Mastodawn

How Comics Are Made is out TODAY in bookstores! Tracing the steps and telling the stories between a cartoonist’s pen and the newsprint page, my book travels across over 130 years of artistic and technological development. https://howcomicsaremade.com/#preorder

rmogull Jun 4

WTF? I think a moth just flew out of my keyboard?!? And I've been working for over an hour already?

rmogull May 23

Not sure the zoo really thought this one through?

rmogull May 21

This was ficiton in season 3 of the Handmaid's Tale. Except in that case, Gilead ate the costs.

https://rewirenewsgroup.com/2025/05/21/adriana-smith-died-3-months-ago-georgia-could-make-smiths-family-pay-to-use-her-as-a-human-incubator/

Adriana Smith Died 3 Months Ago. Georgia Could Make Smith’s Family Pay to Use Her as a Human Incubator.

Analysis: If the government wants to hijack a uterus, it should at least foot the bill.

Rewire News Group

rmogull May 20

Adam Shostack

May 20

New blog: Free Threat Modeling Training for Displaced Federal Workers

US Government employees (and former employees) are going through a lot of chaos. Many of our colleagues, collaborators, and friends are out of work — suddenly and unexpectedly.

At Shostack + Associates, we can’t fix that. But we can offer something concrete.

In times of uncertainty, we focus on what we know, and what we know is threat modeling and how to teach it. It’s what we do best, and it’s how we can help.

(1/4) full post, links: https://is.gd/nYz3y2

Please share this with anyone you know who’s been impacted. We’ll do our best to make this useful, relevant, and hopefully a step towards something new.

PS: If this sounds good but you’re not an impacted government employee, we have upcoming open trainings at OWASP Global Appsec Barcelona (May) and Blackhat in Las Vegas (Aug 2-3 or 4-5), as well as self-pace trainings and private offerings.

(4/4) Full version, links: https://is.gd/nYz3y2

rmogull May 20

“ Bring me my shark… stat!”

https://www.theverge.com/news/670781/university-of-michigan-zeus-laser-facility-two-quadrillion-watts-most-powerful

The most powerful laser in the US recently produced 2 quadrillion watts of power

The University of Michigan’s ZEUS is now the country’s most powerful with pulses lasting just 25 quintillionths of a second.

The Verge

rmogull May 19

“Enterprises struggle with impalement” is my best typo-that-passed-spellcheck of the day.

rmogull May 9

Just saw Sinners.

Wasn’t just good. Was a damn work of genius.

rmogull May 8

Pen Test Partners May 7

Microsoft Copilot for SharePoint just made recon a whole lot easier. 🚨

One of our Red Teamers came across a massive SharePoint, too much to explore manually. So, with some careful prompting, they asked Copilot to do the heavy lifting...

It opened the door to credentials, internal docs, and more.

All without triggering access logs or alerts.

Copilot is being rolled out across Microsoft 365 environments, often without teams realising Default Agents are already active.

That’s a problem.

Jack, our Head of Red Team, breaks it down in our latest blog post, including what you can do to prevent it from happening in your environment.

📌Read it here: https://www.pentestpartners.com/security-blog/exploiting-copilot-ai-for-sharepoint/

#RedTeam #OffSec #AIsecurity #Microsoft365 #SharePoint #MicrosoftCopilot #InfoSec #CloudSecurity

Exploiting Copilot AI for SharePoint | Pen Test Partners

TL;DR Introduction SharePoint is a Microsoft platform that enables collaborative working and information sharing. This done with team sites. They work like regular intranet pages with graphics and text, but they also give you places to store and manage your files. Notably, when files and images are shared on Microsoft Teams, SharePoint automatically creates a […]

Pen Test Partners