welp, there it is. sorry, i hit send too early.
im now getting spam pretending to be ukraninan refugees begging for bircoin and usdt.

i was gonna paste a screenshot and the redact wallets but got sidetracked.

resource exhaustion attacks exist in more places than just computers and networks. your time is a resource. a window of opportunity is a resource. anything with a ticking clock attached to it can be one. anything that can be depleted... a really good example of this is what we're seeing in the news - where some folks make up completely absurd nonsense, and force the press to refute the nonsense at length, thereby exhausting the resources of the news outlets.

so i looked at colonial pipelines perimeter... WELP, 7 to 3, here we go.
this will be light, because you will get the picture really really fast.

oh hey, completely off topic:

so @phobosgroup released orbital in December, and its largely been hugely overshadowed by insane news

February is Phobos' birthday, and we do discounts for stuff, so if you're sniffing around for external recon tools, please poke me or @Packetknife oh, and i guess this would be helpful:

phobos.io/orbital

you can sign up for a demo and have a limited trial, and/or you can get me and @Packetknife on a call to walk you through a report and talk some shop.

i wonder if the capitol has security cameras.
i wonder what's on those recordings.

i wonder if the capitol has decent enterprise grade wifi.
I wonder what's in those logs. i wonder if that data contains beacons from mobile devices.

i wonder what would happen if someone were to take those becons, pull the wifi mac addresses, and search wigle.net for each and every one.

so in the process of sending two burritos to two folks on the east coast, and supporting a local small business, i accidentally made a girl's day at the local fedex office. She said people have sent pies and whatnot before, but never burritos. yes, it was absurdly expensive.
but it'll brighten some moods, its another 'fun, dumb internet thing', and with any luck it'll inspire other folks to do the same.

we need some levity right now, and if me dropping dumb money to send burritos via fedex overnight helps, I'm in.

HOKAY!
I just drove around to a bunch of nearby groceries to see the carnage, just to get an idea of wtf was actually happening. I have 76 photos, and visited five stores.

panic candy: a thread! Ralphs:

so i've been playing through the new wolfenstein: youngblood.

it's a very visually impressive game. they figured out how to do some really amazing stuff with light reflecting off of "dirty glass", and it looks actually real. but there are some elements about the game that are annoying, and some elements that make it near unplayable.

I'll explain!

so in my previous life, before i went infosec, before i tableflipped and ran for the hills, my last title was 'sytems architect'. It took quite a long time to get that title, and it involved taking next to zero shit from employers when review time came around. During that trajectory, I learned a very important lesson, and I field tested it at a BUNCH of different shops, because nearly everywhere I went, I'd find a scenario like this, and after a while it became kinda routine.

so you know when you say a thing, then someone calls you out for something, but they themselves are guilty of exactly what they are calling you out for?

yeah.

I'm spending the entire day today finding every single issue ever reported with fb messenger and how its not private.

https://twitter.com/merket/status/1075769046505832448

for you, @merket.

because you are the straw that broke the camels back on this particular logical fallacy train.

okay so this crashed apple rdp.
new plan - nmap all the hosts first to see which are actually open/alive, then see if that number is anywhere near reasonable.