Your XKCD passwords are cracked, excellent demonstration by unix_ninja. For a better way, a double clickable PowerShell generator and the math on the attack cost, see
Lambos are clearly valued by cybercriminals. Congress should ban them, or at least restrict them to vetted industry in-groups.
Iran appears to be launching new domain-wide wiping attacks.
PyXie, full featured Python RAT obfuscated with opcode-swapped embedded Python interpreter. The teardown instructions are a great plus; I love articles that post how to extract the info, not just the final result.
Larry Page out as Alphabet CEO. Sundar Pichai now CEO of both Alphabet and Google.
ICYMI RAP bypass for root -> kernel exploits on grsec. I did find the angry grsec/PaX replies entertaining too. Remember when grsec had to pay out a quarter mil because he couldn't handle critique?
Uninstall Teams. If you have to use it, use the web version from your browser
Evading WinDefender ATP credential-theft: a hit after a hit-and-miss start.
tl;dr PssCaptureSnapshot syscall clones the process then you don't need to do ReadProcessMemory against the original process and avoid LSASS read detection.
The first hacker con I ever went to had a talk by an anonymous hacker in a full ninja costume with face mask conducted entirely with speech to text, Q&A included.
Aww, the Facebook outage was the thing I was most thankful for on Thanksgiving
I just started getting random keybase follower emails; I'm guessing bots because this kenakval account is using a picture scraped from here and I would think that's not what that guy would want to draw attention to.
Fortinet products, including FortiGate and Forticlient leaked
full HTTP URLs of users web surfing activity and more to passive internet observers, over effectively plaintext (static XOR) to Fortinet servers. Unfixed since May 2018 till now!
Well this will be an interesting situation to watch going on right now.