Gonçalo Ribeiro

@goncalor@infosec.exchange
342 Followers
445 Following
3.4K Posts
Defend. Pwn. Infosec. Free software. Vim nerd. #rustlang #electronics
websitehttps://goncalor.com
GitHubhttps://github.com/goncalor

My take: clothes are to be used until they rip apart.

#fashion #sustainableFashion

Respect people who wear glasses.

They paid money to see you.

ℹ️ Update: Internet connectivity in #Egypt remains diminished following a fire at the Ramses Central Exchange; network data show national connectivity at 44% of ordinary levels with services including banking, mobile payments and online trade affected 🏧
おはよう✨
Good morning❣️

This is still one of the best #Mastodon themes out there  😆

Edit: it's a default Mastodon flavour in the Glitch-soc fork:
https://github.com/glitch-soc/mastodon/blob/main/app/javascript/styles/win95.scss

Exploitation IOCs for CVE-2025-5777 aka CitrixBleed 2, these are actively stealing sessions to bypass MFA for almost a month. Some are also doing Netscaler fingerprint scanning first.

64.176.50.109
139.162.47.194
38.154.237.100
38.180.148.215
102.129.235.108
121.237.80.241
45.135.232.2

HT @ntkramer and the folks at @greynoise

Look for lots of connections to your Netscaler devices over past 30 days. More IPs coming as also under mass exploitation. More IPs: https://viz.greynoise.io/tags/citrixbleed-2-cve-2025-5777-attempt?days=30

GreyNoise Visualizer | GreyNoise Visualizer

Just to be super clear, although Citrix claim that CitrixBleed 2 is in no way related to CitrixBleed, it allows direct session token theft - Citrix are wrong. Horizon3 have the POC and it's already being exploited - Citrix were also wrong.

"Not the most novel thing in the world… but this is much much worse than it initially appears. Take a look at the following video where you’ll see that it’s possible to receive legitimate user session tokens via this vector. "

I really don’t understand the push to for a computer replicate what goes on in the human brain. I mean, I know what goes on in mine and it just seems ill advised for a computer to be thinking those thoughts.
"Arrival" Lightwave3d render, with a tip of the hat to scifi artists who continue to inspire me every day.
×

You MUST listen to RFC 2119.

Eric Bailey: It turns out you can just pay people to do things. I found a voice actor and hired them with the task of "Reading this very dry technical document in the most over-the-top sarcastic, passive-aggressive,...
https://jwz.org/b/ykqi

@jwz This is how everything from freedesktop.org/gnome sounds in my head.
@jwz so much more engaging than the voices used in my employer's compulsory online training courses
@jwz I loved number 5. 🙂
I'm literally rolling on the floor, cannot contain the laughter. Thanks for this, I needed it.
@jwz I could do that better

@codinghorror @jwz Prove it

(Seriously, you’ve got a mic, we all need this)

@luis_in_brief @jwz

Yes, go @codinghorror

Even if it's not better we all want to hear your attempt.

@u47 @jwz "it ain't bragging if you can back it up"

@jwz At some point in the far-flung future this is going to be unearthed anew, and future people will assume that this was just how the people who built the internet *were*.

"No wonder civilization broke down completely by 2030," they'll say. "Listen to how absolutely insufferable those people were. Why, they *deserved* to perish in the COVID-locust inferno-canes. Praise be to Vance the Savior!"

@WesternInfidels And they would not be wrong.
New ad suggests Ted Cruz not tough as Texas

A new ad, directed by Richard Linklater, from a political action committee called Fire Ted Cruz hits the senator over his 'Tough as Texas' campaign slogan. The panel discusses.

MSNBC
@jwz I SHALL, but only because I want to and this is fucking hilarious.
@jwz he left it all in the booth and we respect that
@jwz this is so good :)))
@jwz I started playing that in Ivory’s in-app browser and as it turns out closing Ivory’s in-app browser does not stop playback, so now I’m getting the full experience with no way to stop it lol (other than killing the app)
@jwz absolutely brilliant!
@jwz ....I should pay pmseymour to read IP over Avian Carrier...
@jwz
This is gold.
I MUST, SHALL, and WILL boost this

@jwz
Reminds me of the reading of DECSS by Xader Vartec

https://decss.zoy.org/decss-read.mp3

Especially dramatic in minute 3-4

More on Wikipedia :

https://en.wikipedia.org/wiki/DeCSS?wprov=sfla1

@jwz this should be called the "but aksually" RFC.
@jwz This just made my day! Absolutely awesome!
@jwz This guy has replaced Morgan Freeman as the narrator of my day
@jwz I don’t know how much he paid the actor for this, but I’m sure it was worth every penny. 🤣
@jwz I'm willing to contribute to a crowdfunding effort to have every rfc narrated like this.
@jwz new ringtone just dropped.
@jwz Downloading this to loop during my plane rides tomorrow
@jwz kinda wanna remix it
@jwz I'm in tears
@jwz I don't know whether I want to congratulate the voice actor, or slap the hell out of them.
@jwz This is more hilarious than I imagined and I could almost imagine I was hearing it in the voice of Astarion.
@jwz Well this is certainly helping with travel planning for the next IETF meeting.