March 23, 2023

Open source libraries should stop forcing their way into the code base of billion $ companies. just stop!

— Aristotle Tzafalias (@Aristot73)
6:57 AM • Mar 23, 2023

Some genuinely staggering foreign interference stories coming out of Canada right now

— Stephen Dziedzic (@stephendziedzic)
10:44 PM • Mar 22, 2023

I did a little digging to see why Windows Snip and Sketch leaves part of the old image in a file when you crop a screenshot, potentially disclosing sensitive information (Acropalypse). It looks like the new Windows Save File API is defective by design. Why do I say this?🧵 1/9

— Steven Murdoch (@sjmurdoch)
7:29 PM • Mar 22, 2023

I just did some digging into that “USB Bomb” story.

So here is a quick thread on what it looked like, the damage it did, and the pretext.

🧵1/n

— MG (@_MG_)
5:45 PM • Mar 22, 2023

So this looks to be one of the unexploded drives. Which indicates a modified brand name thumb drive.

Note reads:

THE INFORMATION IS GOING TO UNMASK THE CORREISMO.

THINK IT'S USEFUL, WE CAN REACH AN AGREEMENT AND I'LL SEND YOU THE SECOND PART.
🧵2/n

— MG (@_MG_)
5:45 PM • Mar 22, 2023

PARCH YO’ SILIC… actually, never mind - Researchers Spot Silicon-Level Hardware Trojans in Chips, Release Their Algorithm for All to Try - Hackster.io

— cje (@caseyjohnellis)
5:17 AM • Mar 23, 2023

[Casio headquarters, 1975]

CEO: We need to make our calculators more versatile. Give me your ideas.

First executive: Maybe they could also be phones?

Second executive, a smoker who often oversleeps: I have a better idea.

— John Lyon (@JohnLyonTweets)
11:19 PM • Mar 22, 2023

Pro tip: Stop thinking of serendipitous texts as “spam”, use them as opportunities to network.

— @@[email protected] (@ProfJeffJarviss)
1:15 AM • Mar 23, 2023

Gigachad Ken Thomson. reddit.com/r/programmerhu…

— Programmer Humor (@PR0GRAMMERHUM0R)
1:00 AM • Mar 23, 2023

Success! @testanull of @starlabs_sg was able to execute a 2-bug chain on Microsoft SharePoint. They earn $100,000 and 10 Master of Pwn points. #Pwn2Own#P2OVancouver

— Zero Day Initiative (@thezdi)
7:04 PM • Mar 22, 2023

Malware samples found while investigating targeted attacks often create hidden services to avoid detection on a live system. In our new blog post, we detail two new @volatility 3 plugins that automatically detect these hidden services within memory samples.

#DFIR#infosec

— Andrew Case (@attrc)
6:23 PM • Mar 22, 2023