I’m honestly disturbed by the number of posts that follow the AI cadence now. For the same reasons that we pick up accents and speech patterns from those around us, humans are being trained to speak like AI engagement bots.
They make some claims that imply they haven't released everything yet, and mention the FBI.
That said, how are we feeling about Apple's refusal to give the FBI a backdoor it controls for all iOS devices?
This is actually on a carbon fiber textured one of those!
Recreation.gov casually using ID.me to force seniors into scanning and sharing their biometrics just to buy a pass? Wow. @eff.org
I sometimes hate that my laptops only finally fill out around half way through their lifespan.
This year, everyone’s mind bicycles have a massive upgrade. Self hosted or cloud provider, it doesn’t matter. 2026 is the year that unlocks all of those projects you’ve wanted to build all this time. Go do it. Iterate. It’s cheaper now than ever before, and likely ever will be again.
The U.S. government on Wednesday shut down a vital resource for keeping tabs on what powerful spying tools its agencies are buying, making it harder to reliably find out how agencies including ICE are spending taxpayers’ dollars. www.404media.co/the-governm...
Remember when we all used to talk about how invasive the “Great Firewall of China” was?
Pepperidge Farm remembers.
Now we buy cameras for our front doors so they can ID anyone on our street and report their location in real time. Photo IDs to use the internet. Etc etc. is this the future we want?
This implies it can’t be used on patrol. Interesting.
Note: this is illegal in Illinois?
New TTP added to my list today because I was working on implementing security controls. This falls into my favorite category: features with unintended consequences. Also it’s a lolbin. Not yet in LOLBAS.
And as long as you don't care about privacy at all, you should be good to go
Take notes. THIS is how you articulate the difference between warm fuzzy marketing and propaganda for a commercial dystopia.
Good riddance @discord.com
www.youtube.com/watch?v=Y5o3...
LOOK AT THIS PRIVACY POLICY.
Look at it. You can read it because they don’t need a ton of legalese to make you stop reading all the ways they’ll sell your data.
They just don’t do that. None of it.
tessie.com/privacy
We want the soundtrack!
Early bird tickets are still available! 🎉
Use code BS312-EB20 to get 20% off your #BSides312 ticket.
Grab yours now 👉 bsides312.org
While you’re there, consider volunteering and helping make the event awesome!
#BSides
cupholder.exe was one of my favorite memories when growing up.
To be clear. NetNTLMv1 support needs to go. But for the low security budgets, the companies that can’t navigate their way out from under this one, detection and effective response will be your saving grace (or it won’t be).
If your SOC doesn’t already alert on NetNTLM with challenges of “1122334455667788” you should fix that NOW.
cloud.google.com/blog/topics/...
If you’re not watching EXO labs, and you have any good reason to run local LLMs stop now and read blog.exolabs.net/nvidia-dgx-s...
Did you know your taxes were being used to buy your flight records from commercial airlines so your movement could be tracked without a warrant?
This is fork&run to execute BOFs in a remote process, same API, and get output back over a pipe--demonstrated with Havoc.
Same arch could support explicit injection. Add-in an injector artifact + psexec, could remotely run a BOF without an agent and get output back too. bofexec? :)
NEW: Apple, Google, and WhatsApp now regularly notify their users if they suspect they have been targeted or hacked with government spyware, such as that made by NSO Group or Paragon.
We spoke to experts and wrote a guide on what to do, and where to go, if you receive one of those notifications.
