So I have a presentation tonight, and thought I would promote BornHack a bit @bornhack
It is a very nice, cozy, HYGGE camp in Denmark July 17-24. You should consider it if you need a break from the outside world.
I looked these pictures I took of my camp, and associated KEA tent from last year. It sums up the camp for me, sleeping tent, working tent, serious tent and when the night falls, music and lights
Attacco agli ATM riuscito! Un Tasso del 99% di Efficacia Spaventa tutte le Banche Europee
Nello spazio #digitale si sta diffondendo attivamente un nuovo tipo di #malware#ATM. Il suo tasso di successo, secondo i suoi autori, raggiunge il 99%.
Questo #software dannoso, chiamato “EU ATM Malware”, è in grado di #hackerare quasi tutti gli sportelli #bancomat in #Europa e circa il 60% degli sportelli bancomat in tutto il mondo, il che rappresenta una #minaccia significativa per la sicurezza bancaria globale..
Just spent a week grinding through THM, got some certs out of it... are these any good? I don't know, but I have learned a bunch of interesting things.
Haven't had a job since December, and I'm nearing on 7 months here. I'll take anything that's remote.
I learn fast, I'm diligent, and I don't take shortcuts.
I grok computers good.
Super weird to me that Dropbox has told Dropbox Sign customers to "delete your existing entry and then reset it" if they use app-based MFA. I have never seen "delete your MFA and create new tokens" in post-compromise account hygiene advice before.
I suspect two things:
1.) Dropbox was storing plain text MFA seeds right next to their password hashes
2.) We're going to hear a lot more about this soon.
My book 'PROPAGANDA: from disinformation and influence to operations and information warfare' treats the subject adequately, comprehensively, broadly, expertly. Information surrounds us. How does information influence work? An expert arrangement of the subject. https://blog.lukaszolejnik.com/propaganda-my-book-on-information-security/
@LukaszOlejnik i'm sorry, but when the author says about their own content:
> treats the subject adequately, comprehensively, broadly, expertly.
i have a weird feeling, i mean if this is a quote from an independent expert in the field, that is awesome, but without attribution? really awkward....
@stf Well, I know how I wrote the book - the thing is that I used references through the book, so it is based on sources. And obviously the sentence is "in my view/opinion", since I said that. Would it sound better to you if I spoke negatively about my work? :-)
Security folks, I need some help. My wife is looking for a job after taking a few years off to take care of the kids and she's having a hard time finding legit security opportunities. And the legit ones she does find don't like the gap in her resume.
If you have or know of any legit remote openings for someone with experience in identity and access management, can you please share?
She has her CISSP and while most of her experience is in IAM she's willing to branch out and learn a new specialty. She also happens to be both the faster learner and the smarter one of the two of us!
Adobe Magneto: una pericolosa minaccia RCE per i siti di e-commerce
Gli specialisti di Sicurezza Informatica hanno avvertito che gli #hacker stanno già sfruttando una nuova #vulnerabilità in #Magento (CVE-2024-20720) e l'utilizzatore per implementare una #backdoor persistente sui siti di e-commerce.
Heads up, developers! Hackers are targeting crypto wallets with sneaky PyPI packages. Thousands of downloads already affected. Check your dependencies!