Show more

Germany wins, 2-1, against . Ladies haven't lost 3 in a row since early 90s. Here's to reversing the trend on Sunday!

Rapinoe ties it up for (63rd international goal).

Durn. Germany up by one on . US goalie Murphy had a great save, but the ball wasn't cleared well enough.

@SaltyVeruca If you don't drink spirits often, maybe go with a cocktail. A whiskey sour or a Manhattan is nice and either are pretty easy to make. You could cut it with some seltzer or a light soda, if you like. Drinking with a cola would be a waste, imho. I generally have Bourbon with some ice or neat, depending on the whiskey and my mood.

: Day 3a : Watched BHIS Webcast: Securing AWS: Discover Cloud Vulnerabilities via Pentesting Techniques w/ Beau Bullock. Adding checking out CloudGoat and getting familiar with weirdAAL to the list.

: Day 2a : Attended monthly security meetup. Help a peer tackle a wifi ctf. Don’t know much about wifi, but we muddled through.

I've had this going on for about five days now. Now, I pass it to you: youtu.be/rGKfrgqWcv0 Enjoy!

: day 1a: Missed yesterday. An internal org sent a link to a Wordle-type site as part of an awareness campaign for their services. At the end of the URL is some jumbled characters. Wonder if it's the word in encoded or encrypted format... Site let's one create a link to a word of their choosing. Trivial to go to the site and work out a key. They used the Vigenere Cipher. I win. (I'm also wkrup.)

: Day4 : A good chunk of time in Release Arena. Banged on Flight, a hard Windows box. I've gotten user with some nudges from a Discord group I worked with. Still working on root. Been a while since taking a crack at a Windows box.

@asmitty Bummer that you feel that way. I'm empathetic, there is a lot of fundamentally awful rhetoric being tolerated and amplified. Your analysis sounds like an appropriate application of the 'Precautionary Principle'.

@Kipp I'm anchoring on _Web Application Hackers Handbook_, so if web apps are your jam, take a gander at the Practical Web Application Security and Testing class at academy.tcm-sec.com. It's very accessible and comes with a Discord invite that's been a good place to dwell. I'm also a fan of _Hacking APIs_ by Corey Bell, I liked the labs he walks the reader through.

ath0 boosted

Microsoft Warns on Zero-Day Spike as Nation-State Groups Shift Tactics

One of the most troubling manifestations of the trend is the increasing use among nation-state actors of zero-day vulnerability exploits in their attack chain. Microsoft's research showed that just between January and June of this year, patches were released for 41 zero-day vulnerabilities between July 2021 and June 2022.

darkreading.com/attacks-breach

@ghostrodeo Yeah. Also a test for any UEBA/ML type tooling. I fully expect EDR to catch out-of-the-box with signatures, but it's gotta be tested. I'm in process of finding a counterpart on the SOC team to work with to make the exercise 'purple': "Okay, here's the basic config. Didja see it? Okay, let's try w/some obfuscation...", etc.

: Day3 : More time working on PWST, sections 4-8 through 4-13. Videos were short, so don't too excited. There a 'more practice' video left in section 4, so plan is to spend some time on that tomorrow.

@ghostrodeo This is tool is on my list for the same purpose, as well. So. Many. Toys. I was planning on doing a compare and contrast with a couple of other frameworks, as well. I'm a bit n00bish, so I may be biting off more than I can chew.

I've been keeping my Twitter account to protect my handle. And lurking. Also to keep lurking until the main folks I like to follow have moved. It keeps changing my setting from 'Latest Tweets' to 'Top Tweets'. What shit-housery.

Show more

ath0

CounterSocial is the first Social Network Platform to take a zero-tolerance stance to hostile nations, bot accounts and trolls who are weaponizing OUR social media platforms and freedoms to engage in influence operations against us. And we're here to counter it.