]colemankane[

@[email protected]
637 Followers
651 Following
612 Posts
Cybersecurity researcher, #Rust, #Golang, C/C++, #Python, #Perl, you-name-it programmer, #cincinnati evangelist, dad. I wrote a malware analysis course. Feel free to hit me up about Cyber Threat Intel, #opencti, #Arch, #Ghidra, or anything open-source. Was a #FreeBSD contributor in a previous life. One cell of #FSD.
Websitehttps://blog.malware.re
Malware Analysis Classhttps://class.malware.re
GitHubhttps://github.com/ckane
APTFuzzySnugglyDuck
]colemankane[Mar 24, 2025
Show threadOlympia IndivisibleMar 24, 2025
@GottaLaff Gift Link: (https://www.theatlantic.com/politics/archive/2025/03/trump-administration-accidentally-texted-me-its-war-plans/682151/?gift=bcaiKtxyO9cm3UBE03-Z9naS2t8hWwgg5FWoNQM6l_U&utm_source=copy-link&utm_medium=social&utm_campaign=share)
The Trump Administration Accidentally Texted Me Its War Plans

U.S. national-security leaders included me in a group chat about upcoming military strikes in Yemen. I didn’t think it could be real. Then the bombs started falling.

The Atlantic
]colemankane[Feb 10, 2025
Published a new Blog article today about #GenAI and RAG, complete with some simplistic #Python coding examples: https://blog.malware.re/2025/02/08/genai-context-coder/index.html
Local GenAI Code Completion With Context

<p>A couple weeks ago, <a href="https://www.nature.com/articles/d41586-025-00229-6">news</a> about a new large-language model (LLM), named <a href="https://github.com/deepseek-ai/DeepSeek-R1">DeepSeek-R1</a>, came out. The publisher, DeepSeek, is a Chinese company that was founded in 2023 and focuses on AI research and development. In response to this, I decided to undertake a small project to try to implement LLM and RAG in a simple context-aware code-completion utility.</p>

]colemankane[Jan 10, 2025
HD MooreJan 10, 2025

Orange Tsai & splitline's "WorstFit" research into Windows unicode "BestFit" encoding is 🔥 🔥 🔥 (and mostly unpatched)!

https://blog.orange.tw/posts/2025-01-worstfit-unveiling-hidden-transformers-in-windows-ansi/

This work brings back memories of IIS and ASP (classic) unicode exploit-dev. For example, the letter "h" having alternate encodings of %c4%a4, %c4%a5, %c4%a6, %c4%a7, %d1%88, %d1%a8, %d4%a4, %d4%a5, %d4%a6, %d4%a7, %e2%84%8b, %e2%84%8c, %e2%84%8d, and %e2%84%8e

WorstFit: Unveiling Hidden Transformers in Windows ANSI!

📌 This is a cross-post from DEVCORE. The research was first published at Black Hat Europe 2024. Personally, I would like to thank splitline, the co-author of this research & article, whose help

Orange Tsai
]colemankane[Nov 27, 2024
Dr. Lucky Tran Nov 27, 2024

Please google Great Barrington Declaration. If it had been implemented, millions more people would have died at the start of the pandemic. Now, one of its architects will lead the National Institutes of Health (if confirmed), the largest funder of biomedical research in the world.

https://www.nytimes.com/2024/11/26/us/politics/jay-bhattacharya-nih-trump.html?smid=nytcore-ios-share&referringSource=articleShare

Trump Picks Stanford Physician Dr. Jay Bhattacharya to Head N.I.H.

As the director of the National Institutes of Health, Dr. Jay Bhattacharya would oversee the world’s premier medical research agency, with a $48 billion budget and 27 separate institutes and centers.

The New York Times
]colemankane[Nov 18, 2024
𝐿𝒶𝓃𝒶 "not yet begun to fight"Nov 18, 2024

"Listen up libs I flunked middle school science and intellectually peaked in tenth grade gym class but here are my thoughts on how how I own your womb now and how your daughter's gender is imaginary."

~ literally every dipshit MAGA, 2024

]colemankane[Nov 13, 2024
J Lam 👩🏻‍💻👩🏻‍🎨Nov 13, 2024
It’s really weird when people complains about how “the elites” who mostly work 9-5 jobs are so out of touch with the world that they elected the worst trust fund nepo baby they can find 🤔
https://mastodon.social/@climatebrad/113471091227405036
]colemankane[Nov 12, 2024
Amit SerperNov 12, 2024
For someone who ran his entire campaign as the anti-neocon anti interventionalist presidential, Trump's nominations sure are neo-cons and interventionalists 🥱🙄
]colemankane[Nov 11, 2024
Virus BulletinNov 11, 2024
ESET researchers have released their research into the backend modules of the RedLine infostealer, following its recent takedown by international authorities in Operation Magnus. https://www.welivesecurity.com/en/eset-research/life-crooked-redline-analyzing-infamous-infostealers-backend/
Life on a crooked RedLine: Analyzing the infamous infostealer’s backend

Following the takedown of RedLine Stealer by international authorities, ESET researchers are publicly releasing their research into the infostealer’s backend modules.

]colemankane[Nov 10, 2024
Show threadSue is Writing Solarpunk 🌞🌱Nov 10, 2024

These people have never blamed themselves or Trump for anything & they're sure not gonna start now.

Giving people someone else to blame is a service Trump provides.

There is no scenario where this is a good thing or results in anything but a lot of harm. There will be no satisfaction with that, so don't look for it.

Put all your energy into building resiliency through connection and community. THAT is something they can't stop and is where you not only reduce harms but take back power.

2/2

]colemankane[Nov 5, 2024
Lesley Carhart Nov 3, 2024

I’m absolutely gonna cry when the election is decided. Either because we win and my family and friends and so many vulnerable groups and I are safe, and I’m just so, so horribly exhausted from working and constantly facing horrible online abuse and fighting. Or because my country, that I served my whole youth, is gone to fascism for the rest of my life - and I have to leave. Either way I’ll cry.

I hope you all cared enough to #vote, if you can.