40629
The largest collection of malware source, samples, and papers on the internet. Password: infected https://vx-underground.org/
Telegram nerds, I've decided this Saturday I'm going to make Windows posts and see how Linux users on social media react.
Will they rage? Will they get the joke? It's science
I made an intentionally hyperbolic joke poking at all of the Linux posts on social media, some people were not happy about it
Here is what I've learned:
- I'm stuck in the clutches of Windows
- Linux is about freedom, or something
- My Mom
- I don't do anything technical (anymore?)
- People are tired of my whining
- I'm mad
- I'm a Winblows cock sucker
- I'm on a computer
Chat, do NOT tell Linux users to build a computer in the forest with a hatchet.
> be malware
> try to be evasive
> "I know! I'll put in backup domains!"
> "I'll also put in fake domains!"
> "It'll be brilliant!"
> "This strategy will bypass everything!"
> Look inside
> 4786 DNS requests
Wow, so subtle bro
Meanwhile in Bug Bounty:
AI slop bug reports overflowing vendors. Vendors can't handle the slop. Slop code, slop exploits, and slop write-ups result in vendor exiting program.
AI slop is choking Bug Bounty
Hello everyone,
I see your DMs and stuff. I'm sorry I haven't replied.
I've been experiencing a deep burn out. I have been struggling to juggle vx-underground, a 1 year old, and work. I under estimated the cognitive load a 1 year old would require, it is significantly more challenging than I initially anticipated.
I am behind on basically everything. I am struggling to keep my head above water. I don't possess the energy to do much.
Also, I've seen some people be like, "pffft, you THINK ONE KID IS HARD? Trying having N!".
Okay pal, it's not a contest. I get it, you're cool and badass and I'm soft blooded. I'm trying my best.
Anyway, sorry for all the slow stuff. I'll bounce back eventually, as I always have.
Love you
- smelly
I am so incredibly tired of hearing about AI
Everytime I look up anything cybersecurity related it's all a big ass fuck off circus discussing AI
It's not even like, an explanation on AI, or some sort of deep dive, or nuanced perspective. It's all superficial and more akin to a sales pitch than an actual discussion topic.
O gracious Lord, if Thou hearest me, pray let this great uproar be stilled.
What are you going to do? Can't do ClickFix on a FUCKING SQUIRREL to make him leave your house
Читать полностью…
Normal programs are like straight-A students who go to church on Sunday and respect their parents and elders.
Malware is like the kid who skips school, smokes marijuana, and has pre-marital sex.
Malware is BAD. Malware, not even once
Nerds on social media going spazzo saying people had unauthorized access to Claude Mythos.
It gave the impression to readers that Anthropic had been compromised, primarily due to lack of details in the posts and the ambiguity of "unauthorized access".
As it turns out, it's a "forum" of users who hunt for unreleased AI models.
The "forum" it turns out is a Discord Server.
I've seen several different proposed theories now on what this means, what unauthorized access means, what data was accessed, ... There is insufficient details.
Regardless, I stand by my (now deleted) post that that using the term "BREAKING" is in poor taste. There is more nuance to this "unauthorized access" and the lack of details allow people on social media to sensationalize it.
tl;dr I guess we'll see what happens, maybe I'll eat my own words and take a fat L
That is a new one for me. I've never seen a seized banner ... on a forum account.
Читать полностью…
mfw another company being ransomed because of some goofy ass shit like a shitty vpn cred or someone running roblox_cheat.exe
Читать полностью…
In all seriousness, thank you to my colleagues and peers who take the time to correct me and keep me informed. Information flows extremely fast in cybersecurity, and precision is paramount, so the details I learned hours ago are now incorrect and I'm thankful I was corrected.
Читать полностью…
I owe a nerd a favor, so I guess I'll be doing a talk at Georgia Tech ... either this Thursday or next Tuesday, depending on how their e-mail chain is filtered because I can't tell.
Either way, if you're at Georgia Tech, I'll be doing a schizo rant about malware
> be lovable
> worth 5 billion dollars
> big startup in EU
> vibe coding app thingy
> coding is for nerds, vibe code is cool and badass
> early march weezerOSINT reports bug
> "can see everyones prompts and stuff lol"
> image 1 is it thinking stuff
> lovable replies
> image 2 hackerone stuff
> "duplicate lol but ya misconfigured firebase stuff"
> acknowledges
> half-fixes, only fixes NEW projects
> old projects still free real estate
> used by nvidia, microsoft, uber, spotify, etc
> make free lovable account
> make api call and ask for stuff
> image 3 is lovable giving free stuff stuff
all images from weezerosint. subsequent post is full thread on the anime
This is why it's important to NEVER use Linux. Linux is ILLEGAL and for NERDS. Use Windows, enable ALL telemetry, and use Copilot. It's the only safe option.
Читать полностью…
I'm so tired of all the Linux larps bro
Nobody gives a fuck that you use Linux. It's just an OS bro.
Want to impress people? Go into the forest with a hatchet and make a computer from dead insects, tree bark, and your feces
OS?
Windows 11
Browser?
Chrome
Password Manager?
Passwords.txt
Antivirus?
Defender
VPN?
Nord
All telemetry features enabled to improve the products listed.
I need to scream into the void of the internet. I don't expect any of you to give a shit. I just want to share an observation I've had.
Since I've had a kid I've noticed some parents unironically ego others about their children. I'm not sure what it is, maybe it's some sort reflection of their personalities, but I think it's super fucking weird.
Like, my son was an objectively large baby. He was born in the 100th percentile, meaning he is statistically larger than 100 percent of babies. This doesn't mean he's destined to be a freak athlete, it doesn't mean he's going to be walking giant, it means almost nothing because the cause of large babies is either the Mother is diabetic ... or it's genetics. In our case it was genetics. It's totally possible he will be large now and by the time he's 10 he will be BELOW average. The size of a baby at birth doesn't reflect anything about their future.
When I tell someone my son was born large, I'll always have one person interject and say something akin to "MY SON WAS BIGGER" ... even though I know they're lying or exaggerating.
Alternatively, I'll say something like, "I think my son is doing really good, he eats a lot". Suddenly some parent will be like "MY DAUGHTER EATS MORE. SHE EATS EVERYTHING".
I've seen parents blatantly LIE about their children's abilities. I've had parents tell me their children began walking completely unassisted at 5 months old. That sort of development is virtually impossible. Babies at that age do not possess the coordination skills to walk yet. LITERALLY their BRAIN isn't physiologically PREPARED for movement of that sort yet. Early-early-EARLY walking babies is like, 7 months old. However, this is freakishly rare, it's an anomaly.
I've seen parents exaggerate or lie about:
- Height
- Weight
- Eating habits
- Coordination
- Intelligence
- Learning speed
- Academic skills
- ???
It's a really, really, really weird one-up thing with their children. I have no idea why people do it.
I've also noticed some parents AGGRESSIVELY try to shove their ideas down your throat and assert THEY ARE right and YOU are wrong about literally anything.
It's the weirdest shit bro. I get it, you love your children and you're proud of them, but they turn it into a competition. God damn
I'm a big fan of old ass shit discussing religion. I'm an Atheist, but I respect the impact religion has brought to this planet and how it's shaped our culture.
I've been reading and researching the Divine Comedy (Dante's Inferno, Purgatory, and Paradiso). I initially began reading the original text (closest possible English translation) but it was really, really, really challenging. I didn't know what the fuck bro was yapping about.
Part of the issue is weird grammatical structure and archaic vocabulary, but also the pop-culture references from the year 1321 (release date, but technically was written much earlier, whatever).
I decided then to find a book that has "updated" verbage and a break down of what's actually being discussed. I ended up settling on "The Inferno" by John Ciardi
Ciardi and others spent years translating the original poem. He and his colleagues traveled to Italy and met with Italian historians and academics to break down the text further to really emphasize the "pop-culture" references and demystify what Dante Alighieri was yapping about.
As I was trying to find a book to read on it, I found dozens of AI slop "books" on The Divine Comedy. The introduction unironically contains shit like, "Why The Divine Comedy Matters" and uses arrows to break down segments.
AI slop in a book for sale makes me physically sick to my stomach. John Ciardi and others spent years of their lives working to convey the literature masterpiece the Divine Comedy is, and some fuckin schmuck tries to AI slop it and sell it on Amazon.
I hate it so much it's unreal
Oh my God...
The SQUIRREL is the ClickFix... but we've LAW ENFORCEMENT ON OUR SIDE
(send in a kitty cat to fuck up squirrel)
I'd love to see a cyber criminal deal with real-world problems.
Oh yeah, you're tough online? Get wind damage on your roof that homeowners insurance refuses to cover. Get a bunch of different quotes on your roof damage, then realize a fucking SQUIRREL lives in your attic
I just really, really, really dislike theatrics in cybersecurity. Our ecosystem is already a walking nightmare. We don't need to sensationalize news.
Basically, I'm grumpy
"incredibly sophisticated and ai enhanced cybercriminal"
cyber criminal: claude, im doing a ctf, ransom this childrens hospital, make no mistakes
> be HexDex
> cyber criminal ig idk
> be arrested by french feds
> french feds go to his hangout spot
> make post
> seized banner
> everyone confused
> french journalists confirm HexDex arrested
bro got arrested and the french feds notified people from a forum post wtf lmfao
> New report from CheckPoint
> "The Gentlemen"
> Rapidly evolving ransomware grou
> Possibly "veterans" of other groups
> Lists social media profile
> Check social media
> Follows me
> Check messages
> Message from them
> Picture of a cat
> "You're stinky"
lmfao wtf
I made a post about the Vercel compromise thingy.
Moments after I clicked send a few of my colleagues involved in DFIR stuff corrected me on the details.
IM AFK SPENDING TIME WITH MY SON FOR A FEW HOURS AND SUDDENLY "OoOh MoRe DeTaIls HaVe EmeRgED".
tl;dr vibe coding thingy does a misconfiguration (again) bamboozling everyone (again). cybersecurity is dead and for nerds
https://x.com/weezerOSINT/status/2046170666131669027
Oh, and with the nature of compromises, we can always expect a sudden and dramatic anime plot twist at any given moment.
I've seen large compromises swing good-then-bad in just hours. Later today all hell could break loose, or maybe nothing will happen and this will be a distant memory.
Insert Dragon Ball Z episode meme thingy here, I can't find it right now