Area41 is a really good event, run by the community for the community. The crowd is a healthy mixture and super friendly and Zürich always worth a visit.

Go submit

🤗👍👏

📢 #Yeti is now part of the ODFIR infrastructure automation project!

It's never been easier to connect it to a Timesketch instance and enrich all your sketches with juicy forensics intelligence ✨ More details here 👇🏻

osdfir.blogspot.com/2024/04/welcom…

#DFIR #CTI #Timesketch

We need more pages offering RSS feeds

the CallForPaper for AREA41 conference is open!
Submit your A game of technical research to be a part of this conference🤓
⏳You got till end of April⌛️

area41.stfn.ch/2024/

The xz package tar's were backdoored. Only discovered because the backdoor slowed down sshd enough for Andres Freund to investigate.

Consider the case where the backdoor didn't cause perf issues... How long would this have gone undetected?

openwall.com/lists/oss-secu…

🪲And the 2023 Year in Review of Zero-Days Exploited In-the-Wild is out!

This year I teamed up with Jared Semrau & James from Mandiant to write a joint report combining our expertise and providing a more holistic view on in-the-wild 0-days in 2023 🔥🧐

blog.google/technology/saf…

Exciting. I guarantee participants to learn something.

This is a good example how to disclose things. Kudos to Christian and the team. Well done.

Today, we're releasing an attack advisory that mentions affected vendors and how network operators can defend against the attack. It is the result of a joint academic-industry effort to prepare for such loop DoS attacks. cispa.saarland/group/rossow/L… 3/4

It's great to be at Google's Fighting Misinformation Online conference where I will be speaking on election threats. It's inspiring to see such a range of initiatives on display, ranging from pre-bunking disinformation to engagement with civil society.

Wir listen von nun an APT-Gruppen auf, die gegen Ziele in Deutschland aktiv sind.

Die Quellen sind die eigene Sensorik im Regierungsnetz, vom BSI behandelte Vorfälle, sowie freigegebene Meldungen von Partnern.

Demnächst wird es weitere Seiten geben.

bsi.bund.de/DE/Themen/Unte…

Take this from someone who learned it the hard way:

If you text your buddy asking how he’s doing & he replies “I’m in a dark place”, you don’t text back “Sorry dude, let me know if I can help”.

You get in your f’ing car & go find him immediately.