• до скорого, .ru

    до скорого, .ru

    This may be the last time you see a post from us from this top-level domain. Several long years ago, we launched this website to provide a platform for “admiration” of the jovial ursine activities of a set of state-sponsored threat actors and their rent-a-hacker colleagues, and to attract others who would like to contribute…

  • Gogol it (some gogolesque notes on legitimate cloud service abuse)

    Gogol it (some gogolesque notes on legitimate cloud service abuse)

    Does that traffic to commercial public cloud services and web-based applications seem legitimate to you? Bad actors are abusing the shit out of cloud services: Google Docs, Google Forms, Discord, and others, concealing their badness in TLS and the reputation of big cloud brands. This post is an ongoing notebook on both found abuses of…

  • Fin de circle

    Today, my brother’s dog passed away after nearly 20 years of life, and over 10 years after my brother. She was the ward of my parents until her passing, let go as her body failed her in a cascade of different ways as happens with dogs who live that long. There’s some extra pain with…

  • As rational a rant as I can muster about the 2022 elections

    As rational a rant as I can muster about the 2022 elections

    Please don’t vote for the kleptomaniacal GOP.

  • *INTERNAL SCREAMING*

    *INTERNAL SCREAMING*

    For those of you who come here via the Twitter–and that’s gotta be 99.9% of you, because this is not exactly a website in everyone’s bookmark bar–you’ve probably noticed a lot of bird pictures in my feed lately, to the point of outnumbering shitposts, infosec and political discourse. There is a reason for that: it…

  • A series of quagmires

    The benefit of our modern world is that when things go to shit, we know at the speed of light. And things have gone to shit for Russia in Ukraine, regardless of how Putin’s minions try to spin it. Also, thanks to the lethality of modern battlefield weapons, things have gone to shit much faster…

  • Okta-gone

    Sooooooo not-so-comforting news on the MFA front today. Looks like a Costa Rican contract support guy for Okta got pwned in January and his credentials were used by LAPSUS to do some exploration of Okta clients. The fact that LAPSUS is publishing this now means (1) they no longer have the access and one of…