Greetings, Myth Lovers! In celebration of #BeerLoversDay Monday's theme is beer an other inebriating beverages! Do you know a myth that features beer or a similar drink? Is the beer helpful or a hindrance? Tell us the myth and use the hashtag #MythologyMonday for boosts.

#mythology @mythology @folklore @TarkabarkaHolgy @juergen_hubert @curiousordinary @wihtlore @FairytalesFood @bevanthomas @FinnFolklorist @Godyssey @GaymerGeek @starrytimepod @ljwrites

Sometimes when people don't want an idea interrogated they arrange words around it like a moat. Construct intricate vocabularies that make it so you can only approach it from certain directions, never from the directions where it is weak to attack. Insist you use their vocabulary, debate on their terms. Sometimes I like to just walk directly into the moat. See, it's only ankle deep. This makes people upset. You're ignorant of the theory! No, I'm standing in the middle of it. It's just water dude

Team #Hashcat is pleased to present our much anticipated write-up for this year's #CrackMeIfYouCan contest at #Defcon32

📕 Read it here:
https://raw.githubusercontent.com/hashcat/team-hashcat/8a72d338660cc6d8f4f8014bd8e3236f8c59cd6e/CMIYC2024/CMIYC2024TeamHashcatWriteup.pdf

#password #passwordcracking #redteam #ctf #defcon #hacking #infosec #cybersecurity

ublock origin is great and so don't take this the wrong way but I've never understood why it doesn't have a they-live mode where instead of removing the ads altogether they get rendered as greyscale messages like "OBEY" / "CONSUME" / "DO NOT QUESTION AUTHORITY"

Crypto is holding Texas' independent electricity grid hostage for ransom, while the conservatives who run the state realize they've been duped by the big businesses they sidle up to.
https://www.economist.com/united-states/2024/08/27/why-texas-republicans-are-souring-on-crypto

Someone sent me a note the other day that a funeral service for their late friend was being used to start a new Meta group that claimed to offer live streaming of the service.

But of course, those who clicked the link were sent to fake video streaming websites that try to collect payment information before supposedly letting you watch the service.

A little digging showed that not only are there hundreds of these fake funeral streaming groups, but all of them are tied back to some brainiacs in Bangladesh who naturally exposed their identities and operation by trojaning their own PCs.

What's crazy is how the fake funeral streaming groups on Meta are just one tiny microcosm of the scams these dudes in Bangladesh are doing.

Also, now I feel like showering after spending a few hours back on Meta. Eww.

It's been a while since HyperDbg's first release, and we realized our initial assumptions for the command parser won’t fully meet new demands. After redesigning and extensive testing, HyperDbg v0.10.1 now comes with a brand-new parser! 💫😼

Check it out:
https://github.com/HyperDbg/HyperDbg/releases/tag/v0.10.1

Can anyone help me understand why the Linux kernel sets the SS register segment on x86-64/amd64? The architecture doesn't seem to require it, but it does anyway. I have seen some issues with DOSEMU, signals, and even the sysret not working properly regarding SS, but I didn't see a clear explanation.

"Google, Amazon, and Microsoft control seventy-five percent of the cloud computing market. Meta and Google own half of the fiber optic cables supplying internet services across continents."

…

"So what did GAMM do? They convinced us that our notetaking apps require an internet connection and forty thousand dollar GPUs located on a server three hundred miles away."

https://www.fromjason.xyz/p/notebook/any-technology-indistinguishable-from-magic-is-hiding-something/

I created a threat actor profile for the Chinese state-sponsored APT41: https://infosec.press/screaminggoat/apt41 aka Earth Baku, RedGolf, Wicked Panda/Spider, Winnti Group, BARIUM, Brass Typhoon, Double Dragon, Bronze Atlas, Axiom, BlackFly, GreyFly...

THIS IS WHY WE NEED ONE SINGLE COMMON NAME. Winnti/APT41 activity spans so far back (2010) that some of the links are dead or the reporting companies got bought out. Remember FireEye? Their reports were rebranded as Mandiant after 2021, who got bought by Google Cloud in 2022.

Just FYI, Intrusion Truth is an unknown blog who's scarily accurate. They might be a Western hack and leak intelligence operation. EDIT2: Also the possibility of a disgruntled insider, or even a competitor like i-SOON.

I hope you find this useful. Let me know what other information you'd want to see in a threat actor profile. I'm nowhere close to being done collecting references. It's 3:53am so I'll work on it some more later.

EDIT: 5:30pm and I am tentatively done. A few links are dead and I used web.archive.org to display the archived copy. This is the most comprehensive list that I know of, pooling information from malpedia, MITRE, EDTA, Wikipedia and elsewhere. It even contains a list of exploited CVEs, some of which will be reported to CISA to add to the KEV Catalog.

#china #threatintel #cyberespionage #apt41 #winnti #IOC #chengdu404 #brasstyphoon #infosec #cybersecurity #mss

Frida 16.5.0 adds native breakpoint and watchpoint APIs. There was some attempts to implement those in DWARF and #r2frida already, but having them in the stock SDK makes them way more comfortable to use and stable https://frida.re/news/2024/09/06/frida-16-5-0-released/ #frida

NSA's No Such Podcast: How We Found Bin Laden: The Basics of Foreign Signals Intelligence
Current and former senior NSA officials, who were involved in the search for Osama bin Laden after the September 11, 2001 terrorist attacks, describe NSA's role in the foreign signals intelligence to help find him. You can read the transcript as a 15 page PDF

#nsa #september11 #sigint #intelligence #osamabinladen

Zig's Memcpy, CopyForwards and CopyBackwards

https://www.openmymind.net/Zigs-memcpy-copyForwards-and-copyBackwards/

Discussions: https://discu.eu/q/https://www.openmymind.net/Zigs-memcpy-copyForwards-and-copyBackwards/

#programming #ziglang

Hmm, "apps" in #Outlook what could go wrong?!