October 1, 2022

New Perun video has dropped.

-

A new Animarchy covering Ukraine is out as well.

-

hanna jvne @ativhanna

new argument for ai art just dropped

11:02 PM ∙ Sep 29, 2022

---

-

Lukasz Olejnik @lukOlejnik

Please note that one must be extra-careful and vigilant with any reports of physical effects of cyber-related events. Too prone to being put out of proportions, untrue, etc. So extra-tablespoon of salt advised. The above is debunked here sans.org/blog/closing-t…

1:07 PM ∙ Sep 30, 2022

---

-

How disinformation shut down US special operators

https://www.theruck.news/p/how-disinformation-shut-down-us-special

-

Orange Cyberdefense's SensePost Team @sensepost

Struggling to proxy your offensive tools (*cough, Windows, cough*)? See how @_cablethief uses WireGuard and tun2socks to make remote networks available via a network route (from any device or container), over SOCKS!

sensepost.comSensePost | Wiresocks for easy proxied routingLeaders in Information Security

12:09 PM ∙ Sep 30, 2022

---

-

Tim Newsham @NewshamTim

In addition to the Linux and OpenBsd fuzzers mentioned in the whitepaper, we also applied it to OpenBSD, FreeBSD, and Magenta (now called Zircon, the Fuchsia kernel). Findings were reported. Repos can be found at github.com/timnewsham?tab…

NCC Group Research & Technology @NCCGroupInfosec

In 2016, NCC Group researchers Tim Newsham & Jesse Hertz open-sourced TriforceAFL, an extension of AFL allowing it to fuzz VMs running under QEMU’s full-system emulation mode Today we're releasing the corresponding previously-unpublished whitepaper: https://t.co/roJanLJLlF

1:17 AM ∙ Oct 1, 2022

---

-

Paul Dokas @pauldokas

Wow That’s an amazing deep dive on NTP, its creator David Mills, and old school open source communities.

newyorker.comThe Thorny Problem of Keeping the Internet’s TimeAn obscure software system synchronizes the network’s clocks. Who will keep it running?

1:15 AM ∙ Oct 1, 2022

---

-

b33f | 🇺🇦✊ @FuzzySec

Really good analysis of Cobalt Strike RCE 🥃🔫 mp.weixin.qq.com/s?__biz=MzIxND…

mp.weixin.qq.com最新CS RCE曲折的复现路0x00 前言就在前几天，无敌的北辰少爷向CS官方提交了一个RCE漏洞，通过该漏洞可以在捕获攻击者的beac

11:09 PM ∙ Sep 30, 2022

---

-

Richard Johnson @richinseattle

Correction, @NewshamTim described what ROP was in 1997! I didn’t even know how to write the simplest stack overflow exploit yet, heck I barely knew C. When you think of people who raised the bar for exploitation/attack techniques in the early days, Tim should be on your list. https://t.co/cVpiTwELaO

Tim Newsham @NewshamTim

@richinseattle @4Dgifts @killahertz_ https://t.co/UfChmO6Oww

12:07 AM ∙ Oct 1, 2022

---

-

Silas @silascutler

If you've in security and never worked as a sysadmin, this is a really important thread about why it's not "just patch".

Kevin Beaumont @GossiTheDog

Exercise - I'm going to live tweet how long it takes me to patch an enterprise Exchange Server 2016 to latest security update (not including ProxyNotShell, as no update out yet). This one was last patched a few months ago.

11:56 PM ∙ Sep 30, 2022

---

-

Lost Weapons @LostWeapons

Asia makes the best maps. Lmao at the soldiers tied to the tank in Russia

2:30 AM ∙ Oct 1, 2022

---

-

**Effortlessly transmitting Morse Code of chess moves to your butthole**

https://github.com/RonSijm/ButtFish

-

kmkz @kmkz_security

Learning Linux kernel exploitation - Part 2 - CVE-2022-0847 (DirtyPipe) 0x434b.dev/learning-linux… By @0xricksanchez

0x434b.devLearning Linux kernel exploitation - Part 2 - CVE-2022-0847Continuing to walk down Linux Kernel exploitation lane. This time around with an unanticipated topic: DirtyPipe as it actually nicely fits the series as an example.

6:05 AM ∙ Sep 30, 2022

---

-

Charlie Warzel @cwarzel

Wrote about the Musk texts. What I found illuminating about the messages is just how unimpressive, unimaginative, and sycophantic the powerful men in Musk’s contacts appear to be. Just overconfident dudes winging it

theatlantic.comElon Musk’s Texts Shatter the Myth of the Tech GeniusThe world’s richest man has some embarrassing friends.

7:10 PM ∙ Sep 30, 2022

---

-

not intended @ellewasamistake

committing a crime and pretending to be a witness in an elaborate scheme to have a police sketch artist draw my original character "garfield the hedgehog"

5:52 PM ∙ Sep 28, 2022

---

-

Translation of Putin’s speech

Konstantin Kisin @KonstantinKisin

Share this thread as a Substack article:

konstantinkisin.substack.comPutin: “The End of Western Hegemony is INEVITABLE”The quiet part out loud.

5:49 PM ∙ Sep 30, 2022

---

-