Hope is our lifeblood. Hope is the possibility of imagining a future that might not be Armageddon. Hope is that which preserves our dignity and poise under hardships and deprivation. It is the possibility of movement and progress which differentiates freedom versus prison.

Thank you so much for the privilege of giving this special talk, which was the culmination of over 33 years of research — and which would never have seen the light of day had y'all not kindly asked me to speak at your most excellent conference (to which I would eagerly return) 𓃦

This article covers a lot of our joint research (@treyka and mine) and is a very important awareness piece. We can continue to pretend there is no elephant in the room. It's there, it's big, and we need to start moving it because it will move very slow and... tempus fugit!

/me yawns and stretches like a cat in the dusty trickling motes of an October sunbeam...

In the kingdom of the blind, the one-eyed may be kings — but they lack all depth perception, and so they still keep tripping over the elephant in the room.

My many thanks to @campuscodi and @riskydotbiz to bring much needed attention to the Epochalypse Project! I just want to clarify it is a community project that could not exist without the tireless efforts of @treyka, talking about it, from a coffee table to security conferences,

Hey folks, I've been working on something. Y2038. Something that the more I learn, the more I get concerned. The sheer size of the task is absolutely daunting. We will need all hands on deck for this one. Please take a read, join in if it ressonates.

Turns out, Mallory was actually Jeff.

Warning: #PaloAlto has patched a critical authentication bypass vulnerability (CVE-2024-0012; CVSS: 9.3). This flaw is actively exploited, as reported by #CISA. Palo Alto recently addressed other vulnerabilities as well. Time to #Patch #Patch #Patch

Warning: Multiple High Vulnerabilities in #FortiClient #Fortinet #FortiOs #FortiAnanlyzer #FortiManager #CVE-2024-47574, 36513, 23666 #CVE-2023-50176 CVSS: 7.5 - 8.2 They can lead to Privilege escalation and Improper access control #patch #patch #patch

I'd call that Ultra-Unreliable 🍻

I wonder when we'll see our first CVSS 11.

Warning: Multiple vulnerabilities found in #RedHat OpenShift Container Platform 4.17. Critical severity with CVSS score up to 9.0. No exploits detected yet. Update to version 4.17.3 to stay secure. #Patch #Patch #Patch

Today, @CISAgov released our first International Strategic Plan, which guides how we will engage our international partners in 2025-2026 to strengthen security and resilience in the globally interconnected critical infrastructure we all depend on. 👉 https://t.co/FkaVF7Ykgi

Warning: #Cisco published multiple vulnerabilities concerning their products, including 3 Critical vulnerabilities and 1 actively #exploited in Cisco ASA, FTD and FMC. #Patch #Patch #Patch  https://t.co/X5NrdF84Wt

Warning: Critical Missing Authentication in #FortiManager can lead to Arbitrary Code Execution. #CVE-2024-47575 CVSS(3.1): 9.8. The vulnerability is actively #exploited. #Patch #Patch #Patch #FortiJump

WARNING : A critical remote code execution (RCE) vulnerability, CVE-2023-22527, in outdated versions of Atlassian Confluence servers is #actively exploited. See our updated advisory https://t.co/4Zrf2FWNMO. Please #Patch #Patch #Patch

RIP Sinead

Warning! There is a critical RCE vulnerability in #Juniper Networks Session Smart Router (#CVE-2024-2973). If successfully exploited, the attacker can bypass authentication and take full control of the device. It's time to take action and #patch #patch #patch

Electric cars are unimaginative greenwashing, we should be investing much more in rail and other transport modalities.

I miss Twitter.