Wait until this dude finds out moms can also write code. In fact, your soccer mom could also be the doctor, financial professional, or “creative type” while also being a soccer mom.
| web | https://whyli.me |
mle✨
- 735 Followers
- 314 Following
- 608 Posts
👽 security research ✨data science 👟 runner 💁🏻♀️ she/her
#infosec / #ml / #cti / #threatIntelligence / #threatResearch / #python / #psychology / #cognitiveScience / #running / #coffee
Push your boundaries or they will become your limits. ⛰️ If I ever go missing, please don’t let the news call me a jogger.
Some random #running thoughts from a #postpartum hobby jogger this morning:
1. YESSSS MOLLY & HANS #BlackCanyonUltras 🥖
2. I’ve always considered myself pretty disciplined with training and workouts, but being a parent to a senior (dog) and an infant (human) has taken this to a whole new level. There is no “I’ll do it later,” there is only “I have an hour and need to make it count.” Plus, I want to make my kid proud. He has become my greatest “why.”
3. Returning to running postpartum has been an adventure. Long way to go before I’m even close to where I was before, but it’s so fun getting to rebuild. Leaning more on (indoor for now) #cycling now and having a blast with that. Thankful for all of it.
I’ve been basically off most social media for a month and wow it has been A Good Thing.
Anyway: I’m alive, have successfully kept a small human alive for over a month (!!!), have been treasuring all our time spent outdoors together, read some good books, and I know blissfully little about what’s happening in security right now (that react2shell thing seemed…bad? overblown? I don’t know and I’m honestly at peace with that for now).
Here’s to a cozy, slightly disconnected end to the year.
Checked in on my annual #running mileage and happy to see how well I maintained this trajectory over the last 9 months! This was supposed to be another “ankle recovery” year leaning heavily on cross training, hence the low mileage target, but it remained attainable throughout #pregnancy.
(Fellow #ultrarunning and #trailrunning friends, please don’t judge my vert 😅)
The Oracle EBS stuff gave me a weird kind of MOVEit nostalgia (?), so I looked at the recent campaign and exposed EBS instances to understand more about possible fallout across industries and geography:
https://censys.com/blog/unpacking-the-oracle-ebs-debacle-industries-geography-and-moveit-comparisons
I recently found some cryptocurrency phishing pages–there's nothing really unusual about that, those are pretty common.
But I stumbled on these because of their weird robots.txt files, which caused me to briefly question everything I know about the 30-year-old web standard that is robots.txt. Why? Well, specifically these lines in the files:
Disallow: /add_web_phish.php
Disallow: /en-us/report
Disallow: /report
Disallow: /phish.report
"add_web_phish.php" is the PhishTank reporting URL. The other endpoints are also phish site reporting endpoints of Netcraft, ESET, etc.
...this isn't how robots.txt works. Like, at all. And that's not the only thing that points to the relative inexperience of the actor behind these pages.
Read more:
Back in 2016, Ubiquiti devices were the target of a defacement campaign in which the actor altered device names to strings like "HACKED-ROUTER-HELP-SOS-HAD-DUPE-PASSWORD".
Nearly 10 years later, we still see over three hundred Ubiquiti devices with these defaced hostnames on the Internet.
Come, take a ride in the time machine with me and revisit this rabbit hole:
https://censys.com/blog/internet-archaeology-a-decade-of-defaced-routers
"Censys has made a list of some of the ICS products commonly targeted by Iranian hackers and scanned the internet to determine how widespread they are and whether their owners and operators have taken steps to secure them in recent months."
https://censys.com/blog/ics-iran-exposure-of-previously-targeted-devices
It’s not often my worlds collide like this, but this is pretty wild.
Coros Pace 3 doesn’t enforce Bluetooth pairing to a device, which leads to a cascading series of things that one could do when rogue connecting to the watch.
All of these are pretty terrible, but I can’t shake the image of someone spectating near the end of a race and disrupting someone’s hard-earned GPS file for their race. Obviously access to health and training data is way more severe, and there are devices and systems way more critical than someone’s GPS watch, but the fact that any of this is even possible is jarring.
On top of this, Coros’s initial response of “we’ll get to it by the end of 2025” is wildly unacceptable. They’ve since clarified their timeline (which is more aggressive) but they didn’t handle this well at all from what I’m reading.
https://blog.syss.com/posts/bluetooth-analysis-coros-pace-3/
Cool highlight of the water HMI exposure research we dropped last week in @zackwhittaker 's This Week In Security newsletter.
In a world of gloomy stories (security and otherwise), it's nice to have research make it to The Happy Corner!
