Gonçalo Ribeiro

@goncalor@infosec.exchange
342 Followers
445 Following
3.4K Posts
Defend. Pwn. Infosec. Free software. Vim nerd. #rustlang #electronics
websitehttps://goncalor.com
GitHubhttps://github.com/goncalor

My take: clothes are to be used until they rip apart.

#fashion #sustainableFashion

Respect people who wear glasses.

They paid money to see you.

ℹ️ Update: Internet connectivity in #Egypt remains diminished following a fire at the Ramses Central Exchange; network data show national connectivity at 44% of ordinary levels with services including banking, mobile payments and online trade affected 🏧
おはよう✨
Good morning❣️

This is still one of the best #Mastodon themes out there  😆

Edit: it's a default Mastodon flavour in the Glitch-soc fork:
https://github.com/glitch-soc/mastodon/blob/main/app/javascript/styles/win95.scss

Exploitation IOCs for CVE-2025-5777 aka CitrixBleed 2, these are actively stealing sessions to bypass MFA for almost a month. Some are also doing Netscaler fingerprint scanning first.

64.176.50.109
139.162.47.194
38.154.237.100
38.180.148.215
102.129.235.108
121.237.80.241
45.135.232.2

HT @ntkramer and the folks at @greynoise

Look for lots of connections to your Netscaler devices over past 30 days. More IPs coming as also under mass exploitation. More IPs: https://viz.greynoise.io/tags/citrixbleed-2-cve-2025-5777-attempt?days=30

GreyNoise Visualizer | GreyNoise Visualizer

Just to be super clear, although Citrix claim that CitrixBleed 2 is in no way related to CitrixBleed, it allows direct session token theft - Citrix are wrong. Horizon3 have the POC and it's already being exploited - Citrix were also wrong.

"Not the most novel thing in the world… but this is much much worse than it initially appears. Take a look at the following video where you’ll see that it’s possible to receive legitimate user session tokens via this vector. "

I really don’t understand the push to for a computer replicate what goes on in the human brain. I mean, I know what goes on in mine and it just seems ill advised for a computer to be thinking those thoughts.
"Arrival" Lightwave3d render, with a tip of the hat to scifi artists who continue to inspire me every day.
×
@lukito I install the grape trellace that has been sitting in the shed for 2 weeks and end my turn.