General Bytes crypto ATMs exploited for over $1.6 million
March 18, 2023
https://web3isgoinggreat.com/?id=general-bytes-crypto-atms-exploited-for-over-1-6-million
We just dealt with a really nasty case of food poisoning here. The only member of the group to order the salad that night.
https://twitter.com/k8em0/status/1637889009023336453
@willasaywhat ok but now you need to tell us what the verdict is
Update. Turns out that John #Deere has been using open code under the #GPL w/o living up to the license. The Software Freedom Conservancy (@conservancy) is calling on it to comply — which would greatly enhance #farmers' #RightToRepair.
https://sfconservancy.org/blog/2023/mar/16/john-deere-gpl-violations/
"We…publicly call on John Deere to immediately resolve all of its outstanding GPL violations…by providing complete source code…that the GPL & other copyleft licenses require, to the farmers & others who are entitled to it."
CVE-2023-21036 / acropalypse is absolutely bonkers.
Apparently for 5+ years the cropping / editing tools for screenshots on Google Pixel phones was only overwriting the start of the screenshot PNG file, but not truncating.
All screenshots shared for the past 5+ years might have data recoverable from them. Demo available at https://acropalypse.app/
Google still hasn't communicated anything on this.
(h/t ItsSimonTime on Musk's site)
Understanding a Payload's Life (featuring Meterpreter & other guests)
by @DaniLJ94
<- this is great
https://attl4s.github.io/assets/pdf/Understanding_a_Payloads_Life.pdf
Isn't the MiG-29 and its engines etc. made in Russia? So how do the various allies supplying them to fight against Russia get spare parts and maintenance stuff? #lazyweb
@catsalad Also TPM roles
@dave every personal story on Reddit is fake but I'm pretty sure this one is also a joke.
@catsalad we have a bunch of openings for vehicle cyber security, security engineering, and IT security. Any of that sound interesting?
I argue we (#curl) should NOT pay docker. Not give in to extortion. This might mean that someone else soon suddenly will register our name and can serve whatever image they want there. 5 *billion* pulls indicate there's a user or two that might fall victim for this.
That's on docker, not us.
https://www.scriptjunkie.us/
#infosec #security
the rules: https://social.scriptjunkie.us/about/more#the-rules-of-social-media