Alternatives to @noscript for #chrome recommended by #google's store:
2 #adblockers and 2 trojans.🤨

https://chromewebstore.google.com/detail/doojmbjmlfjjnbmnoijecmcbfeoakpjm/related-recommendations

CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
Hot off the press!

• CVE-2024-30088 (7.0 high) Microsoft Windows Kernel TOCTOU Race Condition Vulnerability
• CVE-2024-9680 (9.8 critical) Mozilla Firefox Use-After-Free Vulnerability
• CVE-2024-28987 (9.1 critical) SolarWinds Web Help Desk Hardcoded Credential Vulnerability

#cisa #cisakev #kev #knownexploitedvulnerabilitiescatalog #vulnerability #cve #eitw #activeexploitation #zeroday #CVE_2024_30088 #CVE_2024_9680 #CVE_2024_28987 #solarwinds #mozilla #firefox #microsoft #windows #kernel

Microsoft: Microsoft Digital Defense Report 2024
Microsoft has a 114 page PDF report covering the evolving cyber threat landscape: threat actors and their motivations, nation state threats, ransomware, fraud, identity and social engineering, and DDoS attacks. There's also Microsoft-specific recommendations as part of Secure Future Initiative. Of course, no annual threat intel report would be complete without artificial intelligence ✨. From AI-enabled cyber attacks to influence operations, and god forbid using AI for cybersecurity. There's a section on how governments and industry are approaching and advancing global AI security. This report also includes perspectives from different countries.

#microsoft #securefutureinitiative #AI #cyberespionage #ransomware #digitaldefensereport #threatintel #cybersecurity #infosec #cyberthreatintelligence #CTI

Donald Knuth on the rewards of computer programming

Absolutely wild how many companies are adopting AI notetaking apps for meetings.

Y'all'er just chill sending your planning, product direction and revenue details to some random third party in exchange for them doing the low value task of halfassing note taking for you?

https://bird.makeup/@aubyrs/1845890452710375829

Claims of Chinese researchers breaking "military grade encryption" with a quantum computer are totally overblown. They attacked a trivial 22 bit key and used a quantum annealing architecture. Still not cryptographically relevant and not a quantum computer. Still not breaking RSA!

https://www.scmp.com/news/china/science/article/3282051/chinese-scientists-hack-military-grade-encryption-quantum-computer-paper

https://x.com/twistedhardware/status/1845968772215328896

Great news everyone! I saw code so terrible yesterday that I quit my job on the spot, for realsies. Enjoy what should be the last post about me gazing directly into corporate-hell:

https://ludic.mataroa.blog/blog/get-me-out-of-data-hell/

Future posts will be about the dystopian hellscape that I conjure into being at my own business.

I love this!

"One day, Linus accidentally attempted to use his hard drive to dial the university, resulting in his master boot sector starting with "ATDT" and the university modem-pool phone number. After recovering from this, he implemented file permissions in his kernel."
https://lwn.net/Articles/928581/

We just launched a new forum for the hash cracking community, hashpwn. Head over, sign up, and get crackin!
https://forum.hashpwn.net

watchTowr: Fortinet FortiGate CVE-2024-23113 - A Super Complex Vulnerability In A Super Secure Appliance In 2024
Reference: CVE-2024-23113 (9.8 critical, disclosed 08 February 2024 by Fortinet, added to CISA KEV Catalog 09 October 2024) Fortinet Multiple Products Format String Vulnerability

I personally love the snark that watchTowr brings to the infosec community. If you didn't already grasp it from all the memes, you'll understand once you start reading this blog post. watchTowr covers locating the vulnerability CVE-2024-23113 and finding the root cause. I know the term rabbit hole is used often, but in this case, each vulnerable/patched version of their firmware provides different behavior to exploitation attempts and these are explained. No one's safe from watchTowr: they even include a dis for Check Point:

I mean, it's one up from Checkpoint's 'buy another Checkpoint device to put infront of your vulnerable Checkpoint device'

#CVE_2024_23113 #fortinet #vulnerability #eitw #vulnerabilityanalysis #cybersecurity #infosec #cve #activeexploitation #kev

Kagi's Snaps allows you to easily limit search results to a specific website by using the @ symbol followed by a short code for the site and then your search query🪄

More on how to use and contribute to Snaps: https://help.kagi.com/kagi/features/snaps.html

#Kagi #Search #AdFree

Huh.... Turns out electricity is a little bit spicier in Ireland. Lesson learned. Setup for #Pwn2Own Ireland continues...

There's something specifically and deeply evil about making kids watch ads for extra stuff in games.

The @internetarchive’s Wayback Machine resumed in a provisional, read-only manner.

Sorry, no Save Page Now yet.

Safe to resume but might need further maintenance, in which case it will be suspended again.

Please be gentle https://web.archive.org

More as it happens.