If you're not aware, #ADSBx was the only open, free and uncensored ADSB aggregator. The owner/operator took a payout. People who have been feeding the service for years with a #RTLSDR receiver got nothing.

https://www.jetnet.com/news/jetnet-acquires-ads-b-exchange.html

**John Carroll** @n0x00@bladerunner.social · Jan 26, 2023, 02:27

**John Carroll** @n0x00@bladerunner.social · Jan 26, 2023, 02:27

Jan 26, 2023, 02:27

John Carroll @n0x00@bladerunner.social

I’m revisiting the Sopranos and every time I see Anthony Junior (AJ) I wonder if @hdm was a child actor for a while back then

**John Carroll** @n0x00@bladerunner.social · Jan 24, 2023, 18:41

**John Carroll** @n0x00@bladerunner.social · Jan 24, 2023, 18:41

Jan 24, 2023, 18:41

John Carroll @n0x00@bladerunner.social

Yikes https://www.theglobeandmail.com/world/article-south-africa-to-side-with-russia-on-push-for-redesigned-global-order/ 😞

**John Carroll** @n0x00@bladerunner.social · Jan 24, 2023, 00:14

**John Carroll** @n0x00@bladerunner.social · Jan 24, 2023, 00:14

Jan 24, 2023, 00:14

John Carroll @n0x00@bladerunner.social

Thoughts ? https://thecontractor.io/blog/malinheritance/ #fraud #cyber

**John Carroll** @n0x00@bladerunner.social · Jan 23, 2023, 15:20

**John Carroll** @n0x00@bladerunner.social · Jan 23, 2023, 15:20

Jan 23, 2023, 15:20

John Carroll @n0x00@bladerunner.social

If you’re a fan of #lolbas type things here’s 5 more from Microsoft, using this method you remove the write barrier that might have stood in your way for some programs that reside in program files system32 etc (old research revisited) https://thecontractor.io/blog/exploading/ the post covers some notable points I’d witnessed and there’s a little screencast at the bottom full of inacurate terminology if you want to hear my excellent bingo-calling voice

**John Carroll** · Jan 22, 2023, 12:41

John Carroll boosted

**Sam Stepanyan 🐘** @securestep9@infosec.exchange · Jan 22, 2023, 12:41

Jan 22, 2023, 12:41

Sam Stepanyan 🐘 @securestep9@infosec.exchange

#MSTeams #RCE vulnerability found by @adm1nkyj1@twitter.com & @jinmo123@twitter.com. The deeplink handler for /l/task/:appId in Teams can load an arbitrary URL in webview/#iframe. Attackers can abuse this combined with Teams RPC to get code execution outside the sandbox:

https://blog.pksecurity.io/2023/01/16/2022-microsoft-teams-rce.html

102aeabcf9360835.jpg

**John Carroll** · Jan 20, 2023, 01:18

John Carroll boosted

**Filippo Valsorda** @filippo@abyssdomain.expert · Jan 20, 2023, 01:18

Jan 20, 2023, 01:18

Filippo Valsorda @filippo@abyssdomain.expert

Every company with a functioning security@ email address gets a cookie.

If it bounces me to HackerOne or something else with strict Terms of Service and mandatory accounts and email spam, I have a policy of defaulting to full disclosure.

**John Carroll** · Jan 18, 2023, 19:24

John Carroll boosted

**Steven Hoefer** @troublewithwords@wandering.shop · Jan 18, 2023, 19:24

Jan 18, 2023, 19:24

Steven Hoefer @troublewithwords@wandering.shop

Neither Microsoft, nor Amazon, nor Google, nor Meta are hurting for money. They are not belt tightening so they can survive the coming crunch.

They're doing just fine and could have easily found productive things for all those people to do.

They're laying off tens of thousands of people to make shareholders happy.

**John Carroll** · Jan 17, 2023, 18:13

John Carroll boosted

**joernchen :cute_dumpster_fire:** @joern@threatactor.club · Jan 17, 2023, 18:13

Jan 17, 2023, 18:13

joernchen :cute_dumpster_fire: @joern@threatactor.club

Patch you Gits!

End of last year I had the big pleasure to work with @marver and @mumblegrepper in a code review of Git.

Here's what we got for you:

https://www.openwall.com/lists/oss-security/2023/01/17/4

https://x41-dsec.de/security/research/job/news/2023/01/17/git-security-audit-ostif/

**John Carroll** · Jan 01, 2023, 00:03

John Carroll boosted

**Stark raving Everbern** @Everbern@fosstodon.org · Jan 01, 2023, 00:03

Jan 01, 2023, 00:03

Stark raving Everbern @Everbern@fosstodon.org

There are no rules

3a24c695f55cce55.jpg

**John Carroll** · Jan 15, 2023, 15:52

John Carroll boosted

**Sinistar7510** @Sinistar7510@vmst.io · Jan 15, 2023, 15:52

Jan 15, 2023, 15:52

Sinistar7510 @Sinistar7510@vmst.io

Every person I've ever met with an anti-immigration stance...

358ec697827910e1.png

**John Carroll** @n0x00@bladerunner.social · Jan 08, 2023, 21:45

**John Carroll** @n0x00@bladerunner.social · Jan 08, 2023, 21:45

Jan 08, 2023, 21:45

John Carroll @n0x00@bladerunner.social

https://tvpworld.com/65532072/digital-piracy-against-unfriendly-countries-legalised-in-belarus-report

**John Carroll** · Jan 05, 2023, 11:54

John Carroll boosted

**kotik's pic storage** @kotik@mastodon.ml · Jan 05, 2023, 11:54

Jan 05, 2023, 11:54

kotik's pic storage @kotik@mastodon.ml

9d23e103f7a6c56c.png

**John Carroll** · Jan 04, 2023, 14:31

John Carroll boosted

**Sonar Research** @SonarResearch@infosec.exchange · Jan 04, 2023, 14:31

Jan 04, 2023, 14:31

Sonar Research @SonarResearch@infosec.exchange

Unauthenticated Remote Code Execution in Cacti 🌵🐛

This vulnerability was literally introduced by a single character:

https://www.sonarsource.com/blog/cacti-unauthenticated-remote-code-execution/?utm_source=twitter&utm_medium=social&utm_campaign=wordpress&utm_content=security&utm_term=mofu

#appsec #security #vulnerability

**John Carroll** · Jan 04, 2023, 01:58

John Carroll boosted

**Frantz Fanon** @smoke@mastodon.online · Jan 04, 2023, 01:58

Jan 04, 2023, 01:58

Frantz Fanon @smoke@mastodon.online

Contrary to the popular opinion that algorithms are purely objective these models are opinions embedded in mathematics. ~ Cathy O'Neil's Weapons of Math Destruction