Lightnews — Scholar-powered news

pinkflawd.bsky.social @pinkflawd.bsky.social · 1d

Huge thank you to @hexacon.bsky.social for hosting BlackHoodie, to our trainers Paula, @naehrdine.bsky.social and @allthingsliquid.bsky.social, and much love to Caro for pulling it all together ❤️❤️❤️ the trainings were a huge success, now have a fun conference everyone!

1 7

pinkflawd.bsky.social @pinkflawd.bsky.social · 7d

Wheeeee the fine folk of @bsidespdx.bsky.social will have @blackhoodie.bsky.social back this year, with a training about microarchitectural security by the one and only @barbieauglend.bsky.social blackhoodie.re/BSidesPDX2025/

Blackhoodie at BSidesPDX 2025

Buh! We are back to hacky Portland, thanks to our dearest BSidesPDX friends, to spend a whole day poking at CPUs.

blackhoodie.re

4 8

Reposted

Thaís @barbieauglend.bsky.social · 8d

Dearest folks from @bsidespdx.bsky.social are hosting @blackhoodie.bsky.social again this year! Come spend a day with me and CPU bugs :) 🐞

blackhoodie.re/BSidesPDX2025/

Blackhoodie at BSidesPDX 2025

Buh! We are back to hacky Portland, thanks to our dearest BSidesPDX friends, to spend a whole day poking at CPUs.

blackhoodie.re

5 2

pinkflawd.bsky.social @pinkflawd.bsky.social · 14d

Bf found me a gluten free French croissant and im so smitten 🥐

4

pinkflawd.bsky.social @pinkflawd.bsky.social · 15d

Uh juicy, Lockbit has a new variant 😱😱😱 I cannot WAIT to dig into this www.trendmicro.com/en_us/resear...

www.trendmicro.com

4

pinkflawd.bsky.social @pinkflawd.bsky.social · 15d

Does anyone have BRICKSTORM hashes they can share, other than the two in the Mandiant blog? Or low and behold, samples? 🥹🥹🥹

pinkflawd.bsky.social @pinkflawd.bsky.social · 17d

Boom, the future is here. BRICKSTORM comes with Java servlets, a SOCKS proxy, Go malware, PowerShell scripts, JSP webshells, info stealers, and probs stuff I've missed. Forget Linux or Windows malware, the age of whatever-runs, wherever-it-runs malware has arrived!
cloud.google.com/blog/topics/...

Another BRICKSTORM: Stealthy Backdoor Enabling Espionage into Tech and Legal Sectors | Google Cloud Blog

BRICKSTORM is a stealthy backdoor used by suspected China-nexus actors for long-term espionage.

cloud.google.com

2

pinkflawd.bsky.social @pinkflawd.bsky.social · 18d

Lol ok the callgraph now makes pewpew when I click on a node, and Claude calls it a satisfying "pew" 😂

1 3

pinkflawd.bsky.social @pinkflawd.bsky.social · 18d

Awww yisss, I'll ask Claude to add the pewpew 🥹

2

pinkflawd.bsky.social @pinkflawd.bsky.social · 19d

I vibecoded me a project today that I had on the backburner for a while, callgraph extraction with IDAPython and D3 force-directed graph vis. Did it work out of the box? No Claude made some hilarious mistakes. Was it faster than just me? For sure. Is it useful? Not yet. Fun? Yup.

1 8

pinkflawd.bsky.social @pinkflawd.bsky.social · 22d

Candid question. Does burnout ever really go away?

1 3

pinkflawd.bsky.social @pinkflawd.bsky.social · 23d

Jetlag make ADD go boom. That also means, proper sleep make executive function go boom! Follow me for more armchair health advice.

5

pinkflawd.bsky.social @pinkflawd.bsky.social · Sep 12

3 6

pinkflawd.bsky.social @pinkflawd.bsky.social · Sep 11

@blackhoodie.bsky.social at @sec-t.bsky.social was a blast, a full room of curious students. What a wonderful experience, and now on to the conference!

5 7

pinkflawd.bsky.social @pinkflawd.bsky.social · Sep 11

Huge thanks to the @hexacon.bsky.social team for bringing BlackHoodie to Paris! A free 4-day security workshop for women by women, Oct 6-9. So grateful for our amazing trainers sharing their knowledge: Sonia (Linux Forensics) Paula (Web/Mobile Sec) & Jiska (iOS Hacking)! blackhoodie.re/Hexacon2025/

4 12

Reposted

Stefano Zanero @raistolo.bsky.social · Sep 10

Here we go again 🙄 we have written an open letter detailing how incredibly misguided is the ChatControl proposal: csa-scientist-open-letter.org/Sep2025

csa-scientist-open-letter.org

1 15 22

pinkflawd.bsky.social @pinkflawd.bsky.social · Sep 8

Bummer, but will do!

1

pinkflawd.bsky.social @pinkflawd.bsky.social · Sep 8

Will you not be there?

1

pinkflawd.bsky.social @pinkflawd.bsky.social · Sep 8

I'm omw to Stockholm for @blackhoodie.bsky.social at @sec-t.bsky.social conference 🥳🥰😱

1 4 11

Reposted

Ian Coldwater 👻🌿 @lookitup.baby · Sep 5

OH: if vaccines caused autism, we’d have way more trains in the United States

16 260 1.5K

pinkflawd.bsky.social @pinkflawd.bsky.social · Sep 1

And how is your burnout coming along? Acquired that goat farm yet?

1 3

pinkflawd.bsky.social @pinkflawd.bsky.social · Aug 28

I'm once again looking at the epic 20-part essay which Ian Lance Taylor wrote about linkers lwn.net/Articles/276... - did anyone ever write anything remotely comparable about the MSVC linker? Like, very remotely even?

A ToC of the 20 part linker essay [LWN.net]

lwn.net

1

pinkflawd.bsky.social @pinkflawd.bsky.social · Aug 28

Ye sure about that 😅 www.eset.com/us/about/new...

ESET discovers PromptLock, the first AI-powered ransomware | | ESET

www.eset.com

1

pinkflawd.bsky.social @pinkflawd.bsky.social · Aug 28

Im waiting for ransomware to ship with EULA

1 1

pinkflawd.bsky.social @pinkflawd.bsky.social · Aug 28

I've asked this before but seriously, what IS it these days with ransomware shipping with help menus and writing log files..?

1 3