I'm having too much fun with these slides for #Cackalackycon 
T
thomrstrom@triangletoot.party
@thomrstrom@triangletoot.party
Posts
-
I'm having too much fun with these slides for #Cackalackycon :) -
Edtech giant Instructure was hacked (twice) — and finally put up a security incident page after the mass-defacement of Canvas school login pages.@zackwhittaker My favorite part is that several school districts migrated from PowerSchool to Canvas because the former* was hacked.
-
Setting up age verification for my BBS@foone That reminds me of the age checks in Leisure Suit Larry.
Leisure Suit Larry | Info, Walkthrough and Material from the Classic Graphic Adventure Game
Age Verification Quiz for Leisure Suit Larry in the Land of the Lounge Lizards, for the original, VGA and Reloaded version.
Leisure Suit Larry | Info, Walkthrough and Material from the Classic Graphic Adventure Game (www.classicgaming.cc)
-
Cow-orker @mle shared this ~2-week-old DigCert incident report today (i blame my Q1 $WORK chaos for me missing it): https://bugzilla.mozilla.org/show_bug.cgi?id=2033170… (1/5)@hrbrmstr Oof, fully agreed.
Of all places, I would have expected to see ubiquitous use of physical security keys at global CAs in 2026. It's not fool-proof, but holy shit is it better than letting a compromised machine satisfy MFA.
Knowing how much effort went into securing our CA at Google, this is just straight-up embarrassing.
-
cleave v1.2.0 is now available!cleave v1.2.0 is now available! cleave is the successor to malcontent - decomposing a program into a set of MBC/ATT&CK-aligned features useful for security engineers and ML pipelines alike.
The screenshot is how cleave sees an ELF #malware sample that was dropped just yesterday. Using both AST and automated reverse engineering [rizin], cleave executes 50,000+ rules across 75 file formats.