Jayson Salazar Rodriguez

@jdsalaro
40 Followers
48 Following
69 Posts

⚙️ #opensource #infosec #devsecops
#software #datascience

✏️ https://jdsalaro.com
🏕️ https://lascordilleras.com

Jayson Salazar RodriguezMar 24
OpenSSFMar 23

📣 We're launching the OpenSSF Ambassador Program!

Applications are now open on a rolling basis. Help us create a future where software is universally trusted and secure.

Learn more: https://openssf.org/blog/2026/03/23/introducing-the-openssf-ambassador-program/

#OpenSSF

Jayson Salazar RodriguezMar 7
OpenSSFMar 6

#AgenticAI is moving fast -- but is it secure? 🤖🔐

📅 Join us for an OpenSSF Tech Talk on the practical realities of securing agentic systems on March 17, 1PM ET!

Hear from experts from Microsoft, Canonical, TestifySec, and Thread AI!

Register: https://openssf.org/resources/tech-talks/tech-talk-securing-agentic-ai-in-practice-from-openssf-guidance-to-real-world-implementation/

#OSSSecurity

Jayson Salazar RodriguezSep 6, 2025
PhrackSep 6, 2025
Extensive analysis of PHRACK's "North Korea Files"🇰🇵
https://dti.domaintools.com/inside-the-kimsuky-leak-how-the-kim-dump-exposed-north-koreas-credential-theft-playbook/
🔥
* “the most comprehensive and technically intimate disclosures”
* “a smoking gun”
* "clear evidence ... infiltrate the nation’s digital trust infrastructure at multiple levels”
* “far beyond phishing”
* “uses binary merging technology”
Jayson Salazar RodriguezFeb 16, 2025
PhrackFeb 15, 2025

Hackers rejoice!

We are releasing the Phrack 71 PDF for you today!

Don't forget this year is Phrack's 40th anniversary release! Send in your contribution and be part of this historical issue!

The CFP is still open, you can find it and the PDF link at https://phrack.org

PHRACK CALL FOR PAPERS

Jayson Salazar RodriguezFeb 3, 2025
Ed SummersFeb 2, 2025

It looks like someone uploaded a 98 GB snapshot of CDC datasets as of January 28, 2025 to @internetarchive

https://archive.org/details/20250128-cdc-datasets

Edit: this post originally indicated that it looked like the CDC uploaded the data, but we don't really know who did it.

CDC datasets uploaded before January 28th, 2025 : Centers for Disease Control and Prevention : Free Download, Borrow, and Streaming : Internet Archive

An archive of all CDC datasets uploaded to https://data.cdc.gov/browse before January 28th, 2025. Excludes corrupt datasets and data not publicly accessible.

Internet Archive
Jayson Salazar RodriguezJan 26, 2025
BillJan 26, 2025

Hang on now. How did they get this Juniper backdoor installed??

https://www.theregister.com/2025/01/25/mysterious_backdoor_juniper_routers/

Slick C2 coding tho.

#malware #infosec

Someone is slipping a hidden backdoor into Juniper routers across the globe, activated by a magic packet

Who could be so interested in chips, manufacturing, and more, in the US, UK, Europe, Russia...

The Register
Jayson Salazar RodriguezJan 1, 2025
Electronic Frontier FoundationJan 1, 2025
Government agencies in Latin America cannot sacrifice privacy and accessibility in their initiatives to digitize governmental processes https://www.eff.org/deeplinks/2024/12/deepening-government-use-ai-and-e-government-transition-latin-america-2024-review
Deepening Government Use of AI and E-Government Transition in Latin America: 2024 in Review

Policies aimed at fostering digital government processes are gaining traction in Latin America, at local and regional levels. While these initiatives can streamline access to public services, it can also make them less accessible, less clear, and put people's fundamental rights at risk. As we move...

Electronic Frontier Foundation
Jayson Salazar RodriguezSep 9, 2024
Amethyst BasiliskAug 19, 2024
It's here! #Phrack officially released online, and with it my article! http://phrack.org/issues/71/9.html#article It's about writing a good virus, using oldschool techniques to show you how effective old stuff can still be! #infosec #malware
.:: Phrack Magazine ::.

Phrack staff website.

Jayson Salazar RodriguezApr 28, 2024

People ask me why I use asdf.vm, so I wrote a quick tutorial for curious friends on why and how to use it effectively. Let me know what y'all think 💬 !

https://jdsalaro.com/tutorial/asdf-single-package-manager-multiple-dev-environments

#programming #python #ruby #golang #nodejs #javascript #software #asdf

🪄 Install asdf: One Runtime Manager to Rule All Dev Environments

Almost everyone I know who uses a computer, for...

Jayson Salazar Rodriguez | @jdsalaro | Blog
Jayson Salazar RodriguezApr 2, 2024

Regarding the #XZ Utils #backdoor, some are looking for culpability in #FOSS, but a point we should echo louder is that although FOSS _might_ have delivered on its weaknesses it also, and most importantly, delivered on its strengths.

Yes, there was an element of luck in the discovery of #CVE-20240-3094, but it is undeniable source code availability and other FOSS customs tipped the scale in the community’s favor. 

I've put some of my thoughts on this matter over at https://jdsalaro.com/note/xz-liblzma-linux-backdoor-foss-pitfalls-strengths

🚨 On the XZ Utils Backdoor (CVE-2024-3094): FOSS Delivered on its Pitfalls and Strengths

The newly discovered backdoor 1 in the XZ Utils...

Jayson Salazar Rodriguez | @jdsalaro | Blog