Our call for crew is also open. First timers and 10 year veterans, all welcome to apply.
forms.gle/doLgUMgGPtTo...
08.03.2026 11:34
๐ 3
๐ 4
๐ฌ 0
๐ 1
Our call for crew is also open. First timers and 10 year veterans, all welcome to apply.
forms.gle/doLgUMgGPtTo...
Our CFP is now open. We aren't just looking for 1337 tech talks, we want social skills, admin, defence, and all sorts to give us a nice rounded day. Any questions, please ask.
forms.gle/JRrZQZojtbGQ...
Amin turned to ice, almost? That's daft!
@infosecmo.bsky.social don't turn to ice mate, it's daft!
A local Chinese place called Dim Sum. Closed during covid and I've still not found anywhere that does takeaway anywhere near as good.
If you want to get your company shouted out on our socials, get an advert in our brochure, and get mentioned in both the opening and closing talks, please get in touch, we are always looking for more sponsors.
Our first fully committed sponsor is @zephrfish.yxz.red. Long time supporter as a speaker and now a sponsor as well.
Andy would like everyone to know about his Malwareless Adversarial Emulation training course
lms.zsec.red
We may be biased, but we reckon it is top quality stuff.
My scan was IP based so I'm now trying to filter the results down just those with the programs
@j4vv4d.com what was the name of the Alienvault alien? I've still got an inflatable one sitting in my kitchen and I'm sure had an official name but can't remember it
Airport Incident Response
I was going to be click-baity and title this post, "what incident response taught me about mixing up airports", but honestly, looking at LinkedIn these days, I think the humour would be lost. I'd end up with 50 new followers (75 if I ended the post with the word, "Agree?"โฆ
That reminds me of Tom Mackenzie who didn't realise that 3AM Monday was very early Monday morning, not stay up really late Monday night.
He missed his flight by 24 hours.
I've decided to try to filter on only those companies who have bug bounties, I've tried to contact a few firms who haven't got them and it just sounds like a beg bounty so I'm getting ignored.
Trying to explain I can see all their chat logs is a problem just isn't working!
And we are still looking for sponsors, so if you want to get your brand involved, let us know and we can do you a deal.
And just to confirm, the event itself is July 10-12, we are the weekend before EMF Camp. We had them move their weekend so it didn't clash with ours.
With Easter coming up quick it is time for a date announcement.
1 March - CFP and call for crew opens
1 April - Pre talk announcement tickets
3 April CFP and CFC closes
~ 20 April speakers confirmed
~ 24 April main ticket drop
Links and stuff coming closer to the dates.
i built an entire x86 CPU emulator in CSS (no javascript)
you can write programs in C, compile them to x86 machine code with GCC, and run them inside CSS
lyra.horse/x86css/
I'm taking a @jameskettle.com approach to bug bounties and I've found a vuln and I'm firing it all over to see where it lands.
I've found some cool stuff, but working out who to report things to, and getting people to listen, is a nightmare!
You can tell Gmail is getting good at spotting low end extortion scam emails. I just got one where they have put a lot of effort into disguising all mentions of coin, btc, stuff like that. They've even split the BTC address in two and then explained how to put it back together
Royal Mail Tracked 48. Info bubble says "Aims to deliver within 2-3 days"
Royal Mail Tracked 48 only aims to deliver in 2-3 days.
"Royal Mail Tracked 2-3 days ish" I guess probably wouldn't sell as well.
{"ok":true,"result":{"message_id":890,"from":{"id":8500140618,"is_bot":true,"first_name":"Alimuhammed","username":"Alimuhammedstbot"},"chat":{"id":8583639838,"first_name":"Ali","last_name":"Muhammad","username":"AliMuhammedST","type":"private"},"date":1770887709,"text":"Do you like spam?"}}
If anyone is good with telegram and is bored, I've just been sent a link to a phishing page which sends captured credentials to this telegram chat channel.
Go at it!
The Pastebin security team are on the ball. I've reported three comment spammers over the last two days and all three have been taken down within hours of the report.
Compare that to GitHub where I reported something two days ago and I've just got a mail to say they received the report.
There has been 11 years of that as well
My book keeper has just pointed out that she has been doing my returns for 24 years.
In my head I've only been doing this security thing for a few years, where has the time gone?
Can anyone recommend a good third-party Windows app for blocking USB devices?
I had a 99p with Google yesterday which made this one seem even worse, but that was tracked down to something legit.
The payment was refunded straight away but card people said to call back tomorrow and talk to fraud when they will have more info.
It will be interesting to see what they say.
I've just had two transactions made on my credit card to Asos. I've not spent with them for over 3 years and my card details have changed since then. My card provider says it looks like a saved token rather than new transactions.
Have Asos been popped?
I've been told it is up and down, I've just looked and it is working for me now.
Hopefully just wobbly servers and they've got them fixed.
The SSL Labs site has been down since Friday. Does anyone know if this is a permanent thing or just something broken and no one there to fix it over a weekend?
I've had discussions with QA teams about screenshots vs text in reports and most prefer screenshots but I prefer text most of the time as it is easier to copy/paste and to search for.
There is a lot of banking and crypto stuff in there!
What's the best/cheapest way to get AI to process 6.1G of elasticsearch data? Everything from web server logs to chat data to random stuff.
