I played a lot of Stardew but found the time/energy limit & adventure part of the game frustrating. I just want to chill & run my little farm!

Also cool is, that Wireshark directly allows you to start an application with this environment variable set. So you can launch a browser from within Wireshark and directly decrypt and analyze the TLS traffic. 😃👌

This dude's villain origin story started the moment his parents wrote that down on the birth certificate. You can't name a guy Semen Cucksov and not expect him to pull some shit like this 😒 😑

Your 2025 Cybersecurity Jobs Guide My advice for job hunting to actually get hired, not chase ghost jobs.

It's time for everybody's favorite: unsolicited advice!

In which I discuss the reality of the cybersecurity jobs market, and what you really should be doing to improve your chances.

taggart-tech.com/202...

You could fucking stand on my lap on the tube and I wouldn't make eye contact with you

Soo... A little bit of awareness is probably a good idea :p

We can delete MDI sensors from the Defender portal and do so in bulk via the internal API

It might be a good idea to set up a detection for this:

CloudAppEvents
| where ActionType == "SensorDeleted"

Strongest proof of intelligent design

idk why the DPRK bothers with all the other stuff when the golden goose of running the world's most successful IT bootcamps is right under their noses.

Here Are the Secret Locations of ShotSpotter Gunfire Sensors The locations of microphones used to detect gunshots have been kept hidden from police and the public. A WIRED analysis of leaked coordinates confirms arguments critics have made against the technolog...

New geocache just dropped

Leaked files from Chinese firm show vast international hacking effort The trove shows how Chinese security services promote rivalry between private hacking companies, spurring them to target foreign governments and institutions.

Great story. Github repository of Chinese firm iSoon reveals hacking ops its done for Chinese gov - "lists targets...summaries of...data amounts extracted and details on whether the hackers [got] full or partial control...spreadsheet showed that the firm had...459GB of road-mapping data from Taiwan"

South Koreans, has this situation improved in the last year?

South Korea’s online security dead end Websites in South Korea often require installation of “security applications.” Not only do these mandatory applications not help security, way too often they introduce issues.

Got an alert today about a weird banking .exe a user had downloaded. Boss recognized it and sent me Wladimir Palant's blog. I thought this was an old article from the ~90s and this was some niche legacy software until I got to the end and saw the disclosures from early 2023!

The Rhysida ransomware decryption paper is really well written and easy to follow. Great breakdown of the weakness in the encryption techniques used and the decryption strategy. Recommend giving it a read if you're interested in malware arxiv.org/abs/2402.06440

Good rec, I picked up a lifetime sub when it was on sale over Christmas. I like their coverage of telco stuff, not something I have much experience with.

A few infosec zines I like:

- Prompt Zine (promptzine.com(
- VXUG Black Mass(vx-underground.org/Papers/Other...)
- Phrack (phrack.org)
- International Journal of PoC||GTFO (www.alchemistowl.org/pocorgtfo)
- Paged Out! (pagedout.institute)

Any suggestions to add to the list?

Posted this on my blog ages ago, was putting together a list of resources for learning/practicing malware analysis. Anyone have recommendations to add? wwright.tech/posts/malwar...

The stages of grief

vxug is the only reason I still check twitter

New to bluesky, any recommendations for accounts to follow in the infosec space?