da_667RE: https://infosec.exchange/@runZeroInc/116267641061407900
They also have a cool caesar cipher challenge!
| Blog | https://www.skullsecurity.org |
| GitHub | https://github.com/iagox86 |
| Bluesky | https://bsky.app/profile/iagox86.bsky.social |
Ron Bowes
- 1.7K Followers
- 392 Following
- 2K Posts
Principal Security Researcher @ GreyNoise
dude. Why are you running/installing telnet
I want live pcaps for this.
A 32-Year-Old Bug Walks Into A Telnet Server (GNU inetutils Telnetd CVE-2026-32746)
A long, long time ago, in a land free of binary exploit mitigations, when Unix still roamed the Earth, there lived a pre-authentication Telnetd vulnerability. In fact, this vulnerability was born so long ago (way back in 1994) that it may even be older than you. To put the timespan
NorthSecNorthSec 2026 speaker lineup is here ...and it's our best yet!
31 talks & workshops. Two days in Montréal. Tickets going fast (get yours by April 1st to secure a badge and a t-shirts). 👇
𝗧𝗮𝗹𝗸𝘀:
• Guillaume Valadon & Gaetan — Private Key Leaks in the Wild: Insights from Certificate Transparency
• Philippe Pépos Petitclerc — A systematic approach to evading antivirus software
• Émilio Gonzalez — Increasing detection engineering maturity with detection as code
• François Labrèche — A Needle in a Haystack: Identifying an Infostealer Attack Through Trillions of Events in a Large-scale Modern SOC
• Wietze — Trust me, I'm a Shortcut - new LNK abuse methods
• Reza Sharifi — Internet Blackout 2026 in Iran — Next-Level Internet Censorship: A Technical Breakdown of Techniques and Tactics
• Andrew Buchanan, Max CM & Connor Laidlaw — Commit, Push, Compromise: Attacking Modern GitHub Orgs
• Dirk-jan Mollema & Sanne Maasakkers — Researchers vs. Threat Actors in Cloud Attacks
• Jeremy Miller — Measuring AI Ability to Complete Long Cybersecurity Tasks
• Manu Jose — The Merchant of Venice: Trading Latency for Security at Scale
• Joshua Prager & Ben Schroeder — Mapping Deception Solutions with BloodHound OpenGraph
• Christian Paquin — Doxxing-proof authentic digital media: trust the asset, protect the source
• Robbe Van Roey — Hacking Browsers: The Easy Way
• Ron Bowes — Adventures in Process Injection (How I Accidentally Built a Debugger - Again!)
• Xavier Facélina — Le futur s'invente avant-hier
• Charl-Alexandre Le Brun & Simon Lachkar — The OpenGraph diary: Attack path management applied to Ansible
• François Proulx — Living Off The Pipeline: Defensive Research, Weaponized
• Pierre-Nicolas Allard-Coutu — Stolen Laptops: Defeating DMA Countermeasures
• Philippe Marchand — Cybermenaces géopolitiques au Canada: État des lieux et perspectives stratégiques
• Kristine Barbara — From Experts to Everyone: Democratizing Threat Modeling at Ubisoft
• Chirag Savla — When Serverless Becomes a Foothold: Abusing Azure Function Apps in Modern Cloud Environments
• Brad Edwards — APTL: An Open Source Agentic Purple Team Lab
• Maxime Arquilliere & Coline C — Sold to the highest bidder: the escalation of ADINT from geolocation tracking to intrusion vector
• Sébastien Dudek — Hacking 5G: From Radio Security to the APIs
𝗪𝗼𝗿𝗸𝘀𝗵𝗼𝗽𝘀:
• Logan Maclaren & Lewis Moore — Command & Conquer: A hands-on C2 primer for aspiring Red & Blue teamers
• Santiago Abastante — AWS Security - The Purple Team Way
• Faan Rossouw — Agentic AI for Threat Hunting
• Ben Gardiner — Hardware RE: a gentle intro
• Tammy Harper — The Ransomware Negotiation Lab
• Mark El-Khoury — DIY Continuous Security: Practical Security Engineering
• Ashley Manraj & Philippe Dugré (zer0x64) — Breaking and Hardening the Cloud: Advanced Hooking and Shellcoding in a Hardened Environment
Vissread this and try to tell me cloud wasnt a mistake
8 Million Requests Later, We Made The SolarWinds Supply Chain Attack Look Amateur
Surprise surprise, we've done it again. We've demonstrated an ability to compromise significantly sensitive networks, including governments, militaries, space agencies, cyber security companies, supply chains, software development systems and environments, and more. “Ugh, won’t they just stick to creating poor-quality memes?” we hear you moan. Maybe we should, maybe
I'm so proud of the @BSidesSFCTF team - 10 years (11 challenges) later and they're all still killing it with a huge variety of cool challenges of all difficulty levels!
https://www.propublica.org/article/microsoft-cloud-fedramp-cybersecurity-government
go to the cloud they said
it'll be fine they said
Federal Cyber Experts Thought Microsoft’s Cloud Was “a Pile of Shit.” They Approved It Anyway.
A federal program created to protect the government against cyber threats authorized a sprawling Microsoft cloud product, despite the company’s inability to fully explain how it protects sensitive data.
RE: https://mastodon.social/@osxreverser/116250513945331454
This is incredible! 1000% worth reading to the end
Simon BrookeGuess who's behind the sudden rush of age verification legislation?
In the US, #Meta is spending $26.3 Million to hire at least 86 Lobbyists from 40 lobbying firms, and lobbying in at least 45 states. It is confirmed that Meta wrote the Louisiana age verification bill.
In the EU, Meta is spending ten million euros annually on lobbying, retaining 18 lobbying firms.
Edit: this article is based on LLM generated material, and I haven't spent the time to check its sources
Jon SnowA redditor (Ok_Lingonberry3296) traced $2 billion in nonprofit grants and lobbying records across 45 states to figure out who's behind the age verification bills.
The answer is Meta - a company that profits from your data writing laws that collect more of it.
Page: https://github.com/upper-up/meta-lobbying-and-other-findings?tab=readme-ov-file
Page backup: https://archive.ph/2026.03.13-193015/https://github.com/upper-up/meta-lobbying-and-other-findings?tab=readme-ov-file
Reddit discussion: https://web.archive.org/web/20260313143853/https://www.reddit.com/r/linux/comments/1rshc1f/i_traced_2_billion_in_nonprofit_grants_and_45/
#Meta #Facebook #AgeVerification #privacy #surveillance #dystopia #socialmedia #technology
cR0w 
🏴☠️