fun, useless fact about me: I can plug my nostrils with my upper lip.
fun, useless fact about you: You'll try to do this after reading it, and realize you can't
fun, useless fact about me: I can plug my nostrils with my upper lip.
fun, useless fact about you: You'll try to do this after reading it, and realize you can't
got an insta-pot for christmas. Trying out pot roast in this thing today. after reaching temperature, it claims it'll be done in about 35 minutes. Don't know if I believe that, but I guess I'll see.
chalk this up to monkey see monkey do, or gross incompetence, but I never realized that it was recommended that one sears their chuck roast prior to yeeting it into the pot.
My mom would just throw it in raw, and some hours later, it was still fall apart soft.
Has Ivanti been compromised due to this vulnerability?
No. Ivanti does use our own tools and technology. Ivanti has no indication that it has been compromised. Ivanti uses enterprise-grade technology and security partners to detect, prevent, and respond to increasingly sophisticated threat actors.
C I S C O S Y S T E M S
directory traversal be like
GoAnywhere MFT #CVE_2024_0204 is... path traversal.
[bullshitpath]/..;/wizard/InitialAccountSetup.xhtml re-runs the initial setup wizard, and lets attackers create their own admin account.
https://www.horizon3.ai/cve-2024-0204-fortra-goanywhere-mft-authentication-bypass-deep-dive/
"we can't feed our patented bullshit machine without copywritten data."
thinking about setting the DNS suffix for my IoT wi-fi network to robotlegion.fuckfest
@GossiTheDog btw, thanks for the attackerkb update today. I'm writing up some detection for this.
@feld I have a full size oven with a convection fan, and a toaster oven with a convection fan. Neither of them do what this thing did. But you do you.
I bought myself an air fryer for christmas from costco. I had some folks try to tell me is not different from an oven or a toaster oven with the convect setting, but I'll be damned if these aren't the best fries I ever made without frying them.
touch of cooking spray, freshly cracked salt, and a touch of garlic powder.
pondering pre-made cables over just buying a bulk roll of cat6
look at rj-45 connectors
cat6 straight through
you can just strip the end of the cable, line it up, push the wire all the way through the connector, crimp and cut the excess wire pair cabling at the same time now.
this wasn't a thing when I was going through cisco academy in high school.
youtube warns that it might make your user experience worse if they detect adblockers
How are you detecting it? user-agents? javascript? fucking client-side javascript? That the adblocker can block. Fucking lmao.
You have a few years in which you're led to believe that javascript solves everything, and you forget that the clients have it too and are really good at telling it to fuck off.
I had mandatory training once that was time-gated. as in, they demanded you sit there for 45 minutes. I'm a complete fucking amateur and was able to find the client-side javascript timer doing the countdown and tamper it.
read the chat transcripts got the correct answers, was done in 10 minutes. spent another 10 working out the timer and beating the gate. I don't know what the moral of the story is here, but I just want to keep pointing at, and laughing at google.
pwease disble adbwocker or we make site swower
ublock origin > new filter> www.youtube.com##+js(nano-stb, resolve(1), 5000, 0.001)// 5 seconds is now 1 millisecond
turns out the powerpoint I had spent some modicum of effort over the last three business days putting together to present for work, that the event has been cancelled. Good news is, it was a half an hour time slot, and in reality, it was like 40 minutes of content.
I can file that away for future use.
It was going to be summary talk on zenRAT. Most of the content was focused on the blog, but it was my first time encountering a modular RAT platform with a custom C2.
Part 2 was a double header that was basically a giant fuck you to infostealers.
Senior Security Researcher, Proofpoint Emerging Threats.I've been doing this cybersecurity thing for the better part of a decade now. Probably longer than that. I'm starting to forget. Time is relative, but it surely isn't kind to my memory.I'd like to think I do cybersecurity well, but blue teamers collectively get told they're doing it wrong constantly. So maybe I just failed forward throughout my career.Oh, I wrote a book. Its a good framework for setting up a virtual machine lab. See my bookmarked toots if you're curious.Work-Related hashtags:#Iocs #ThreatIntel #DFIR #Malware #NSM #suricata #snort #BEC #phishing #APT #ThreatDetectionHobbies:#VideoGames #XCOM2 #Minecraft #Synthetik #Fallout #Skyrim #Anime #Manga #Adventure #Fantasy #Isekai #HomeImprovement #WoodWorking #MetalWorking #HomeLab
GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.
All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.