S10k

@macilath@infosec.exchange
12 Followers
85 Following
48 Posts
SWE getting involved with Security engineering. Learning stuff about #AppSec and #CloudSecurity.
S10kMar 14
garryMar 13
do not turn off the bus.
S10kDec 16, 2024
Hello friends and happy #CyberMentoringMonday!
I have been recently promoted to managing the dev team I am on, and am seeking a #mentor or #advice on navigating this change.
I’d also like to eventually find a mentor or coach for furthering my career to enter the security side of cybersecurity.
S10kDec 6, 2024
Tixie SalanderDec 6, 2024
Doctor: "you definitely have clinical burnout."
Me: "Oh man. Well, how long is that going to take to fix, because I've got a _lot_ of stuff that needs doing."
Doctor: …
Me:
Me: what?
S10kNov 25, 2024
Royce WilliamsNov 25, 2024

Potentially unpopular take:

Attribution is a distraction.

Most orgs are not mature enough for attribution to actually differentiate response (just like honeypots).

Layer 8 is obsessed with attribution -- perhaps to make things more dramatic / urgent? -- so it persists.

So such things get chased, to the detriment of the basics.

S10kNov 21, 2024
Taggart Nov 20, 2024

Here's a bit of a peek into what I've been working on. Yes, this is a UI only an engineer could love.

Introducing Venture, a cross-platform Windows Event Log viewer written in Tauri (Rust + React). Venture allows you to review Windows log files on any platform you like, with easier search/filtering than the existing event viewer.

It's still early days, but I'm excited by what we have so far. It's also very fast, which I know evtvwr users will appreciate.

Still to do: make it pretty, add export options, and add tagging/flagging for events for easy review and reporting.

S10kNov 20, 2024
SophieNov 20, 2024

Mastodon: Bluesky is Bad, actually
Bluesky: Mastodon is Bad, actually

It’s like a shit version of West Side Story. how long before a Mastodon user and a Bluesky user fall in love while communicating exclusively over the fedi bridge

S10kNov 6, 2024
Very Hairy JerryNov 6, 2024
I feel like I shouldn’t have to say this, but now is really not the time to be assholes to other people. And no, your hot take on who screwed up or what went wrong is probably not helping in any way.
S10kOct 31, 2024
Ian Coldwater 👻🌿Oct 31, 2024
I don’t know who needs to see this, but here is a baby lamb
S10kOct 23, 2024
Show threadBrianKrebsOct 23, 2024

Other reporting on this:

404 Media's take: https://www.404media.co/inside-the-u-s-government-bought-tool-that-can-track-phones-at-abortion-clinics/

NOTUS: https://www.notus.org/technology/cell-phone-tracking-law-enforcement-abortion-clinic

Haaretz (English version should be available in a few hours): https://www.haaretz.co.il/news/security/2024-10-23/ty-article-magazine/.premium/00000192-b90c-dc97-a593-f96f50800000

Not sure when the NYT will be publishing. My impression was they were planning to cover the regulatory side of this in detail.

Inside the U.S. Government-Bought Tool That Can Track Phones at Abortion Clinics

Privacy advocates gained access to a powerful tool bought by U.S. law enforcement agencies that can track smartphone locations around the world. Abortion clinics, places of worship, and individual people can all be monitored without a warrant.

404 Media
S10kSep 27, 2024
Very Hairy JerrySep 27, 2024
@GossiTheDog MY VULNERABILITY IS SEVERE!!1 WHY ARENT YOU PANICKING?!?!?