New open source project, a kubectl plugin to deploy intercepting proxies for Kubernetes Services:
My latest security research is out:
For those who want to ping me when there are issues (outside of NAS), my Twitter is: https://twitter.com/theeriner
"...sends specially crafted MMS messages to the victim device and in most cases requires no end-user actions upon message reception to succeed—the user doesn't have to do anything to 'accept' exploits using the bug; it happens in the background."
@adam just wanted to comment that counter to what John mentioned on the last show, it is certainly possible to execute code (on Android) by sending an MP4 without requiring any user interaction. This type of attack exploits the Android media framework. A big, well-known prior attack (StageFright vulnerability) demonstrates this.
Had some research I worked on disclosed today: https://know.bishopfox.com/advisories/connectwise-control
Would any NA producers be willing to help me run NAS? As in, run an image I provide on a spare RPI/old PC and leave it plugged in.
I'd like to distribute NAS across hardware and physical sites. I can accommodate any bandwidth/storage limitations.
I'll be documenting everything in a nice writeup and will open-source everything, but for now I'm just trying to gauge who/how many people would want to contribute by providing hardware/boxes.
If anyone is weird like me and needs Sun Tzu quotes SMS'd to you each day, here's an hour of my work shoved into a 5MB Docker container:
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!