“CrowdStrike Earnings: Cybersecurity Firm Posts Higher Revenue Amid Swing to Loss - WSJ”

https://www.wsj.com/business/earnings/crowdstrike-raises-outlook-post-higher-revenue-amid-swing-to-loss-dde5cf9f

So, I've long argued that all of software dev's dysfunctions can be traced to the fact that business outcomes do not depend on software quality, design, or reliability. As long as this dynamic continues the software we use will only get worse

@joepie91 - You're still assuming you can know about the scraping in the first place
- Money doesn't stink

@joepie91 Do you really think people who want to e.g. earn money with this give a flying fart if they are excluded from a community (which they weren't part of in the first place)?

@joepie91 Based on arguments I had over here people definitely believe that technical measures at the publishing platform (such as limiting search) can affect this. Also, what is the point of being outraged about the single person who is open about his scraping while I guarantee you a dozen other orgs do the same rn just don't talk about it?

Here we go again explaining supposedly technologically literate people that what they *publish* on the Internet can and will be scraped... Bluesky's explanation ("we can't enforce this") is on point btw.

RE: https://infosec.exchange/@josephcox/113551853623942786

@tmr232 Are the slides available somewhere?

New PE Vulnerability in Windows OS! https://ssd-disclosure.com/ssd-advisory-ksthunk-sys-integer-overflow-pe/

Earlier post, but in recent talks I'm encountering more and more organizations that are losing their last technical people. You can outsource a lot, but most places have a core thing that they should really own. And once your own technical department is no longer viable, you are hosed. The longer story: https://berthub.eu/articles/posts/your-tech-my-tech/

thesis: numbers stations are a form of microblogging

Why do BloodHound CE passwords expire?! 🤦

New post: Vulnerability Disclosure: Command Injection in Kemp LoadMaster Load Balancer (CVE-2024-7591) https://insinuator.net/2024/11/vulnerability-disclosure-command-injection-in-kemp-loadmaster-load-balancer-cve-2024-7591/

@penguin86 @vampiress it's ok, the floppy is write protected.

This effect lasted about 24h, now I get the same braindead content again :P

So much for "personalized experience"...

RE: https://infosec.place/objects/0fe974a7-6345-4ccc-a9a4-5dce0da786a9

What, it's already this time of the year again?! Yes, 'tis the season of reviewing and selecting our top picks from around 3.000 #demoscene productions - and we would love to have you on the team as a juror! Sign up now:
https://2025.meteoriks.org/taking_part/juror/

[RSS] Hacking Barcodes for Fun & Profit...

https://blog.mantrainfosec.com/blog/16/hacking-barcodes-for-fun-profit

Old friend hacking Hungarian bottle recycling machines :) #DRS

Remote Code Execution with Spring Properties
https://srcincite.io/blog/2024/11/25/remote-code-execution-with-spring-properties.html

#frombsky

CFP window ends this friday! We have ~50 submissions so far -- competitive but not so busy that a high quality talk can't rise to the top, make sure to get your submission in soon.

https://sessionize.com/re-verse

Microsoft: "we had one #PatchTuesday yes, but what about second Patch Tuesday?"

• CVE-2024-49053 (7.6 high) Microsoft Dynamics 365 Sales Spoofing Vulnerability
• CVE-2024-49035 (8.7 high) Partner.Microsoft.Com Elevation of Privilege Vulnerability (EXPLOITATION DETECTED FLAG)
• CVE-2024-49038 (9.3 critical) Microsoft Copilot Studio Elevation Of Privilege Vulnerability
• CVE-2024-49052 (8.2 high) Microsoft Azure PolicyWatch Elevation of Privilege Vulnerability

Only CVE-2024-49053 has any substantial information in their FAQ section. CVE-2024-49035 is "not exploited" but "exploitation detected" 🤔 (analyst comment: likely a gaffe). The rest are Not Exploited, Not Publicly Disclosed, and Exploitation Less Likely.

#microsoft #vulnerability #CVE #infosec #cybersecurity #copilot #dynamics365 #azure

Gotta love IoT stuff