arkadiyt - Network

Content warning:RT https://twitter.com/mjg59/status/1598073200436736000A writeup of how RFC 8628 lets you phish people even if they're...

Content warning:RT https://twitter.com/mjg59/status/1598073200436736000

A writeup of how RFC 8628 lets you phish people even if they're using WebAuthn tokens, and how there's no good way to protect against that if you're using AWS SSO - https://mjg59.dreamwidth.org/62175.html

I have some learning and development budget left for 2022 - do folks have any books or courses they’d recommend?Could be any topics but...

I have some learning and development budget left for 2022 - do folks have any books or courses they’d recommend?

Could be any topics but I’d particularly enjoy:
- offensive, red teaming
- binary analysis, reverse engineering
- people management, security leadership
- anything else you think is interesting 🙂

I'm just a passive observer but watching this entire TrustCor discussion on the MDSP list it feels like the writing is on the wall for...

I'm just a passive observer but watching this entire TrustCor discussion on the MDSP list it feels like the writing is on the wall for them losing their CA status. The entire back and forth has very similar vibes to the Dark Matter discussion from 2019

https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/oxX69KFvsm4

The only good thing about Twitter collapsing is I finally convinced the group DM to switch to Signal

The only good thing about Twitter collapsing is I finally convinced the group DM to switch to Signal