EG

@[email protected]
63 Followers
246 Following
211 Posts
Part-time security person just trying to keep up.
EGMay 23, 2025
BrianKrebsMay 22, 2025
PSA: If you are not browsing the interwebs with a VPN enabled and you suddenly find your browser sessions are frequently stymied by constant CAPTCHA requests, that's one potential sign that your system may be compromised by something that is routing other peoples' Web traffic through your computer. It's not a dead giveaway of a compromise by any stretch, but it is something that you should probably investigate further.
EGAug 28, 2024
q3k Aug 26, 2024
Just two days left until the first hearing in Newag's lawsuit against us (Dragon Sector members) and SPS. It will take place on 28.08.2024 at 10:00. In case you've missed it, we're being accused of infringing upon Newag's intellectual property and unfair competition. This is, of course, bullshit and a great example of a SLAPP case.
EGAug 27, 2024
BrianKrebsAug 27, 2024

Malicious hackers are exploiting a zero-day vulnerability in Versa Director, a software product used by many Internet and IT service providers. Researchers believe the activity is linked to Volt Typhoon, a Chinese cyber espionage group focused on infiltrating critical U.S. networks and laying the groundwork for the ability to disrupt communications between the United States and Asia during any future armed conflict with China.

https://krebsonsecurity.com/2024/08/new-0-day-attacks-linked-to-chinas-volt-typhoon/

New 0-Day Attacks Linked to China’s ‘Volt Typhoon’ – Krebs on Security

EGJul 19, 2024
Jeff GeerlingJul 19, 2024
The Crowdstrike update failure is nuts! Be patient with your IT staff today, they're going to have a lot to deal with if the org is running Crowdstrike.
EGJul 19, 2024
Show threadBrianKrebsJul 19, 2024
In case you need a free trial of Crowdstrike rn....
EGJul 19, 2024
Jerry 🦙💝🦙Jul 19, 2024
The XDR vendor sales pitches are going to be insufferable for a while
EGJul 19, 2024
Flippin' 'eck, Tucker!Jul 19, 2024
Oh, Fatima. I bet you wish you'd stayed in ballet now, don't you.
#CrowdStrike
EGJul 17, 2024
BrianKrebsJul 17, 2024

Can we do security awareness or education via electronic dance music? IDK, but you gotta hand it to these guys: they have some catchy tunes, like "Better Patch Your Network," which isn't as campy as it sounds.

https://www.youtube.com/watch?v=VL57hVgsq9g

Here's one on DDoS attacks. "Teardrop Falling": https://www.youtube.com/watch?v=cjCSInz1Sqg

"I am Tracking You" https://www.youtube.com/watch?v=qLkgKzqZY2s

Patch Your Network (feat. AENDZI)

YouTube
EGJul 17, 2024
Joseph CoxJul 17, 2024
I've verified that a set of leaked documents which show what phones Cellebrite can (and can't) unlock are authentic. Shows company could not unlock a sizeable chunk of modern iPhones just recently. Also shows some issues with Google Pixels 6-8 https://www.404media.co/leaked-docs-show-what-phones-cellebrite-can-and-cant-unlock/
Leaked Docs Show What Phones Cellebrite Can (and Can’t) Unlock

The leaked April 2024 documents, obtained and verified by 404 Media, show Cellebrite could not unlock a large chunk of modern iPhones.

404 Media
EGJun 7, 2024
Matt BurgessJun 7, 2024

“On Friday, Microsoft announced that it would be making multiple dramatic changes to its rollout of its Recall feature”

https://www.wired.com/story/microsoft-recall-off-default-security-concerns/

Microsoft Will Switch Off Recall by Default After Security Backlash

After weeks of withering criticism and exposed security flaws, Microsoft has vastly scaled back its ambitions for Recall, its AI-enabled silent recording feature, and added new privacy features.

WIRED