Just got this email from Google Fi of a breach, doesn't indicate which third party had the breach.

Indicates they have my sim card serial and activation dates, sound like a purchase order.. I think the important info is that my phone number may be included.

Given an attacker may have the sim serial and my number how exposed am I to them socially engineering an attack calling up the telecom with that info? Is this serious or a nothing burger?

Please boost if you know someone that may have a good answer. #GoogleFi #Security #Leak #3rdParty

When we arrived the hotel had a boiler fire earlier this week and canceled our reservations without contacting us. So parked now farther away and freezing our butts off while waiting for things to start.

My wife thinks I'm too anxious about planning and doing anything....but this is the kinda confirmation bias that convinces me to just stay at home and forego all the stress all over planning and traveling time and time again.

Trying to stay in a good mood for the rest of the family....

Stay safe out there... Just got this in an email. The email is PayPal's and it almost looks legit. Scammers trying to get you to pay them now with a misleading PayPal payment request. #scam #psa

Anyone else gotten these lately?

Participated in @Digit4lOverdose 's #DOCTF #CTF over the weekend. It was a lot of fun! You can still try them out right now I think. https://digitaloverdose.ractf.cloud/

Many of the challenges were written by @AtomicMaya and they were fantastic, their's particularly were innovative, and not just finding a tool that exists, but writing your own.

I have to admit, I made it hard on myself and found at least two bugs in how the flags were constructed (one was giving me a dynamic answer!) I also broke one and found the flag with an unintended breakage of an API. I also broke a pwn challenge by rewriting a .htaccess file where the solution was uploading an HTML file with SSI instead; oops!

The #1 thing I learned though is that I need a couple of buddies to team up with on these. Especially if I want to be competitive. I'm pretty good, but I'm stubborn and waste a lot of time on things other people are better at where I should be tackling the challenges I'm best suited for.

I got all the PWN and Web challenges and most of the others, so if ya have any questions about how something was solved, just give me a ping!

Does anyone know of a good kiosk like implementation or tricks I can throw on a laptop? I need it to secure the laptop so it can only login and use a single website. I don't want it to follow links outside of the domain of the page but still allow embedded videos from other domains. If somehow it can be setup with multiple logins to the same site with different user states for the browser that would be ideal.

Even if it was just a desktop shell replacement for windows or Linux configured per system user that be good enough...I hope. Only need it for a 7 and 10 year old user.