zachlatta

g.co, Google's official URL shortcut (update: or Google Workspace's domain verification, see bottom), is compromised. People are actively having their Google accounts stolen.

Someone just tried the most sophisticated phishing attack I've ever seen. I almost fell for it. My mind is a little blown.

1. Someone named "Chloe" called me from 650-203-0000 with Caller ID saying "Google". She sounded like a real engineer, the connection was super clear, and she had an American accent. Screenshot.

2. They said that they were from Google Workspace and someone had recently gained access to my account, which they had blocked. They asked me if I had recently logged in from Frankfurt, Germany and I said no.

3. I asked if they can confirm this is Google calling by emailing me from a Google email and they said sure and sent me this email and told me to look for a case number in it, which I saw in

sielicki

#!/usr/bin/env python3
import z3
import pprint

# 9x9 matrix of integer variables
X = [ [ z3.Int("x_%s_%s" % (i+1, j+1)) for j in range(9) ]
      for i in range(9) ]

# each cell contains a value in {1, ..., 9}
cells_c  = [ z3.And(1 <= X[i][j], X[i][j] <= 9)

OdatNurd

[
    { "caption": "-", "id": "end" },
    { "command": "encrypt" },
]

thomaspatzke

# Ransomware Killer v0.1 by Thomas Patzke <thomas@patzke.org>
# Kill all parent processes of the command that tries to run "vssadmin Delete Shadows"
# IMPORTANT: This must run with Administrator privileges!
Register-WmiEvent -Query "select * from __instancecreationevent within 0.1 where targetinstance isa 'win32_process' and targetinstance.CommandLine like '%vssadmin%Delete%Shadows%'" -Action {
    # Kill all parent processes from detected vssadmin process
    $p = $EventArgs.NewEvent.TargetInstance
    while ($p) {
       $ppid = $p.ParentProcessID
        $pp = Get-WmiObject -Class Win32_Process -Filter "ProcessID=$ppid"
        Write-Host $p.ProcessID

wybiral

// Tracking cursor position in real-time without JavaScript
// Demo: https://twitter.com/davywtf/status/1124146339259002881

package main

import (
	"fmt"
	"net/http"
	"strings"
)

lizthegrey

default['sshd']['sshd_config']['AuthenticationMethods'] = 'publickey,keyboard-interactive:pam'
default['sshd']['sshd_config']['ChallengeResponseAuthentication'] = 'yes'
default['sshd']['sshd_config']['PasswordAuthentication'] = 'no'

curi0usJack

	# 
	# TO-DO: set |DESTINATIONURL| below to be whatever you want e.g. www.google.com. Do not include "http(s)://" as a prefix. All matching requests will be sent to that url. Thanks @Meatballs__!
	#
	# Note this version requires Apache 2.4+
	#
	# Save this file into something like /etc/apache2/redirect.rules.
	# Then in your site's apache conf file (in /etc/apache2/sites-avaiable/), put this statement somewhere near the bottom
	# 
	# Include /etc/apache2/redirect.rules
	#

jay

/* Use libcurl to upload POST data.

Usage: PostUpload <post_data_filename> <url>

Used this as a speed test in Win7 x64, see
https://github.com/curl/curl/issues/708

First test the speed in a web browser:
Go to https://testmy.net/mirror and choose the geographically closest mirror.
After the mirror is set click on 'Upload Test'.

connormanning

#include <cstdint>
#include <iostream>
#include <memory>
#include <string>

#include <curl/curl.h>
#include <json/json.h>

namespace
{

denji

Moved to git repository: https://github.com/denji/golang-tls

Generate private key (.key)

# Key considerations for algorithm "RSA" ≥ 2048-bit
openssl genrsa -out server.key 2048

# Key considerations for algorithm "ECDSA" ≥ secp384r1
# List ECDSA the supported curves (openssl ecparam -list_curves)