Threat actors seem to enjoy targeting InfoSec professionals (or each other? honestly idk), but aren't always good at it. More obvious lures and obvious malwa...| Chris Partridge
Tired of seeing bullshit alerts about dependencies in your containers, which have some crazy new vulnerability, but aren't part of your application and don't really need to be there? Me too! Stop wasting time and start getting actionable security feedback by going distroless and eliminate all those unused dependencies. This example will show you how and why, using a sample Python application.| tweedge's blog
Are there Darwin awards for skids burning their C2 infrastructure?| tweedge's blog
ViperSoftX is a multi-stage cryptocurrency stealer which is spread within torrents and filesharing sites, responsible for stealing hundreds of thousands of dollar-equivalent funds, mostly from individual users. Nearly three years after it was originally discovered, this malware campaign has more surprises in store, and I'm digging into its dropper/C2 ops. The first article of a series.| tweedge's blog
HARICA - the only non-DigiCert certificate authority offering .onion certificates (for Tor hidden services) - has recently switched over to signing new certificates with their 2021 CAs. Here are some cliff notes on how to use HARICA's cross-certificates in your trust chain if that becomes a problem for you or your website viewers.| tweedge's blog
It's pretty sad that I'm paying money for a phone number to post online, specifically to get it pulled into the tools used by the multi-hundred-billion-dollar talent and marketing industries, just to have some peace and quiet during the day. In case you want to do the same, here's what I do and what (little) it took.| tweedge's blog
Once upon a time, I stumbled on to some dead links, and through preserved materials I easily recreated a now-defunct unitasking site about IPv6 ULAs. So why did the license on my personal blog change?| tweedge's blog
It's now been over six months since I reported an incident to US-CERT, and was still a trivially exploitable SQLi on the Washington State Department of Transportation website. I made a partial public disclosure while this was still exposing sensitive contractor PII from 1986-2021 including last 4 of SSNs, as well as nearly 73k users from 1999-2021. Around one week after, this issue has been resolved, and I have updated this article to contain complete information. Thank you to everyone that h...| tweedge's blog
Intel themselves don't publish any information on identifying Engineering Sample (ES) processors outside of checking the markings on the lid of the CPU. I had an ES CPU once upon a time, and here's what I saw when compared to another similar CPU - it's no definitive guide but it might be useful to some who are concerned about a secondhand CPU they've received.| tweedge's blog
About two days ago, hundreds of thousands of leeches were reported on Ubuntu's torrent tracker - downloading gigabits of data, but never reporting that they'd completed any chunks. My precious Linux ISOs (yes, really) were under attack. But whose botnet is this, why are they all downloading Ubuntu, and just how big is the botnet they're controlling? Let's dig in.| tweedge's blog
What happens when you work for a household name? What happens when that household name has a reputation for only hiring and developing top tech talent? What happens when many recruiters and recruiting firms make a habit of poaching only "the best?" Turns out, your career growth goes exponential - and while that might be good for me now, it wasn't good for me before, and isn't good for the tech field overall.| tweedge's blog
Cybersecurity is massive, and answers about "should I get certifications" or "should I get a degree" are not as one-size-fits-all as they may initially seem. So, I wrote up a ton of details and context about my first role, how I got into that role, and general advice I have for people looking into Product Security or cybersecurity as a whole.| tweedge's blog
Mastodon is a great replacement for Twitter, but who knew it was also a replacement for LOIC too? I'm joking - but an observed traffic amplification factor o...| Chris Partridge
