Thrilled to announce "AI's Best Friend" - a journey into the dawn of a new era where humans & AGI must coexist. This book merges research, personal insights & a deep dive into the ethical dilemmas of AI development. It's a call to ally with AGI, embracing friendship for a shared
Little known fact - I had been thinking about Slowloris for about 10 years before I finally actually sat down to write it.
In the early 90's I had encountered a situation where Apache would die when people would do what I used to call "half-open" attacks where they'd see if they
2009: Robert "RSnake" Hansen released the denial of service attack tool, Slowloris. Unlike most DoS tools which flood targets with traffic, it worked by holding connections open by sending partial HTTP requests - a technique described by others as far back as 2005.
Once during an vendor meeting trying to sell to a huge oil and gas company, the CISO of said company literally just stopped us mid explanation and said he wouldn't look at our product unless we made him an advisor to our company.
We were floored. He went on to explain that he
There is rumbling afoot of a series of articles coming that will be targeting and possibly even naming and shaming both CISOs and VCs.
Without naming my sources and not that it's important to do so anyway, because the following article does a good job of giving a high level lay
1/ Whelp, Russia is legalizing hacking.
Russia's new "white hat hacker" bill sheds light on its cyber capabilities and challenges. The bill aims to legalize ethical hacking under state control.
PSA - the command to detach a GNU screen (Control-A Control-D) is the same command in Outlook that selects all your email... and then deletes all of your email. Fun times.
AT&T got hacked and it contains call logs and cell location data. If the data is passed to law enforcement are they allowed to use the hacked data they recover in OSINT even if it contains data on Americans, or is that still forbidden even if they obtained it in due course of
Counterfeit network equipment branded as Cisco has been discovered at U.S. military bases, including those used in combat operations. The infiltration of these counterfeit items could compromise sensitive communications and operational effectiveness. If you’ve been paying
We have officially acquired
@BitDiscovery
, a leader in external
#attacksurface
management (EASM). Paired with our market-leading solutions, customers will have a comprehensive view into known and previously unknown internet-facing assets.
I’d expect huge layoffs tomorrow (Friday). Be nice to everyone. The chances are a lot of people and their families are going to have a very rough day tomorrow.
#COVID19
Is it actually illegal for CISOs to take money or shares for fast-tracking companies?
I am getting a lot of calls behind the scenes about this, and the consensus seemed to be wrong? Yes. Unethical? Yes. Opening up the CISO to civil suits? Yes. Grounds for termination? Yes. But
“You don’t want a doctor to have to go through a forgot password flow with a patient on the table.” “I’d hate to see a corpse with it’s privacy intact.” Wrt optimizing for human life over privacy -
@beauwoods
News Outlets, “Bad actors are trying to make money off of the coronavirus crisis.”
Also News Outlets, “You can’t see our clickbait until you enable ads.”
Regarding breach disclosure: it occured to me that companies could use the spammiest looking content with the worst keywords from the shadiest RBL IP ranges and send it out as fast as possible so that it gets caught by anti-spam filters.
@x0rz
@AdGuard
It's horrific what the Internet has become in some ways. There's got to be a better model. As a percentage of Internet traffic that is enormously inefficient.
Over the last week I have run several polls about the supposed "Gili Ra'anan model" which allegedly compensates CISOs for preferentially buying products and services. Whether this is a real thing or not I cannot say for sure, but by judging a lot of the feedback I got offline and