroute. It is a prefect tool to look into IP address for security reasons and recommend for IT or network professionals.
July 29, 2025 at 6:30 PM
The `asn` is command line ASN lookup tool. It can do RPKI validity, BGP stats, ASPath, IP reputation, IP geolocation, IP fingerprinting, Network recon / lookup tool and web traceroute. It is a prefect tool to look into IP address for security reasons and recommend for IT or network professionals.
We are back! podcasts.apple.com/us/podcast/s...
One year later
Podcast Episode · Scinary Information Nexus · 05/09/2025 · 57m
podcasts.apple.com
May 11, 2025 at 12:59 PM
We are back! podcasts.apple.com/us/podcast/s...
Could not be more on point
March 22, 2025 at 2:41 PM
Could not be more on point
Reposted
The Tarlogic claim of backdoor functions in the ESP32 Bluetooth firmware seem overblown. The features they identified require privileged code execution and are helpful for improving open source software for these devices.
Useful resources:
- buff.ly/vazOcIg
- buff.ly/DnG6mFN
- buff.ly/tquYg8G
Useful resources:
- buff.ly/vazOcIg
- buff.ly/DnG6mFN
- buff.ly/tquYg8G
The ESP32 "backdoor" that wasn't | Dark Mentor LLC
This post refutes the claim that researchers found a "backdoor" in ESP32 Bluetooth chips. What the researchers highlight (vendor-specific HCI commands to read & write controller memory) is a common…
buff.ly
March 10, 2025 at 6:38 AM
The Tarlogic claim of backdoor functions in the ESP32 Bluetooth firmware seem overblown. The features they identified require privileged code execution and are helpful for improving open source software for these devices.
Useful resources:
- buff.ly/vazOcIg
- buff.ly/DnG6mFN
- buff.ly/tquYg8G
Useful resources:
- buff.ly/vazOcIg
- buff.ly/DnG6mFN
- buff.ly/tquYg8G
Most of the time it’s a nice career choice but when it sucks, it really sucks. Long hours, endless reporting, etc.
Cybersecurity is a rewarding career with good pay. Many enjoy it for problem-solving and the challenge of outsmarting cyber threats. However, it may involve working alone at times.
Is cybersecurity a good career why do you enjoy it? Or is it more alot of working alone and just getting pid good
View post on Reddit.
reddit.com
March 9, 2025 at 12:52 PM
Most of the time it’s a nice career choice but when it sucks, it really sucks. Long hours, endless reporting, etc.
Reposted
hi bluesky! you can catch me relaying tornadoes & damaging wind threats all day today here, the first of our long near-spring events with @rhyall.bsky.social : www.youtube.com/watch?v=Dqjd...
already had a long segment talking about the squall overtaking supercells leading to torgen... :3
already had a long segment talking about the squall overtaking supercells leading to torgen... :3
🔴LIVE - Severe Weather Coverage With Storm Chasers On The Ground, Live Weather Channel...
YouTube video by Ryan Hall, Y'all
www.youtube.com
February 15, 2025 at 8:58 PM
hi bluesky! you can catch me relaying tornadoes & damaging wind threats all day today here, the first of our long near-spring events with @rhyall.bsky.social : www.youtube.com/watch?v=Dqjd...
already had a long segment talking about the squall overtaking supercells leading to torgen... :3
already had a long segment talking about the squall overtaking supercells leading to torgen... :3
Another ransomware case with no malware. SSLVPN creds initial entry. MFA that shit. Also turn off full LDAP sync and MFA the local admin account on the firewall. Not 100% but reduces probability of successful attack.
January 30, 2025 at 12:29 PM
Another ransomware case with no malware. SSLVPN creds initial entry. MFA that shit. Also turn off full LDAP sync and MFA the local admin account on the firewall. Not 100% but reduces probability of successful attack.
I have not seen malware as the initial entry vector on a ransomware attack in over a year. It’s Atera/screenconnect
January 18, 2025 at 6:04 PM
I have not seen malware as the initial entry vector on a ransomware attack in over a year. It’s Atera/screenconnect
Reposted
We're witnessing the evolution of ransomware.
Yesterday someone informed us of the existence of the new TTP of AWS S3 extortion. More specifically, Threat Actors abusing the Amazon Key Management Service (KMS) to encrypt company AWS buckets (or any cloud provider).
Yesterday someone informed us of the existence of the new TTP of AWS S3 extortion. More specifically, Threat Actors abusing the Amazon Key Management Service (KMS) to encrypt company AWS buckets (or any cloud provider).
January 8, 2025 at 2:07 AM
We're witnessing the evolution of ransomware.
Yesterday someone informed us of the existence of the new TTP of AWS S3 extortion. More specifically, Threat Actors abusing the Amazon Key Management Service (KMS) to encrypt company AWS buckets (or any cloud provider).
Yesterday someone informed us of the existence of the new TTP of AWS S3 extortion. More specifically, Threat Actors abusing the Amazon Key Management Service (KMS) to encrypt company AWS buckets (or any cloud provider).
Reposted
We've got 6 days left to giveaway $56,974.98 of gifts.
December 15, 2024 at 2:50 AM
We've got 6 days left to giveaway $56,974.98 of gifts.
Reposted
We're absolutely cooked
December 8, 2024 at 8:44 PM
We're absolutely cooked
And he is done. Except for beer bottle which may never get painted.
November 30, 2024 at 11:18 AM
And he is done. Except for beer bottle which may never get painted.
Reposted
Hear me now: base64 encoded powershell script running on a DC is NOT a normal thing. That’s an attack.
You will know it when you see by the flag -encode. Copy the script, dump the RAM and evtx logs then kill the DC(s).
You will know it when you see by the flag -encode. Copy the script, dump the RAM and evtx logs then kill the DC(s).
August 8, 2023 at 5:25 AM
Hear me now: base64 encoded powershell script running on a DC is NOT a normal thing. That’s an attack.
You will know it when you see by the flag -encode. Copy the script, dump the RAM and evtx logs then kill the DC(s).
You will know it when you see by the flag -encode. Copy the script, dump the RAM and evtx logs then kill the DC(s).
I use mandiant redline to dump ram and then dump all evtx to csv. Makes it easy to grep for event ids. Unless they in directly to the DC 4624 is where to start.
August 8, 2023 at 5:28 AM
I use mandiant redline to dump ram and then dump all evtx to csv. Makes it easy to grep for event ids. Unless they in directly to the DC 4624 is where to start.
Hear me now: base64 encoded powershell script running on a DC is NOT a normal thing. That’s an attack.
You will know it when you see by the flag -encode. Copy the script, dump the RAM and evtx logs then kill the DC(s).
You will know it when you see by the flag -encode. Copy the script, dump the RAM and evtx logs then kill the DC(s).
August 8, 2023 at 5:25 AM
Hear me now: base64 encoded powershell script running on a DC is NOT a normal thing. That’s an attack.
You will know it when you see by the flag -encode. Copy the script, dump the RAM and evtx logs then kill the DC(s).
You will know it when you see by the flag -encode. Copy the script, dump the RAM and evtx logs then kill the DC(s).
Reposted
What is “pivoting” in hacking? – Small Introduction:
https://cbclearnet.media/2023/08/06/what-is-pivoting-in-hacking-small-introduction/
https://cbclearnet.media/2023/08/06/what-is-pivoting-in-hacking-small-introduction/
August 6, 2023 at 10:36 AM
What is “pivoting” in hacking? – Small Introduction:
https://cbclearnet.media/2023/08/06/what-is-pivoting-in-hacking-small-introduction/
https://cbclearnet.media/2023/08/06/what-is-pivoting-in-hacking-small-introduction/
Anyone try the API on this thing?
August 3, 2023 at 12:31 AM
Anyone try the API on this thing?
If I was indicted on 1 count of anything, I’d fucking fall apart. I’d like chunk in Goonies and start confessing shit I did when I was 5.
August 3, 2023 at 12:29 AM
If I was indicted on 1 count of anything, I’d fucking fall apart. I’d like chunk in Goonies and start confessing shit I did when I was 5.
New helmet build.
August 2, 2023 at 4:47 AM
New helmet build.