When things are broken in non-obvious ways, we must become curious in order to fix them.

I have nothing important to post today. Just this cuteness.

Thrilled to release my latest research on Apache HTTP Server, revealing several architectural issues! https://t.co/YzYcwxOGBn Highlights include: ⚡ Escaping from DocumentRoot to System Root ⚡ Bypassing built-in ACL/Auth with just a '?' ⚡ Turning XSS into RCE with legacy code

📣 ANNOUNCEMENT: We're excited to announce our Keynote and Main Stage Speaker Lineup for #BHUSA. Don't miss it! #cybersecurity #infosec Learn more here: https://t.co/IJIQFD0rcy

Microsoft: "We care about backwards compatibility so much that we will leave insecure stuff in the OS sometimes." Also Microsoft: "We changed Powershell for some unknown reason and some of your old scripts won't work anymore. haha guess you have to rewrite it."

The CFP for Blackhat USA 2024 is now open. If you have been wanting to speak at Blackhat, this is your chance. https://t.co/O6wpUMEsZE

#defcon escapes another brush with cancellation! After 25 years w/Caesars, they cancelled our contract for #defcon32. A lot of conferences might have buckled, but not DEF CON. Hackers make a way out of no way. Uncanceled DEF CON 32 will now be held at the Las Vegas Convention

And just like that… Next year, @shmoocon 25 will be the last ShmooCon #shmoocon

Honored to be one of the judges for Black Hat’s Startup Spotlight Competition, a video pitch competition for security startups. Finalists will present their products in front of a live audience at Black Hat USA. You can still apply! Submit by June 9: https://t.co/p6oAF9Dw8M

The Black Hat team is devastated to learn of the passing of Kelly Lum (@aloria). Kelly was a respected & valued member of our Review Board, a Track Leader, and speaker at our events. This is a terrible loss, and we send our sincere condolences to her family and friends.

Kelly's family wishes to prevent rumors on circumstances of her passing from being spread. Kelly did not take her own life, but passed due to progressed critical illness, in a hospitalized setting surrounded by her family.

NYSEC is tomorrow, Tuesday, March 21st @ 6PM. Please join us in remembrance of our dear friend, colleague, and mentor @aloria, whom without our community and world surfers greatly. d.b.a. 41 1st Ave. New York, NY 10003 Map: https://t.co/ICdYCKmI7f

It is with profound sadness that we mourn the loss of our friend and mentor, @aloria. Kelly had an indomitable spirit, and our world is a bit darker without her.

Updates to https://t.co/u6s6p8eNTr * The four severe Internet-to-baseband RCE vulns now have CVE-IDs * Pixel just updated their March 2023 bulletin to show fixes for all four of the severe issues for Pixel 6 and 7 * I'm told that the Pixel 6 March OTA update is rolling out now.

This is a nice article about a local security meetup that I sometimes attend. https://t.co/Jq6o73Dlgc

Found a method to see inside some chips, without having to unmount or destroy the chips. Best part - the method only relies on lightly modded off-the-shelf cameras and lenses. Read more at https://t.co/OeEgYZhvV4

The Blackhat USA CFP is now open https://t.co/Xa8Fnhp8VI If you've ever wanted to speak at Blackhat about your research, this is your chance.

52 hours without power and no end in sight. This will be day three of work I'm missing.

In addition to not having power at home, the cell service isn't working in my area. I'm not sure why, since it seems to work a mile away (where I am now). If anyone needs me, you will have to wait until the power outage is over.

Hooray 🎉