[RSS] Pnut: A Self-Compiling C Transpiler Targeting Human-Readable POSIX Shell

https://hackaday.com/2024/07/25/pnut-a-self-compiling-c-transpiler-targeting-human-readable-posix-shell/

[RSS] Proof that find + mkdir are Turing-Complete

https://hackaday.com/2024/08/05/proof-that-find-mkdir-are-turing-complete/

[RSS] [Blog] Teaching the Old .NET Remoting New Exploitation Tricks

https://code-white.com/blog/teaching-the-old-net-remoting-new-exploitation-tricks/

[RSS] Breaking Barriers and Assumptions: Techniques for Privilege Escalation on Windows: Part 3

https://www.thezdi.com/blog/2024/7/31/breaking-barriers-and-assumptions-techniques-for-privilege-escalation-on-windows-part-3

[RSS] Extending Burp Suite for fun and profit – The Montoya way – Part 6

https://security.humanativaspa.it/extending-burp-suite-for-fun-and-profit-the-montoya-way-part-6/

[RSS] Heap exploitation, glibc internals and nifty tricks.

http://blog.quarkslab.com/heap-exploitation-glibc-internals-and-nifty-tricks.html

[RSS] Decrypting VPN traffic via crashdumps

https://dustri.org/b/decrypting-vpn-traffic-via-crashdumps.html

[RSS] Introducing the MSRC Researcher Resource Center

https://msrc.microsoft.com/blog/2024/07/introducing-the-msrc-researcher-resource-center/

Why Google’s “Dear Sydney” Ad Makes Me Want to Scream - by Shelly Palmer

https://shellypalmer.com/2024/07/why-googles-dear-sydney-ad-makes-me-want-to-scream/

(The ad was revoked, but this is still a great piece about the fundamental problems it represented)

“Crowdstrike has made intentional architectural engineering and QA decisions that made this happen. They were negligent in their engineering decisions and their QA decisions.”

@alexstamos starts off strong on his latest @riskybiz episode.

Note to sec company CTOs/CISOs:

If u put in the work to engage with the community on topics that don’t directly affect what u are selling, it buys u some leeway when u have to discuss products that do..

Many would be flamed for taking this stance openly. He pulls it off.

https://pca.st/episode/17c7a25f-faee-479a-b653-53f62679cc02

Fifteen years ago today, a group of hackers and security pros got together and made a little thing happen, the first ever BSides @SecurityBSidesGlobal, @BSidesLV

Things took off from there.

The next BSides on the event calendar is BSides Las Vegas, and it will be event number 1002.

Afk brb!

⚠️ Confirmed: Network data show disruptions to multiple internet providers in #France amid reports of a fibre sabotage campaign targeting telecoms infrastructure during the Paris 2024 Olympics 📉

protip: when referring to your favourite programming language’s features, call them spells instead to sound more mysterious and cool.

“memory safety feature”

“memory safety spell”

📬

A really “inspirational” Google ad about a young girl who’s inspired by an Olympic athlete so her dad asks Google’s Gemini AI to write the athlete a letter from his daughter.

It’s actually an effective anti-AI ad which plays to the fear AI drains the creativity and honesty out of human communication. 🤦🏾‍♂️

https://youtu.be/NgtHJKn0Mck?si=tsRJaFDCA5t53foa

I found out quite a lot of stuff by now about the Ghidra stack depth mess up and still have no idea how to fix it... 😩

https://github.com/NationalSecurityAgency/ghidra/issues/6747

someone just shared this picture with me and I am so mad this is a thing that somebody thought was a good idea, or even not a terrible idea

My new blog - featuring: a technical overview of the CrowdStrike incident, why security products user kernel mode, and what this means for the future of Windows.

https://www.microsoft.com/en-us/security/blog/2024/07/27/windows-security-best-practices-for-integrating-and-managing-security-tools/

Shout outs to my non-Microsoft friends who gave me input and technical editing, appreciate you!

👏 more 👏 developers 👏 need 👏 👏 hear 👏 this

I can count on one hand the number of my clients over the past couple of years who haven't either over-architected for scale or were unnecessarily concerned about it.

You don't need to understand Distributional Little's Law to figure this out, it's obvious with primary school level math.

Excerpt from https://tailscale.com/blog/new-internet