Hard coded credentials, huh? This could be a bit messy, and the people who are most likely to be impacted are probably not watching these threads. Yuck. arstechnica.com/security/2024/… #cybersecurity #0day

I worry about this stuff more than most, I think. I mean, I use PyPI all the time... ugh. More sleepless nights. tuxcare.com/blog/pypi-mali… #python #CyberSecurity

Yikes. I might have fallen for this - I do tend to use stars as a proxy for legit. Help. thehackernews.com/2024/04/beware… #github #cybersecurity #trojan

Hmmm. #Vishing is a thing, and this attack is quite complex, but likely to work. helpnetsecurity.com/2024/04/19/las… Building a connection and drawing people in is a time-honored #socialengineering #phishing technique. #CyberSecurity

This is actually pretty interesting and complete - if you happen to need an #API #cybersecurity checklist, you could do a lot worse: wesecureapp.com/blog/the-only-… Amazing how often you find issues here too...

This is interesting as a concept: securityweek.com/nagomi-securit… I do agree that defenders absolutely don't make the best use of the tools they have. If this helps harvest value of already-spent money, it could be cool. #CyberSecurity

Haven't read the technical breakdown on this #chrome #vulnerability yet, but I STRONGLY recommend patching immediately. It's not like it's hard, come on now! securityweek.com/google-patches… #CyberSecurity

This is interesting - I feel like the market is slowly starting to move again in #cybersecurity world... securityweek.com/darktrace-to-b…

Online #anonymity is such an interesting area... it gets used for stuff like this: securityweek.com/okta-warns-of-… but is also really important for people being able to communicate openly and freely. #cybersecurity is hard. :(

I do think digital impersonation is a problem that extends well beyond #phishing, and I think it's a tricky problem to solve... Some food for thought here: lastwatchdog.com/news-alert-mem… #CybersecurityProdigy

Oof: bbc.com/news/articles/… This gang is definitely doing the rounds right now; looking forward (?) to learning exactly what happened so others can go "shields up". #cybersecurity #breach

Seriously Tennis Channel - you put the FINAL SCORE of the men's finals on the right hand side of the screen DURING the afternoon showing of the finals (actually, in set 1)? Do you think that was helpful? I'd been avoiding news feeds all day looking forward to the match :(

A very predictable surprise: darkreading.com/vulnerabilitie…. Drivers have such low-level access to the system, and it's completely wrong to think there's not more than one computer inside your "computer"... #cybersecurity #GPU

I've been thinking about systemic #resilience in #cybersecurity quite a bit, and put some thoughts down to help me grok it. Maybe you'll find it interesting... linkedin.com/pulse/we-ever-… via LinkedIn

Once again, speculative execution jumps up and bites us: arxiv.org/pdf/2406.08719. If you don't have time to read the paper, Eduard Kovacs summary is spot on: securityweek.com/new-tiktag-att… #cybersecurity

In ICS-world, sometimes it's hard to keep up to date, as the pressures of productivity and uptime can be high. This warning from Cybersecurity and Infrastructure Security Agency is pretty important, as I'm pretty sure some of those switches are out there in production: securityweek.com/cisa-informs-o… #cybersecurity

Temperatures in Austin, TX... #showyourstripes. Yikes! If anyone wants to check the data, it's here: showyourstripes.info/l/northamerica…

This still causes me physical pain: xkcd.com/635/

From the BBC News (UK) Q&A (aka "explainer") on the #UKElections2024: "Can I vote if I've been drinking?" Ah, Britain, how I miss thee.

OMG. This is driving me mad. Who gives the voices on an IVR a name? "Hello Richard, my name is Brooke. How can I help you today". I KNOW I'm talking to a machine. Ugh. Giving it a name doesn't make it less annoying.