Cybersecurity Community Must Not Remain Silent On Executive Order Attacking Former CISA Director Cybersecurity professionals and the infosec community have essential roles to play in protecting our democracy, securing our elections, and building, testing, and safeguarding government infrastructur...

Cybersecurity cannot be a partisan issue. This kind of weaponization of the federal government is unacceptable. I stand with @thekrebscycle.bsky.social

www.eff.org/deeplinks/20...

curious what the correlation between public social media content and passwords / passphrases is...

note that screenshot is cut off and not showing 2025. Site is pretty great for exploring the data in aggregate... ex: fatal crashes this year vs previous years

Airline crashes in the US are pretty much normal in 2025, and have been decreasing steadily ... despite the media coverage www.ntsb.gov/safety/data/...

Threat actors are actively exploiting a new vulnerability in Palo Alto Networks firewalls

viz.greynoise.io/tags/palo-al...

Assetnote write-up on CVE-2025-0108: an Nginx/Apache path confusion vulnerability that can lead to an authentication bypass

www.assetnote.io/resources/re...

Donate to Support Marc Rogers' Road to Recovery, organized by Katie Vogel cjunkie (Marc Rogers) is an invaluable and beloved member of our hacker community: a… Katie Vogel needs your support for Support Marc Rogers' Road to Recovery

www.gofundme.com/f/support-ma...

CJ is an old friend and a longtime cDc NSF member. He suffered a fall and broke his neck -- his insurance refused to pay for an MRI, which led to the break going undiagnosed for a couple of weeks, until his vertebrae had degraded to the point of quadriplegia.

Canary Credit Card

It's Baaaaaack!!

Our Credit Card Canarytokens are out of beta and on your Canarytoken servers..

- Grab one;
- Stash it somewhere "safe";
- We will notify you if it's ever used!

Read more about it at blog.thinkst.com/2024/12/its-...

Modern Red Teaming: macOS, K8s, and Cloud - RTV 24 (Public) Modern Red Teaming: macOS, K8s, and Cloud Carnal0wnage int0x80

DualCore and I spoke at the Red Team Village this year. Here are the slides. QR code with link to gist with all the reference links on last page. Unfortunately it wasn't recorded.

docs.google.com/presentation...

#redteam #purpleteam #redteamvillage

tired: "large language models are stochastic parrots"

wired: mechanistic interpretability showing evidence of abstraction, generalization, motivation, and reasoning

when was the last time you checked how well your guest wifi is segmented?

This is neat! Super clever name too 🙃

and the python version, if that's more your jam gist.github.com/jcran/adc8d7...

slightly adjusted to check for case insensitive mentions: gist.github.com/jcran/fc80e0.... More about Jetstream here: docs.bsky.app/blog/jetstream

Post a pic YOU took (no description) to bring some zen to the timeline

great to see @bsky.app starting to take off. seeing some familiar faces and names show up here.

cheers to open protocols!