Our guest Woosun Song explains a hidden blockchain risk:
If you can manipulate time,
you can mint massive amounts of interest —
and dilute everyone else.
Not a bug. A fundamental flaw.
#cybersecurity #desiredeffect #blockchain
JJ Lopez makes his own sangria. Check out the color!
Oh yeah, he also explains the concepts of fuzzing as we learn about his eBPF fuzzing work.
open.spotify.com/episode/170H...
You know what goes great with a chat about OS Command Injection?
McKenna. Yeah, that's the stuff. Thanks to Zach Hanley for recounting his pathway to a perfect 10.0 CVSS score
open.spotify.com/episode/4kn8...
Dmitri Kurbatov talks all about cell network security in this episode on Man On The Side attacks.
Does 5G provide a superior experience? Have a listen and find out!
open.spotify.com/episode/1pYy...
Ever heard the term Use After Free? Curious to know what that is and how it works?
Jon Waterman breaks it down for us!
open.spotify.com/episode/4K9B...
And seeing ghosts!
Are you a security researcher or journalist? We want to hear from you! Please take this survey!
DataBreaches.net and myself (at this.weekinsecurity.com) are running this survey to better understand the state of legal demands and criminal threats experienced in cybersecurity.
Please share!
December has been busy! My latest blog combines #BlackHatMEA and #CyberMarketingConference. Want to know differences between how MEA marketers and their USA counterparts operate? Read on!
H/T @Sandip Wadje, @Aniket Bhardwaj, @Sounil Yu, and @nada AlGhannam
www.desiredeffect.io/blog/five-ob...
I take my first sip of coffee, ever, while Gabriel Gonzalez injects code into a drone at runtime, get this: without touching it, by sending timed electromagnetic pulsing.
Mind blowing episode!!! Get your listen on!
Link: youtu.be/Z88VQDKtbog?...
Shopping for a new car? Enamored with all the latest tech? Ac0rn is! Listen and find out why modern cars are a researcher's playground!
Drink: Last Word
Link: youtu.be/IJafWnsvLiM?...
Tis the season for online shopping!
Yael Grauer shares some data brokering challenges she encounters as she researches the privacy landscape.
Drink: (Color changing!) Empress Southside
Topic: OSINT
Link: youtu.be/Uu8bFKNPolI?...
Spending time with your family this Thanksgiving?
Perhaps a talk about Threat Modeling is what you need to prepare!
Guest: Adam
Drink: Rusty Nail
Link: youtu.be/YRzgZV_Ur90?...
Sources detail a leadership vacuum and staff cuts at the NSA, eroding morale among its analysts and weakening the agency's long-term cyber capabilities (David DiMolfetta/Nextgov/FCW)
Main Link | Techmeme Permalink
If you’ve been laid off from a cyber threat intel position, and you want a ticket to CYBERWARCON, please reach out.
Collision with an entry from this competition, or from a previous event?
Malware that can tap tap taparoo... your phone.
We're streaming live to YouTube in ~20 mins. Come hang out with us www.youtube.com/watch?v=zjdh...
Two stars on his cap. Three stars on his chest.
House Homeland marking up both CISA 2015 reauth AND state/local cyber grant program legislation tomorrow. docs.house.gov/Committee/Ca... Should we get used to calling CISA 2015 "WIMWIG?"
🔥🔥WATCH: “Rappers are smarter than economists”👇🏽
@dossdiscourse.bsky.social explains more cops doesn’t lower crime it just means more money for private prisons— Addressing poverty/hunger/health care lowers crime… but Trump’s trillions transfer just made all that MUCH WORSE… meaning crime will rise.
3 Screenshots from the movie "Hackers" (1995): First, a young man in a sleeveless shirt sits in a cluttered room, saying "I've got a record. I was Zero Cool." Second, a group of friends gather around a table, one explaining "Zero Cool crashed 1,507 systems in one day. Biggest crash in history." Third, the same group listens as another person adds, "Front page New York Times, August 10, 1988."
Aug 10th 1988 - Zero Cool was in the New York Times for crashing 1,507 computer systems.
📽️📅 Hackers (1995)
Researchers at Defcon just showed they can crack the Securam ProLogic locks used on high-security safes to protect guns, cash, and narcotics in pharmacies.
When they told Securam last year, it sent them legal threats—and didn't fix the flaws.
www.wired.com/story/secura...
Going to BlackHat next week and passionate about reverse engineering? Or, wanting to be? Come hang out with Jos Wetzels and I on the 7th at 11.20am to chat about projects, books and tools you really enjoy, let us know if you're hiring or looking for a job in reverse engineering!
🚨 NEW PAPER on the 0day Supply Chain 🚨:
I gathered open source data & interviewed Gov employees, VR and china researchers to figure out what the zero day marketplace looks like in the U.S. and how it compares to China.
key findings below ⬇️- 0/🧵
www.atlanticcouncil.org/in-depth-res...
Japan on Friday enacted a new law that would permit the country’s authorities to preemptively engage with adversaries through offensive cyber operations to ensure threats are suppressed before they cause significant damage.
As a THOTCON sponsor, I received a handful of tickets.
If you'd like one of them, all you need to do is follow @desiredeffect.io to be entered into a raffle!
What's more important than setting up your company social media page?
Sponsoring THOTCON.
And giving away tickets to new friends!
"While we are seen as making vulnerabilities, our true job is on identifying them to protect consumers.
[Industry criticism of vuln mgmt community] 'All you do is introduce risks.' If we cannot describe it, then what are we doing? The shepherds of the vulns need to find a way forward"
#vulncon2025
