Major win for encryption.

European Data Protection Supervisor Wojciech Wiewiórowski said the indiscriminate scanning of private communications proposed by EU’s CSAM regulation “will always be illegal under the Charter of Fundamental Rights (and probably under several national constitutional laws as well),” https://www.euractiv.com/section/law-enforcement/news/eu-watchdog-online-child-abuse-draft-law-creates-illusion-of-legality/

lol, a way to bypass the Microsoft account requirement in Windows 11 - type username no@thankyou.com, any password, and it bumps you to local account creation.

BlackLotus Shows again: Revocation lists don't work, and Code Signing is not going to save you.

In #Hungarian we don't distinguish between "safety" and "security", which leads to confusions. I made this meme, but I'm not sure it's right.

Can some native #English speakers take a look? (clarification in alt text)

Kudos to Coinbase for publishing this fantastic write-up on social engineering. Really would love to see more orgs normalizing their wins (because make no mistake about it, this IS a win).
https://www.coinbase.com/blog/social-engineering-a-coinbase-case-study

Is there a debugger I can "attach" by sideloading a DLL to the target? #antidebug #antiantidebug

Our (free) AWS Canarytokens have always been popular.

Today, we released the Azure alternative on our canarytokens.org server¹

Attackers who find ‘em have to use ‘em (and reveal their presence).

Check out Pieter’s blog post at:

https://blog.thinkst.com/2023/02/canarytokens-org-welcomes-azure-login-certificate-token.html

__
¹ also free

attackerkb published their GoAnywhere analysis. No more reasons to hold back my blog post then, I wrote days ago.

https://frycos.github.io/vulns4free/2023/02/06/goanywhere-forgotten.html