0xBDB

@[email protected]
76 Followers
222 Following
69 Posts
I do nerd stuff for money.
0xBDBJul 30, 2023
I should really spend more time here.
0xBDBJan 16, 2023
I'll be back here and maybe even the other place eventually, but I am currently both in a very busy phase at work and doing grad school, so I sit in my captain's chair staring at a screen 90 hours a week. So you can see why more typing does not appeal.
0xBDBDec 19, 2022

Interesting: there's an API you can query to get a list of Mastodon servers. Not sure if it's complete or not.

https://isc.sans.edu/diary/rss/29358

0xBDBDec 2, 2022
I saw a post go by on my feed saying that #RedTeam are the health inspectors of the IT world. I think that analogy really belongs to the 3rd line auditors though. Because health inspectors don't try to dump arsenic in the soup just to see if they can ;)
0xBDBDec 2, 2022
Mishaal RahmanDec 1, 2022

Folks, this is bad news. Very, very bad. Hackers and/or malicious insiders have leaked the platform certificates of several vendors. These are used to sign system apps on Android builds, including the "android" app itself. These certs are being used to sign malicious Android apps!

https://bugs.chromium.org/p/apvi/issues/detail?id=100

100 - apvi - Android Partner Vulnerability Initiative - Monorail

0xBDBNov 28, 2022

This is good stuff. I also wish I had known these things before trying to learn C. Also while the K&R book is *the book* on C it is perhaps not the most helpful book on C.

https://tmewett.com/c-tips/

Everything I wish I knew when learning C

0xBDBNov 22, 2022
Re: CISA on Mastodon. I used to be an anarchist, but even I like CISA, come on. Even granting for the sake of argument that that ACAB, not all government employees are cops, which is why I don't run around giving the bird to schoolteachers.
0xBDBNov 22, 2022
SwiftOnSecurityNov 22, 2022
If you're feeling lonely this holiday, just toot "if you can't push to prod on thanksgiving you're not a real devops" and a whole community of people will keep you company.
0xBDBNov 22, 2022
Swissky Nov 21, 2022

RT @t3l3machus
"The quieter you become, the more you are able to hear." #kalilinux

OR you can try my approach:

0xBDBNov 21, 2022
racheltobac Nov 21, 2022
DraftKings users are saying their accounts are hacked & stealing large sums from their bank accounts. Many of those folks claim 2FA was enabled so while it's possible this hack was credential stuffing + 2FA code stealing or SIM Swap, it could also mean DraftKings themselves are dealing with compromise.
https://www.actionnetwork.com/legal-online-sports-betting/draftkings-users-hacked-money-in-account-cashed-out
DraftKings Users Hacked, Money In Account “Cashed Out”

Darren Rovell breaks down the latest updates on the DraftKings hack that cashed out some users' accounts on the betting site.

The Action Network