 |
Post Ay0yxOs3HxFujma2gC by [email protected] |
 |
More posts by [email protected] |
|
Post #Ay0h7lY223con30czI by [email protected] |
|
0 likes, 4 repeats |
|
|
|
That NodeJS supply chain hack incident is amazing because the threat actor(tm) … |
|
|
|
Post #Ay0hOI2azYW4CNBUnI by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog Thanks, I was thinking the same thing. Possibly the worst thing th… |
|
|
|
Post #Ay0hafqmILOZW7Yu00 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
I cannot tell you have many security incidents I’ve worked at orgs on critica… |
|
|
|
Post #Ay0hh565LAWvYYmETY by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@GossiTheDog over9000 proxies, and you deploy a cpu based coin miner on the dom… |
|
|
|
Post #Ay0hoxcZ1KTGgbj3qq by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog Dude don't give them any ideas xD hahah |
|
|
|
Post #Ay0idHkETWSFZtJEy8 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog this has generally been my experience, too (though the numbers are… |
|
|
|
Post #Ay0ihUtTWrvhW8do6y by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@GossiTheDog This hack, brought to you by Carl's Jr. |
|
|
|
Post #Ay0jF7pJnYTVp1jQbQ by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog "The bar is low." |
|
|
|
Post #Ay0mapIHgPvuZpJt1k by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog we ought to be thankful most criminals are so unambitious |
|
|
|
Post #Ay0pM5zfbxfRtBHSng by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog @kajer It’s actually nuts hey 🤣 most activity I see in my hon… |
|
|
|
Post #Ay0xxdshNdeFKyQzaa by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog isn't stealing a bit of money from billions of devices a prett… |
|
|
|
Post #Ay0yxOs3HxFujma2gC by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@GossiTheDog Every time there's a major ransomware or cryptocurrency miner … |
|
|
|
Post #Ay1APLQKnUDPeP8w4G by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog I read through as many public post mortems as I can get my hands o… |
|
|
|
Post #Ay1I2Pov5HFoG8DiPg by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog Seen similar so many timesThank fuck for the lack of originality a… |
|
|
|
Post #Ay1JbLxZWrDCNMUUIS by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@GossiTheDog It’s a sobering reminder that we got “lucky” this time. The … |
|
|
|
Post #Ay1KwZEzRhX3bLJkC8 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog why does the attacker only wanting to make a quick buck without ca… |
|
|
|
Post #Ay1QFXAFtCguQzxxUO by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog> Imagine if they had done reverse shells insteadAnd got DDOSed … |
|
|
|
Post #Ay1UR5PvHKoBfZ3h2W by [email protected] |
|
0 likes, 2 repeats |
|
|
|
@GossiTheDog Around ten years ago, one of the FreeBSD developers had an SSH key… |
|
|
|
Post #Ay1Z1B9HqTQpggk7Xs by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog What about Teams, Signal Desktop and other Electron dumpster fires? |
|
|
|
Post #Ay1dC5A0qjpW7KXMFk by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog finally, a place for cryptocurrency: distracting attackers from do… |
|
|
|
Post #Ay1gwsGQupnlanXmYy by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@[email protected] i am so tempted to attempt similar shit and just… |
|
|
|
Post #Ay1gwsOaQWK805MIGu by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@memdmp @GossiTheDog make it execute printf("meow :3") |
|
|
|
Post #Ay1h0hf6HBM1rvuKPo by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog we are again forced to thank crypto bros for drawing so much of th… |
|
|
|
Post #Ay1h37iqM5TZGyoR4i by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog completely unsurprising |
|
|
|
Post #Ay1h3dXc3NVRxPnv0q by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog 4? I bet it's 4. It is only 4 right? <padme.jpg> |
|
|
|
Post #Ay1h9pdZzcRfD7Y6cq by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog I read on twitter that the wallets he used weren't even usable… |
|
|
|
Post #Ay1hDYhot05prAJFo0 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@david_chisnall @GossiTheDog "logged in, tried running a few Linux command… |
|
|
|
Post #Ay1hOssOEVfFbEebk8 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog This happened to OpenAI's kubernetes cluster when I worked the… |
|
|
|
Post #Ay1hQ0Zh60InlWRfJw by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@kajer @GossiTheDog i thought ethereum is proof of stake, am i wrong |
|
|
|
Post #Ay1hS0x2fOenVqK3vc by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog thank god for crypto bros |
|
|
|
Post #Ay1hSp7O9Cdt6PY1zs by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@memdmp @GossiTheDog The return of "I <3 u" |
|
|
|
Post #Ay1hXKXbGCNziUxP5U by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Could some of those be smoke screens?"Inverse honey pots" for the ana… |
|
|
|
Post #Ay1hbBrNThDRx334b2 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog billion, eh? most apps use lockfiles, so while it's still a hu… |
|
|
|
Post #Ay1hf2zoNMyJcPpgQK by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog point and laugh at the scrypto kiddie, it's good for the soul |
|
|
|
Post #Ay1ht9lC1WBieSircO by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@AlesandroOrtiz @GossiTheDog I just assume that all networked systems are trans… |
|
|
|
Post #Ay1i03iqs0cpx8v2OG by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog maybe this is the actual use case for blockchain: diverting malici… |
|
|
|
Post #Ay1iDMKF128jPikX4K by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@[email protected] @[email protected] nono ill make it compile … |
|
|
|
Post #Ay1iQyCzTjpWfdqewa by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@[email protected] no-op all the node bins :3 |
|
|
|
Post #Ay1kq38IVV6Z5hjvNY by [email protected] |
|
0 likes, 1 repeats |
|
|
|
Honestly, using a megabreach like this Node.js pop to nab cryptowallets is a BR… |
|
|
|
Post #Ay1rKIuT0qxAR152MS by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog Remember that frankly shabby breathless writeup of how there was a… |
|
|
|
Post #Ay1t8HRop4RkKk4h8a by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog that is what they want us to think. |
|
|
|
Post #Ay1wlPvXWvotmvKWJs by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog the only thing keeping our critical national infrastructure up and… |
|
|
|
Post #Ay2B7fGuYfon6kpS7M by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@vnikolov @GossiTheDog some of them maybe? It happens so often though… |
|
|
|
Post #Ay2HX9ImdwLjD3EvTs by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog Similar to the scene at the moment, where people are working on ad… |
|
|
|
Post #Ay2dff2QjLp2wi3RHE by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@david_chisnall @GossiTheDog I once investigated a breach of a majorly critical… |
|
|
|
Post #Ay2dp4kYVKWjIOBPUm by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@memdmp @GossiTheDog from ransomware to hiware |
|
|
|
Post #Ay2e6a9uymVDdFOUAC by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@sawaba @GossiTheDog HOW LITTLE? I mean, that's actually embarrassing. Can … |
|
|
|
Post #Ay2eHixObo4A6Vqk52 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Not in most cases, I agree.On second thought,if it is true in a minority of cas… |
|
|
|
Post #Ay2nuBuCKJyGTflrqS by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@JessTheUnstill @GossiTheDog oh XD I misunderstood the first post, I thought th… |
|
|
|
Post #Ay5b3ECsQM9EI7MnVw by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog the number of times I've seen CLI history files where the seco… |
|
|
|
Post #Ay5d3pBv7GRUuBKc1Q by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@froyomoslo @GossiTheDog 5 cents https://www.securityalliance.org/news/2025-09-… |
|
|
|
Post #Ay5dK77aDj679D4PU8 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog @froyomoslo what'd it turn out to be? thought it got shut down… |
|
|
|
Post #Ay5fT5FQkrobqs95Gq by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog time has passed so I think I can share that now: I used to work fo… |
|
|
|
Post #Ay5h3cALwYcAKBkmzw by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@GossiTheDog I remember doing incident response to find out the threat actor ha… |
|
|
|
Post #Ay5hJYfihal27a1n3g by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mkoek @david_chisnall @GossiTheDog My favorite such incident (just before my t… |
|
|
|
Post #Ay5koh1U0F3CrRkFyS by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog my own example is when I first logged in on my internet provider (… |
|
|
|
Post #Ay5lnHoGMLosKPSFTE by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog ah yes, that Internet exposed RDP your boss doesn't want to ta… |
|
|
|
Post #Ay5nsmit3HD7YngpIO by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog I fixed name resolution issues on a multinational bank's City … |
|
|
|
Post #Ay5pm5ls265QWC1PBw by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mkoek @david_chisnall @GossiTheDog this is why education and skills training i… |
|
|
|
Post #Ay5uO6CvG5lmgz3OAy by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog this joker got supply chain access to the npm cli, if they had don… |
|
|
|
Post #Ay62s7eXFSvnUnnRXE by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog I suppose this is one tiny good thing cryptocurrency has done for … |
|
|
|
Post #Ay67Hstd8R474iOf0S by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@david_chisnall @GossiTheDog doesn't a key plot point in Clifford Stoll'… |
|
|
|
Post #Ay6DXhEYrYKfGN6sm8 by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@david_chisnall What a great story!, though all I can think of is "any suf… |
|
|
|
Post #Ay6Fbu33MRHe4ZrQw4 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@[email protected] they didn't get access to "like, a bill… |
|
|
|
Post #Ay6YSXe9B9Rr7NSdWq by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog It's still shocking that someone managed to accomplish an inco… |
