Cirio

@Cirio@infosec.exchange
35 Followers
133 Following
406 Posts
An avid listener and reader, an infrequent speaker. I am mostly interested in technical infosec content, and I love to learn how things work.
Cirio16h ago
Show threadKevin Beaumont2d ago
Ultra spicy post claiming to be from UK retailer employee (M&S or Co-op) about their experience with TCS on their security incident. https://www.reddit.com/r/cybersecurity/comments/1ll1l6c/scattered_spider_tcs_blame_avoidance/?utm_source=share&utm_medium=mweb3x&utm_name=mweb3xcss&utm_term=1&utm_content=share_button
CirioJun 18
Show threadSoatok DreamseekerJun 18

Want to know more about Signal's cryptography?

https://soatok.blog/2025/02/18/reviewing-the-cryptography-used-by-signal/

None of the alternatives people recommend even come close to the standard they set.

Reviewing the Cryptography Used by Signal - Dhole Moments

Last year, I urged furries to stop using Telegram because it doesn’t actually provide them with any of the privacy guarantees they think it gives them. Instead of improving Telegram’s c…

Dhole Moments
CirioJun 12
GrapheneOSJun 12
We're going to be moving forward under the expectation that future Pixel devices may not meet the requirements to run GrapheneOS (https://grapheneos.org/faq#future-devices) and may not support using another OS. We've been in talks with a couple OEMs about making devices and what it would cost.
GrapheneOS Frequently Asked Questions

Answers to frequently asked questions about GrapheneOS.

GrapheneOS
CirioJun 9
your auntifa liza 🇵🇷 🦛 🦦Jun 9

REMINDER

your protests will never be peaceful enough for the fascists who want you dead under their boot.

#protest #NoKings #June14

CirioJun 9
OpenSecurityTraining2Jun 9
The "Debuggers 1103: Introductory Binary Ninja" beta class begins June 9th. Sign up by end of day at https://forms.gle/7erYKJWcdGkFKH3q7 to join the class and learn how to use @vector35's Binja, not just for static analysis, but for debugging and learning assembly!
Debuggers 1103: Introductory Binary Ninja - Beta Enrollment

Enter the email you have used / will use to register at beta.ost2.fyi if accepted

Google Docs
CirioJun 7
Show threadAiresMay 30
@matildalove @soatok
ISO: "We created global standards for everyone to follow"
Everyone: "Can we see them?"
ISO: "No"
CirioMay 21
Team KeePassXCMay 21
🚨 *Attention!* We were made aware of a fake “KeePassXC Password Manager Pro” repository on GitHub that links to unverified external binary downloads.
- There is NO Pro version of KeePassXC!
- You get all the “Pro” features with the regular version.
Please download KeePassXC only from trusted distribution channels linked on https://keepassxc.org/ !
KeePassXC Password Manager

KeePassXC Password Manager

CirioMay 17
Show threadCatSalad🐈🥗 (D.Burch) May 17
@Viss @da_667
CirioMay 6
Mr. BitternessMay 6

In today's episode of All Software Sucks:

If you add a disk to a Windows 11 VM in VMware Workstation, do stuff, power the VM down, and remove the VMDK file, you have painted yourself into a corner.

You will not be able to revert to a snapshot prior to that disk existing because
checks notes
VMware needs for the disk to be there and have the correct encryption key before it will allow you to revert to another snapshot where the disk doesn't exist.

Workaround: Add a disk of the path name to the VM, and then restore your snapshot. 🤦‍♂️

CirioMay 6
Taggart May 6

There's a powerful (and dangerous) runtime that's been overlooked by the bad guys, but you need to know about it. This is an introduction to Deno and its offensive capabilities.

https://taggart-tech.com/evildeno/

Evil Deno: Abusing the Nicest JavaScript Runtime

Deno offers a wonderful developer experience for those who work in the Node ecosystem. Turns out, it also offers a great deal for offensive security researchers—and the bad guys.