sugar

@[email protected]
13 Followers
5 Following
16 Posts
🚩 red team | malware | webscraping and bigdata | osint and socmint AF382B056527C425DBEEBB6E9BEDC4DD3CAEFE4A
githubhttps://github.com/azuk4r
pgphttps://defcon.social/@sugar/115531282599310162
sugarJan 27

The clawdbot thing is a security mess. Please, do yourself a favor and don't trust AI agents that execute commands on your system

No matter how much you invest in cybersecurity, you can never be 100% secure, It's only a matter of time before things get funny

Show threadsugarJan 20

@cyberseckyle

When the tool is finished, I'll send it to you so you can review the different stealth techniques and data exfiltration features. I'll try to explain everything as clearly as possible so others can learn from it as well.

Best regards!

Show threadsugarJan 20

@cyberseckyle

I am working on a PoC for a spy browser extension.

sugarJan 20
I love the concept of a cyberbunker but not for offering bulletproof services btw
Show threadsugarDec 10

@belladonnalily

I really hate meta products.

Show threadsugarDec 10

@belladonnalily

Meanwhile on X you can bypass the phone number verification to get premium verification if you make the purchase through a gift from another account that is already verified.

And apparently, a phone number can be used to verify a maximum of 10 accounts... They are not achieving anything with these unnecessary verifications. What they are achieving in the case of X is that the best-quality bots invest money in them and that all users have poor privacy.

Source: https://medium.com/@ItsNotNicole/twitter-x-premium-account-verification-bypass-vector-of-sorts-gift-subscriptions-10487844f976

Show threadsugarNov 26

@nuke

Molto interessante.

Quando ancora accadono cose del genere, mi sembra sorprendente che l'Europa stia davvero valutando di analizzare automaticamente con l'IA tutte le immagini e i testi che inviamo tramite le applicazioni di chat.

Siamo ingenui quando riponiamo così tanta fiducia nelle nuove tecnologie. Continuerò a usare il mio browser abituale, grazie.

sugarNov 26
A secure device is one that is turned off.
sugarNov 26

What is happening on X and other platforms with regard to where an account is based is a violation of your right to privacy. The standard user is too vulnerable. People shouldn't have to be privacy nerds to be protected; privacy should be by default, not an option.

I can understand collecting certain data about users, but making it public to "combat bots"? That's complete bullshit. Just as Cloudflare doesn't stop my bots, neither will this stupidity.

sugarNov 15

For 17 years, software that handles critical data used a default public encryption key until 2020: GLPI£i'snarss'ç

And now Europe wants to ban encryption... 😂

https://fightchatcontrol.eu/
https://nvd.nist.gov/vuln/detail/CVE-2020-5248

Fight Chat Control - Protect Digital Privacy in the EU

Learn about the EU Chat Control proposal and contact your representatives to protect digital privacy and encryption.