lcamtuf 
If you're feeling overwhelmed, remember that
Arwa Alomari
- 39 Followers
- 173 Following
- 68 Posts
@IHasWisdom try solving it?
@IHasWisdom elaborate
Ciarán (mc)Microsoft enabled the notorious "Recall" with the last update (for Windows 11 copilot+ enabled pcs only). It's part of the OS and can't be uninstalled. This software stores metadata about EVERYTHING that appears on your screen, including passwords/urls/images/videos/any messages you send or emails etc
To disable this gross spyware, run the following as admin on the command line:
Dism /Online /Disable-Feature
/Featurename:Recall
VessOnSecurityMy RedisDB honeypot is now open source:
https://gitlab.com/bontchev/redispot
It is based on the RedisDB honeypot from the honeypots package
https://github.com/qeeqbox/honeypots
but has many improvements:
- output plugins - the ability to send reports to various places
- bugfixes - the original assumes that numbers are single-digit in a couple of places
- correct error messages - the original doesn't use exactly the same error messages as a real server
- supports the inline protocol - the original supports only the bulk one; all credential stuffing attackers use the inline one
Jerry 🦙💝🦙Time for my monthly reminder to support your instance. Most instances are volunteer run and paid for by donations, including from the instance administrators. I know these are tough times and not everyone can afford it, and that is OK (I am personally out of work, so I understand that first hand).
You can generally find information to donate on youe instance's "about" page. For example, https://infosec.exchange/about, for those on infosec.exchange.
Thank you for being here and making this place awesome, regardless of your ability to donate. 
Kevin Beaumont
Somebody made a tool called Total Recall to dump Recall database and screenshots. https://x.com/xaitax/status/1797349055917416457?s=46
I wrote a blog on everything I know about the Snowflake situation https://doublepulsar.com/snowflake-at-central-of-worlds-largest-data-breach-939fc400912e
BrianKrebsJust published the second-longest blog post in my 14 year career as an independent reporter.
This story is the result of a ridiculous amount of research. I hope you like it, because I learned tons reporting this, and there needs to be a broader conversation about some of the issues raised by this research. The lede:
Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government and commercial targets in Ukraine and Europe. An investigation into Stark Industries reveals it is being used as a global proxy network that conceals the true source of cyberattacks and disinformation campaigns against enemies of Russia.
https://krebsonsecurity.com/2024/05/stark-industries-solutions-an-iron-hammer-in-the-cloud/
