neilmadden.blog/2022/04/19/psy… で紹介されていた CVE-2022-21449 実証コードを手元のOpenJDK17 jshellで動かしてみたが本当に0埋めしたバイト列を署名として署名検証をパスしてしまう😱

Me attempting to catch the CVE-2022-21449 hype train 20hrs late...

Anyone else worried that Jack McBrayer isn't getting enough work? Can we get a Patreon or something going for him?

There's a factory in Gunma, Japan that's making rounds on social media today for the resemblance it has to FF7's Midgar lol. The news even calls it "Gunma's Midgar"😆

Our new hybrid technical-management certification is coming this year! Developed by experienced security operations leaders (managers, heads of, directors) CSOM will transfer real-world knowledge, experience, and skills. Read more here - linkedin.com/feed/update/ur…

#justiceforyaddle

🚨 ALERT 🚨 Python's ctx library and a fork of PHP's phpass have been compromised. 3 million users combined. The malicious code sends all the environment variables to a heroku app, likely to mine AWS credentials.

Seth Green’s Bored Ape NFT, which was set to star in its own animated show, was stolen through a phishing scam. Green no longer owns the commercial rights to the NFT and thus the show cannot move forward. 🔗: buzzfeednews.com/article/sarahe…

When it rains for longer than an hour in #Auckland, commuters turn the roads into a Mad Maxian hellscape. Hurling latte fueled abuse at each other for minor mistakes or cautious driving.

This #Follina thing looks bad. basically if you don't have E5, there's no easy way to prevent it. Detection can potentially be done with Sigma + Sysmon. if you see `msdt.exe` being executed from Office binaries, that's a reliable IoC. still not sure if it respects proxy settings

CVE-2022-29226 Any POC that's a curl one liner... I'm not caffeinated enough... github.com/envoyproxy/env…

Went through a rough breakup tonight... I dug deep and finally gained the courage to tell my local Thai restaurant I'm moving overseas. 8 years of delicious Thai food is alot for any man to walk away from.... We had good times, but I've gotta be strong and do what's best for me

Can NFT's just fuck off already?

When a cybersecurity vendor asks for some time with me, I don't send them my Calendly. Instead, I send them an OpenTable link to make a reservation at my favorite steakhouse. Really narrows down who's serious.

[devastatingly gutted nz voice] nah all good

Like zoinks scoob, he’s a anti semite....

Shit my American Director of Security says: " I hear DoS in New Zealand means Denial of Sheep"

Which one of y'all idiots is still pissing around with #NFT's?

senior Incident responder talking to the interns