Discover and read the best of Twitter Threads about #Vulnerability
Most recents (24)
😉You would love to grab these for yourselves won't you... 🕶️but hold on they are currently in the hands of inquisitive #hardwarehackers at to make these hardware devices be ready for future threats
⌚️Teardown has begun at #HardPwn🛩️
#hw_ioUSA2023
⌚️Teardown has begun at #HardPwn🛩️
#hw_ioUSA2023
⌚️Eyeing for that one little critical #vulnerability at #HardPwn
#hw_ioUSA2023 #hardwarehacking #bugbounty
#hw_ioUSA2023 #hardwarehacking #bugbounty
NEW PAPER is out in @DisasterPrevenM! @KsChmutina and I have been cooking up this theory of #vulnerability for #disasterstudies over the past few years and you may have heard us talk about bits and pieces on @DisastersDecon. A 🧵 of some key points.
emerald.com/insight/conten…
emerald.com/insight/conten…
We challenge the limited and overwhelmingly negative connotation associated with vulnerability in relation to disasters, and people dealing with risk. It's a product of our own reflective process, as we search for liberatory potential in a concept we have used uncritically.
In disaster studies, vulnerability is often used to portray certain groups as fundamentally weak and in need of protection. However, this can reinforce inequalities and paternalistic norms.
Very proud of this team effort "A regional integrated assessment of the impacts of #climatechange and of the potential #adaptation avenues for #Quebec’s #forests" is now published
A (very long) thread. Buckle up!
cdnsciencepub.com/doi/pdf/10.113…
@cflscf @NRCan
1/n
A (very long) thread. Buckle up!
cdnsciencepub.com/doi/pdf/10.113…
@cflscf @NRCan
1/n
First, I would like to acknowledge the work of all my colleagues including Jesus, Annie Claude, Yves, @mariehbrice, @DominicCyr, Louis, Daniel, @GauthierSylvie9 , Pierre, @Guillemette_L , Mathieu, Maryse, Tadeusz, Martin-Hugues, @ethiffault , @Tremblay_Jun and Stephen
2/n
2/n
Quebec’s #forests goes from northern hardwood with sugar #maple, beech, hemlock in the south, to pure boreal black #spruce forests up north. Natural #disturbances, go from single-tree windthrow or mortality in the south, to large stand-replacing #fires in the north.
3/n
3/n
#vulnerability #COVID19 #GBD
"#Pandemie-Gesundheitsschutz hatte Vorteile UND Nachteile.
Es gab Kompromisse, genau wie bei jeder Gesundheitspolitik. Regierungen auf der ganzen Welt nutzten eine Vielzahl von Strategien, bevor #Impfstoffe entwickelt wurden." yourlocalepidemiologist.substack.com/p/house-select…
"#Pandemie-Gesundheitsschutz hatte Vorteile UND Nachteile.
Es gab Kompromisse, genau wie bei jeder Gesundheitspolitik. Regierungen auf der ganzen Welt nutzten eine Vielzahl von Strategien, bevor #Impfstoffe entwickelt wurden." yourlocalepidemiologist.substack.com/p/house-select…
"Wir müssen die Lehren aus der #Pandemie ziehen, um beim nächsten Mal besser und klüger zu sein. Aber Diskussionen müssen ausgewogen und fundiert sein.
Z. B. muss das Erkennen der Kompromisse das Erkennen der
Schrecken einer unkontrollierten Übertragung beinhalten. "
Z. B. muss das Erkennen der Kompromisse das Erkennen der
Schrecken einer unkontrollierten Übertragung beinhalten. "
"Epidemiologische, ethische und logistische Details dürfen nicht ausgelassen werden."
1/5 As many of you here watch family, friends, associates and colleagues living their best lives out there, as #COVID19 surges, please know that many ARE NOT okay.
"Psychoanalyst Judith Alpert theorizes that our culture is terrified of death, illness, and vulnerability."
"Psychoanalyst Judith Alpert theorizes that our culture is terrified of death, illness, and vulnerability."
2/5 "Thus, “[t]hose who have contact with the #chronically #ill . . . do not want to be #reminded of #vulnerability and #ultimate #demise. In turn, the demand placed on the chronically ill is to #control, #hide, and #overcome the #chronic #illness.” (Alpert, 2012)."
3/5 Many of those who appear to be living their best lives are faking wellness to fit in.
psychologytoday.com/us/blog/chroni…
psychologytoday.com/us/blog/chroni…
In an Invited Editorial in @JAMAOnc today, my colleagues & I call for health systems to develop “Comprehensive #Pandemic Support Programs” for their most vulnerable patients.
These are our Top 10 Tips!
THREAD 🧵
jamanetwork.com/journals/jamao…
These are our Top 10 Tips!
THREAD 🧵
jamanetwork.com/journals/jamao…
Tip #1: Health systems should explain to all patients that #COVIDisAirborne and is best avoided through multi-layered mitigation.
Tip #2: Health systems should prioritize getting the most vulnerable patients vaccinated & boosted.
Offer #vaccines on-site w/the SAFEST options.
Vulnerable patients want highly-ventilated or outdoor options & high-quality (e.g., N95) masks for safety. Make it happen.
Offer #vaccines on-site w/the SAFEST options.
Vulnerable patients want highly-ventilated or outdoor options & high-quality (e.g., N95) masks for safety. Make it happen.
Here’s some useful #vulnerability #research and #secure #code #review resources
High-level approach to code reviews:
web.archive.org/web/2021120904…
alexplaskett.github.io/demystifying-s…
frycos.github.io/vulns4free/202…
google.github.io/eng-practices/…
methodsandtools.com/archive/archiv…
fluentcpp.com/2021/11/30/how…
1/3
High-level approach to code reviews:
web.archive.org/web/2021120904…
alexplaskett.github.io/demystifying-s…
frycos.github.io/vulns4free/202…
google.github.io/eng-practices/…
methodsandtools.com/archive/archiv…
fluentcpp.com/2021/11/30/how…
1/3
Vulnerabilities in code:
ost2.fyi/Vulns1001
github.com/struct/mms
surrendercontrol.com/search/label/T…
wiki.sei.cmu.edu/confluence/plu…
c-faq.com
2/3
ost2.fyi/Vulns1001
github.com/struct/mms
surrendercontrol.com/search/label/T…
wiki.sei.cmu.edu/confluence/plu…
c-faq.com
2/3
And for good measure, let me throw in some taxonomy and vulnerability severity guidelines as well:
cwe.mitre.org/index.html
vulncat.fortify.com/en
rules.sonarsource.com
chromium.googlesource.com/chromium/src/+…
3/3
cwe.mitre.org/index.html
vulncat.fortify.com/en
rules.sonarsource.com
chromium.googlesource.com/chromium/src/+…
3/3
Check out iamambroseggball's video! #TikTok vm.tiktok.com/ZMFU6X63U/
@CATSwits @DGreenwoodLaw @VerisonaAbuse @KennedysLaw @lambeth_council @LibPeck @ShirleyOaksSA @NexusChambers #MichaelMansfieldQC #ImranKhanQC @LyntonBRB @MWillisStewart @willispalmer @Ofstednews
@CATSwits @DGreenwoodLaw @VerisonaAbuse @KennedysLaw @lambeth_council @LibPeck @ShirleyOaksSA @NexusChambers #MichaelMansfieldQC #ImranKhanQC @LyntonBRB @MWillisStewart @willispalmer @Ofstednews
@NSPCC @PeterWanless @childrensociety @churchofengland @JustinWelby @theresa_may @AmberRuddUK @KeithVaz144 @Channel4News @simonisrael @jonsnowC4 need to @FaceTheNation and the @GlobalGoalsUN the @GIWLkings @WomanFoundation need to question @HWistrich aka @centreWJ @Ofstednews
And the @Article365 @publiclawprojct as to how so much @InjusticeFacts committed by @Conservatives and @UKLabour all IGNORED by @LibDems as @MentalHealthGov do or say absolutely nothing about my life long #vulnerability and #MentalHealthMatters
1/
Grady Clinic, last week
Me: “That wasn’t my intention. I’m sorry I—”
You: *holding up hand* “Nah I’m good. I don’t want your apology.”
Ooph.
I parted my lips to say more but you spoke again before I could.
You: “Please just leave. Now.”
And you meant it.
Grady Clinic, last week
Me: “That wasn’t my intention. I’m sorry I—”
You: *holding up hand* “Nah I’m good. I don’t want your apology.”
Ooph.
I parted my lips to say more but you spoke again before I could.
You: “Please just leave. Now.”
And you meant it.
2/
The student working with me shifted nervously. I felt thankful for the melanin that masked red heat rushing to my face.
You: “Don’t worry. I ain’t gon’ take this out on you.”
You looked at her & then back to me.
You: “It’s OK. I’ll still see her. Now please leave.”
Whew.
The student working with me shifted nervously. I felt thankful for the melanin that masked red heat rushing to my face.
You: “Don’t worry. I ain’t gon’ take this out on you.”
You looked at her & then back to me.
You: “It’s OK. I’ll still see her. Now please leave.”
Whew.
3/
You added something about how I made it harder for my student but since it wasn’t her fault you wouldn’t hold my shortcomings against her learning.
I apologized once more but you were done talking to me. And hearing me talk period.
I gave the student a nod and slipped out.
You added something about how I made it harder for my student but since it wasn’t her fault you wouldn’t hold my shortcomings against her learning.
I apologized once more but you were done talking to me. And hearing me talk period.
I gave the student a nod and slipped out.
Another new idea for #PenetrationTesting and #Bug-hunting:
Tester:
Enhance the force of #vulnerabilities by doing things like
I discovered a free #URL that leads somewhere else.
Put this in my report and move on ?
Tester:
Enhance the force of #vulnerabilities by doing things like
I discovered a free #URL that leads somewhere else.
Put this in my report and move on ?
To the contrary, changing the #payload allowed me to transform it into a reflected #XSS #vulnerability. Is this the final question?
Obviously not if I have any hope of carrying on.
Obviously not if I have any hope of carrying on.
A recent post by Vietnamese cybersecurity company GTSC detailed findings from a #MicrosoftExchange breach that stemmed from CVE-2022-41040 and CVE-2022-41082. @Volexity ties this to a CN threat actor it tracks that targets organizations using #OWA and #Zimbra.
#volexintel 1/7
#volexintel 1/7
Specifically the post highlights IP 206.188.196.77, which hosted the domain rkn-redirect[.]net. @Volexity previously identified this domain as a phishing domain targeting #OWA users. Note some subdomains offer clues about the likely targeting.
2/7
2/7
.@Volexity has linked the rkn-redirect[.]net domain to several others through domain registration patterns & banner data patterns.
3/7
3/7
I have had the privilege of reading
the thread authored by @tweetsfromstar but I
differ on following reasonings & add some observations on
the maintainability of my standpoint.
#Integration is a subjective matter. Every society & religion has their own integration standards.
the thread authored by @tweetsfromstar but I
differ on following reasonings & add some observations on
the maintainability of my standpoint.
#Integration is a subjective matter. Every society & religion has their own integration standards.
You can't integrate a #Woman wearing a #bikini 👙 in #Afghanistan🇦🇫 or #Pakistan🇵🇰?
Attaching sufferance to #Hijab while pressing #burka or #niqab as an oppression is a sanctimony towards hijab on your part.
Attaching sufferance to #Hijab while pressing #burka or #niqab as an oppression is a sanctimony towards hijab on your part.
It's the same to assert that #Kalashnikov can be integrated but the #G3 cannot be integrated despite the fact that both are destructive and pose threat.
Neither #Hijab nor #burka is a choice, both are enforced through coercion, fear or at least to say childhood indoctrination.
Neither #Hijab nor #burka is a choice, both are enforced through coercion, fear or at least to say childhood indoctrination.
Since your malicious cyberattack timelines matched cybersecurity’s research to strengthen security for years and now, you hack alone but with a cooperative goal to damage national security. Which Advanced Persistent Threats group/s #APTs are you in, #Animez_UK?
Converting traditional crime to cyber-enabled crime and becomes a malicious attacker against the UK, for
1- financial income,
2- #sexual desire and #harassment with #pornography sent to #women,
3- attacks for #politics against the UKGOV.
#Animez_UK
1- financial income,
2- #sexual desire and #harassment with #pornography sent to #women,
3- attacks for #politics against the UKGOV.
#Animez_UK
1st stage- early life:
-Experienced #exclusion/#discrimination.
-Didn’t learn to communicate with #women.
-favours #authoritarianism.
-enjoys #control targeted women & whom against his will.
- Expresses hidden #hatred & #violence on through cyberattacks.
#Animez_UK
-Experienced #exclusion/#discrimination.
-Didn’t learn to communicate with #women.
-favours #authoritarianism.
-enjoys #control targeted women & whom against his will.
- Expresses hidden #hatred & #violence on through cyberattacks.
#Animez_UK
Having fun with cyberstalking #UKGOV, attacking organisations, universities & individuals connected to the justice system, UK #military against #NCSC, treating #intelligence & #GCHQ as jokes to your 15- 20 yrs malicious #hacking for #China & #Russia inside #Britain, @Animez_UK?01
Converting #traditional crime to cyber-enabled crime and becomes a malicious #cyberattacker against the UK, for
1- #financial income,
2- #sexual desire and #harassment with #pornography sent to #women,
3- attacks for #politics against the #UKGOV.
@Animez_UK @NCSC
02
1- #financial income,
2- #sexual desire and #harassment with #pornography sent to #women,
3- attacks for #politics against the #UKGOV.
@Animez_UK @NCSC
02
1st stage- early life:
-Experienced #exclusion/#discrimination.
-Didn’t learned to communicate with #women.
-favours #authoritarianism.
-enjoys to #control targeted women & whom against his will.
- Expresses hidden #hatred & #violence on through cyberattacks.
@Animez_UK @NCSC
-Experienced #exclusion/#discrimination.
-Didn’t learned to communicate with #women.
-favours #authoritarianism.
-enjoys to #control targeted women & whom against his will.
- Expresses hidden #hatred & #violence on through cyberattacks.
@Animez_UK @NCSC
"Today, when the left’s political timidity and #authoritarianism has stripped it of all credibility as a democratic political force, it is more significant that the right also finds it very difficult to resist the lure of #vulnerability claims."
braveneweurope.com/peter-ramsay-v…
braveneweurope.com/peter-ramsay-v…
"The old imperial myth of Britain standing up to foreign tyrants is once again being wheeled out in respect of Ukraine, but the context has changed. The critical point ... is that the fear-mongering style of politics developed during the Cold War...is all conservatives have left"
"All the old commitments, once proclaimed by conservatives, to traditional virtues, such as faith, family, sacrifice, duty, deference to hierarchy, have decayed in practice into a fear-driven politics in which liberals, socialists and foreigners are constructed as threats ..."
Infra/App monitoring Tools-thread 👇🏻
What is monitoring?
The purpose of IT monitoring is to determine how well your IT infrastructure and the underlying components perform in real time. The resolution gets quicker &smarter
#Linux #Monitoing #Security #infosec #ITJobs #Tools
What is monitoring?
The purpose of IT monitoring is to determine how well your IT infrastructure and the underlying components perform in real time. The resolution gets quicker &smarter
#Linux #Monitoing #Security #infosec #ITJobs #Tools
Type of monitoring:
1. Availability monitoring: this is designed to provide users with information about uptime and the performance of whatever is being monitored.
2. Application performance management (APM): Using APM solutions, businesses can monitor
1. Availability monitoring: this is designed to provide users with information about uptime and the performance of whatever is being monitored.
2. Application performance management (APM): Using APM solutions, businesses can monitor
whether their IT environment meets performance standards, identify bugs and potential issues, and provide flawless user experiences via close monitoring of IT resources.
3. Security monitoring: Security monitoring is designed to observe a network for breaches or
3. Security monitoring: Security monitoring is designed to observe a network for breaches or
9. Hello again, @akgungor_c continues from where he has left :) So, I tend to think of #disasters as systemic “radiographs”. I’m not sure when I first came up with this analogy but I usually associate this idea with my own experience as a search & rescue volunteer.
10. After all, looking around in a disaster-stricken zone, few people don't come to reflect on their own #vulnerability first, then, gradually, about the vulnerability of human societies to massive #disruptions.
11. The greater the impact, the thinner seems the protective bubble provided by our physical and social systems.
Hi #infosec folks, I did promise a #TCC #vulnerability for #macOS blogpost. So, here we are, introducing "Powerdir":
microsoft.com/security/blog/…
microsoft.com/security/blog/…
I wanted to add a meme to the blogpost but apparently you simply can't do that...
Apparently @_r3ggi found very similar issues in parallel to my findings, it's interesting to see the different approaches to TCC bypass bughunting.
We have had a busy 2021 and we look forward to 2022 which is brightened further with the spirit of Indovation and ideation. Cheers to each of you and your families.
2/n 2021 was a challenging year personally for many with #Covid 2nd wave but it presented professional opportunities for #startup ecosystem too. @SucSEED_IN built its maiden #AngelFund #IndovationFund, amongst overwhelming response & kept growing its strength as #AngelNetwork too
3/n At #IndovationFund, we believe that early-stage discovery is best handled with the help of Experienced folks. We have great #SectoralCommittee structure helping us to discover, screen, curate, invest and mentor these startups, in 6 sectors of our #Fundfocus #SucSEEDfamily
🧵 Sharing snippets and my reflections from the [[Book/Storyworthy]] by [[Author/Matthew Dicks]].
🎬 Start Date: [[December 24th, 2021]]
🏁 Finish Date: [[December 26th, 2021]]
📚 Genre: #NonFiction #Storytelling #PersonalHacks #Writing
🎬 Start Date: [[December 24th, 2021]]
🏁 Finish Date: [[December 26th, 2021]]
📚 Genre: #NonFiction #Storytelling #PersonalHacks #Writing
1/#Storytelling helps you realise that the biggest, scariest, most painful or regretful things in your head get small and surmountable when you share them with others.
2/#Storytelling is a favour to yourself because you are taking a moment to write your name in the wet cement of life before you head to whatever is next.
This week we will be talking all about #vulnerability. A critical concept in disaster studies but one that has generally been used in a limited way!
I think a good place to start this conversation is with the Pressure and Release (PAR) model, from a book most of you probably know, 'At Risk.' This model charts 'the progression of vulnerability' and underpins the vulnerability paradigm that many disaster scholars draw upon.
The paradigm has been effective in framing disasters as socially constructed, and locating the creation of risk in political and economic processes that are unjust, privileging some and oppressing others.
#PegasusProject #OrderAnalysis❗️ Long Thread Alert 🧵
BIG NEWS: The Supreme Court of India has constituted a technical committee to investigate the allegations of #Pegasus use against Indian citizens. 1/14
internetfreedom.in/sc-appoints-a-…
BIG NEWS: The Supreme Court of India has constituted a technical committee to investigate the allegations of #Pegasus use against Indian citizens. 1/14
internetfreedom.in/sc-appoints-a-…
WHAT CAN THE COMMITTEE DO? 👁🗨
It is to enquire and investigate whether the #Pegasus spyware was acquired by any Government; whether it was used on phones/devices of Indians to access stored data, eavesdrop, intercept information; and/or for any other purpose. 2/n
It is to enquire and investigate whether the #Pegasus spyware was acquired by any Government; whether it was used on phones/devices of Indians to access stored data, eavesdrop, intercept information; and/or for any other purpose. 2/n
The Committee can also make recommendations regarding new laws around #surveillance to secure the right to #privacy as well as about establishment of a mechanism for citizens to raise grievances grievances if they fear they are under illegal surveillance. 3/n
The findings show an absence of a systematic and coordinated plot to take over these schools and an absence of any concerted and deliberate plot to promote radicalisation and violent extremism of Muslim children in these schools or elsewhere
#TrojanHorse
tandfonline.com/doi/abs/10.108…
#TrojanHorse
tandfonline.com/doi/abs/10.108…
language used to talk about the issues of “radicalisation” & “extremism” is itself the subject of considerable debate (Kundnani 2012; Lynch 2013). There is also a difficulty in understanding fully these issues cos there is a lack of an objective or universally accepted definition
As soon as the media took hold of the allegations, there was huge publicity about the promotion of extremism, radicalisation & terrorism.
At the time, the press also expressed many irrational anxieties about these Muslim majority schools (Arthur 2015). Even though, from the
At the time, the press also expressed many irrational anxieties about these Muslim majority schools (Arthur 2015). Even though, from the
@Bobcatwater @Surete_Est @sureteduquebec @grcqc @grcrcmppolice @SPVM @SPVQ_police @bcaavocat @Cain_Lamarre @BCF_Avocats_Law @PHPG_Avocats @CliquezJustice @LHLCanada @PoliceRIPTB @HecquetFr @NOVAlex_MTL @SBL_LawFirm @Div_nat_GRC @aruelmanseau @LaSAQ_officiel @ijustine @KimBoon94 @michellejobin @sureteduquebec
