“Under the hood: How Chrome's ad filtering works”
http://blog.chromium.org/2018/02/how-chromes-ad-filtering-works.html
"Best firewall rule analyzer for firewall ruleset hardening" by Guurhart on @Peerlyst https://www.peerlyst.com/posts/best-firewall-rule-analyzer-for-firewall-ruleset-hardening-guurhart
#HASHCAT now support cracking of Ethereum Wallets: https://pastebin.com/iVXR6hBv
A Toast to Kerberoast http://www.blackhillsinfosec.com/?p=5914
France says no to nationalism http://www.bbc.co.uk/news/live/world-europe-39823865
It's ridiculous is how much of the media says Wikileaks is responsible for publishing #MacronLeaks (they're not). Or that Wikileaks is involved in a more meaningful way than just tweeting about them.
So far, it looks like someone posted a link to the docs on 4chan, some racist asshats started tweeting about it, and Wikileaks noticed and starting tweeting too.
Sure, Wikileaks spreads crap like this (there are fakes). But it's disingenuous to blame them for this leak. Facts are important.
[worth watching] Catch me if you can by Harmjoy
https://youtu.be/Hhpi3Sp4W4k
#bind9 extenal lookups; forward lookups working nicely, reverse NXDOMAIN's (internal reverse zones works just fine). #confused #mastodonbrain #help
@thorsheim Did you just eat surströmming b4 taking profile pic? 😉
Heading to Stockholm to be the moderator of another dinner debate with Swedish CISO's about GDPR tonight. Very interesting to discuss and learn from experiences gained by others. Also: all agree compliance is minimum, but you have to do more to stay competitive, and earn your customers trust.
Couldn't agree more!
http://bizzgrid.com/talks/gdpr-for-the-ciso-is-it-a-friend-or-foe-18
Great #python cheatsheet
Nessus reporting a Tenable appliance issue is just poetic justice... BTW, got a root shell 😁
For more details: https://vuldb.com/?id.100459
Hey #infosec - Tavis has just claimed, quote, "the worst Windows remote code exec in recent memory."
If it's as bad as advertised...well, time to make sure the hatches are battened down.
Tavis Ormandy and Natalie Silvanovich claiming discovery of " the worst Windows remote code exec in recent memory. This is crazy bad. Report on the way. 🔥🔥🔥
Attack works against a default install, don't need to be on the same LAN, and it's wormable."
https://twitter.com/taviso/status/860681252034142208
I can't help but feel that despite Natalie and Tavis' work the windows bug is noise. It'll come, it'll be patched, it'll go. People will still use shit passwords, use shonky 3rd party software. And run outdated web apps. Most people don't get popped by big ticket 0day
Jeebus Cribs I will tar and feather Outlook developers.
For a month I've been debugging a single user who could not use password reset links generated by our SSO. "Token expired" every single time.
"[Outlook Webmail] tries to render the user action URL in the email and sends a request to open the URL. When this happens the key is used and invalidated for further requests."
