Ville Sarmiola

OMG Cable has arrived... https://shop.hak5.org/products/o-mg-cable … @d3d0c3d, @clevernyyyy, & I have been very busy. Logo: @dustrial Song: @threeteeth Find OMG Cable on: @Hak5pic.twitter.com/jV68FzfgGJ

Performance artist generates virtual traffic jams in Google Maps by pulling a wagon full of smartphones http://www.simonweckert.com/googlemapshacks.html …pic.twitter.com/m3bmQXvswI

Hackers are hijacking smart building access systems to launch DDoS attacks - Vulnerability: CVE-2019-7256 (no patch) - CVSS score: 10/10 - Device: Linear eMerge E3 - Exploitation started last week - More than 2.3k systems are currently exposed online https://www.zdnet.com/article/hackers-are-hijacking-smart-building-access-systems-to-launch-ddos-attacks/ …pic.twitter.com/WWAlCtbz1o

These are Arachnocampa Luminosa, or New Zealand glowworms. The worms fill natural caves and abandoned mines. After hatching, the larva spin silk nests on the roof and walls of caves. The soft glowing light lures prey. https://trib.al/Yrpefny  Joseph Michaelpic.twitter.com/7Aw3qQdP3V

Was taken aback by the bluntness of Avast/Jumpshot's internal documents on its sale of users' browsing data. "The data set is almost like an Apache log for the entire Internet for every device in the panel." https://www.vice.com/en_us/article/qjdkq7/avast-antivirus-sells-user-browsing-data-investigation …pic.twitter.com/fvwpR25q1S

pic.twitter.com/PFBB90zs2Q

Lake Eyre isn't really a lake. It's a salt pan in the Australian Outback. During the rainy season, it fills with shallow pools of water that reflect the sky above. Add in some mirrors and it becomes a dream-like wonderland https://wired.trib.al/qwqk0T1  : Murray Frederickspic.twitter.com/gTMf0Bktfc

pic.twitter.com/5d7XpJesS7

Post-exploitation #Friday tip: Do you know how to trivially & remotely hijack an #RDP session without prompt nor warning on user's side using #Microsoft signed binary (no patch/multi-session) ? qwinsta+mstsc shadowing is the answer ;) Details: https://github.com/kmkz/Pentesting/blob/master/Post-Exploitation-Cheat-Sheet … #Pentestingpic.twitter.com/wHVIYQo73A

fun fact: If someone grabs your car with a roboglove, you can't drive away!pic.twitter.com/lhbVzQVVjn

Who is lurking behind a Wordpress website? How to use WPScan to identify usernames and accounts on Wordpress sites. New #OSINT blog post here: https://nixintel.info/osint/osint-techniques-whos-behind-a-wordpress-site/ … (Thanks to @OsintCurious for taking part!)pic.twitter.com/SGgrVQOinz

Ooopspic.twitter.com/83STcQfPNB

Short Thread: staying with some friends and last night after everyone went to bed I could not figure out how to turn off the large ceiling light in their living room. There is a wall controller that seemed fairly straightforward.pic.twitter.com/vMcaqL6Gbr

our lab’s new fuzzing farm! i call it “the paper machine”. because it generates journal articles.pic.twitter.com/yyBCpqLPhD

A closer look at @NATO’s new RQ-4D remotely piloted aircraft. Key for operations, it will help commanders identify threats and see conditions on the ground, in any weather. With a range of 16,113 km, the aircraft can fly for over 30 hrs at a time! https://bit.ly/2Rk3UEv pic.twitter.com/7v2wcRSyQN