Hey folks, Apple's finally giving in & letting me do depositions for the retaliation lawsuit, but they left me with only two weeks & its going to be very expensive (at least ~$1k/each).

Want to see Employee Retaliations. Workplace Violence, or my crappy bosses deposed about Apple harassing, retaliating, suspending, & firing me?

Please consider donating:
https://www.ashleygjovik.com/donate.html

(watchtowr.com) Citrix NetScaler CVE-2026-3055 Contains Multiple Memory Overread Vulnerabilities Including Active In-the-Wild Exploitation

Critical: CVE-2026-3055 in Citrix NetScaler actively exploited in-the-wild, leaking administrative session IDs via memory overreads in SAML/WS-Federation endpoints.

In brief - Unauthenticated attackers exploit CVE-2026-3055 to extract sensitive data, including authenticated admin session tokens, from vulnerable NetScaler appliances configured as SAML IDPs. Honeypot data confirms active exploitation by threat actors. Immediate patching required.

Technically - The flaw manifests in /wsfed/passive?wctx when the wctx parameter lacks a value, causing the appliance to dereference uninitialized memory. The NSC_TASS cookie returns base64-encoded leaked memory, exposing HTTP headers, internal IPs, and session IDs. Exploitation mirrors CitrixBleed techniques, with non-deterministic memory disclosure across requests. Patched systems return HTTP 302 without NSC_TASS. Detection artifacts available via watchTowr Labs.

Source: https://labs.watchtowr.com/please-we-beg-just-one-weekend-free-of-appliances-citrix-netscaler-cve-2026-3055-memory-overread-part-2/

#Cybersecurity #ThreatIntel

Do you want to be my new colleague in Stuttgart?

We just opened a tenured professor position for researchers in Programming Languages. So, if you are working in this field, including but not limited to Program Analysis, Compilers, Runtime Environments, Constructive PL, Empirical PL, Quantum PL, ... please consider applying.

If you are not in this field, please repost and boost. 📣

https://www.f05.uni-stuttgart.de/en/faculty/news/news/Professorship-W3-in-Programming-Languages/

A friendly reminder that the Call for Papers for VB2026 is closing soon!

We know you’ve got a brilliant idea (or three) rattling around in your brain. So why not share it with the world? Our stage is waiting. 🎤

Deadline: 9 April 2026

Click for more info ➡️ https://lnkd.in/dFBZAqVS

#VB2026 #CFP #cybersecurity #Seville

The aisbestos is coming in real hard at my current employer and it's definitely starting to smell like layoffs are around the corner.

Anyone have a use for someone with a math degree, 7 years of QA experience, and 3 years running an IT department?

#getfedihired

📜 Scrolls volume 35 is out! Lots of good links inside as usual 😁

https://shellsharks.com/scrolls/scroll/2026-03-27

Shoutout to everyone listed below. Their work is featured/linked-to in this week’s edition. Thank you! 🙏

@merrittk @the @lwindolf @theaardvark @brennan @adulau @readbeanicecream @sindum @liztai @ernie @HughWRoberts @82mhz @joel @martindehf @anarodrigues @eclecticpassions @hyde @eli_oat @thelatestkate @Profpatsch @mrv404 @joel @kagihq @csilverman

#indieweb #fediverse #infosec #cybersecurity

GrapheneOS says ❌ to age verification.

https://itsfoss.com/news/grapheneos-refuses-age-verification/

#grapheneos #ageverification #privacy

(praetorian.com) CVE-2025-33073: NTLM Reflection Resurrects One-Hop Path to Active Directory Domain Compromise

EXECUTIVE SUMMARY
CVE-2025-33073 enables NTLM reflection attacks on unpatched Windows systems without SMB signing, allowing any authenticated domain user to achieve SYSTEM-level RCE. Combined with unconstrained delegation, this vulnerability permits full domain compromise via DCSync. Immediate patching, enabling SMB signing on delegation hosts, and auditing unconstrained delegation are critical.

TECHNICAL SUMMARY
CVE-2025-33073 exploits Windows SMB client handling of marshaled DNS target info to trigger local NTLM authentication. Attackers craft malicious DNS records via LDAP, coercing SMB clients into NTLM reflection. Tools like RelayKing identify unpatched targets using DCERPC UBR queries. On hosts with unconstrained delegation, PrinterBug coerces DC authentication, caching its TGT in LSASS. Rubeus captures the TGT, enabling secretsdump.py to extract krbtgt hashes for Golden Ticket creation and domain compromise. SMB signing on DCs does not mitigate outbound coercion, necessitating hardening of one-hop systems.

Source: https://www.praetorian.com/blog/cve-2025-33073-ntlm-reflection-one-hop/

#Cybersecurity #ThreatIntel