RalphBroom

@[email protected]
200 Followers
84 Following
20 Posts
RalphBroomApr 7
Will DormannApr 6

There's a new Windows 0day LPE that has been disclosed called BlueHammer. The reporter suggests that it's being disclosed due to how MSRC operates these days.

MSRC used to be quite excellent to work with.
But to save money Microsoft fired the skilled people, leaving flowchart followers.
I wouldn't be surprised if Microsoft closed the case after the reporter refused to submit a video of the exploit, since that's apparently an MSRC requirement now. 😂

Anyway, yeah, it works. Maybe not 100% reliably, but well enough...

RalphBroomJan 13, 2024
grecsJan 13, 2024
Next to the last #ShmooCon #Firetalks at starting in 30 minutes at 8:00. https://www.shmoocon.org/firetalks/
Firetalks – ShmooCon

RalphBroomJan 13, 2024
grecsJan 13, 2024
#ShmooCon #Firetalks first speaker, Maddie Bright, is going on now! “Looking Into The Past: How Reflecting Helped Me Grow as a New Professional” Very relevant giving our time travel theme!
RalphBroomJan 12, 2024
#ShmooCon 2024 Hiring List: https://docs.google.com/spreadsheets/d/e/2PACX-1vS_a26TLyZvZv8V1p0nNOdPhuOWm8z6fbyq_-9CNI1E4q6w_3ynmEeNeu-D8Vil68BoFj4PCabg4qO1/pubhtml?gid=0&single=true
2024 ShmooCon Hiring List - Google Drive

RalphBroomJan 12, 2024
For those attending, LobbyConing or streaming #ShmooCon this weekend, here's the Slack: https://join.slack.com/t/shmoocon/shared_invite/zt-2ad7azhts-VPTwd66bltwhUyJ4TyJlcQ
Slack

RalphBroomJul 19, 2023
The U.S. Government proposes cybersecurity labels for products, a "Cyber Trust Mark".
https://www.govtech.com/security/fcc-proposes-cybersecurity-labels-certifications-for-iot-devices
FCC Proposes Cybersecurity Labels, Certifications for IoT Devices

The proposed voluntary program would let companies feature labels on consumer products that clear certain cybersecurity criteria, helping consumers identify and select items that are less prone to cyber attack.

GovTech
RalphBroomMar 29, 2023
Upon reflection of LLM (chatGPT, etc.) capabilities thus far and going forward, I'm reminded of the story "A Logic Named Joe" from 1946. https://en.wikipedia.org/wiki/A_Logic_Named_Joe
A Logic Named Joe - Wikipedia

RalphBroomFeb 13, 2023
I'm really interested in how machine learning is being used for natural language generation, and how it might assist in various fields. At the moment it's wildly inaccurate and generates phrasing with such authority that it's likely to be believed by many. What happens when the majority of content available is produced by unreliable large language models? And new versions of those models are in turn trained on the unreliable content? I think we may find out, soon.
https://cacm.acm.org/blogs/blog-cacm/269854-inside-the-heart-of-chatgpts-darkness/fulltext
Inside the Heart of ChatGPT's Darkness

A Nightmare on LLM Street.

RalphBroomJan 21, 2023
@kaitlyn_devalk Great #shmoocon presentation! What do you think about integrating the visualization front end with Arkime? Being able to visualize search results like this would be very helpful to an analyst. Short of integration, perhaps it could be a callout from an Arkime search and pull from the raw pcap folder to present?
RalphBroomJan 19, 2023
🎩x🎩Jan 19, 2023

PrivacyTests.org is an open source project that measures and compares the privacy of major web browsers.

#cybersecurity #infosec #linux #browser