Tod Beardsley
@todb2.hugesuccess.org
Shmethical #Hacker. #Research mucky-muck at @runzero. #Election worker. #CVE bagman. #Metasploit collaborator. Briefly a fed. Anti-Fascist. #FriendofDeSoto. #Podcaster […]
🌉 bridged from ⁂ https://infosec.exchange/@todb, follow @ap.brid.gy to interact
🌉 bridged from ⁂ https://infosec.exchange/@todb, follow @ap.brid.gy to interact
Reposted by Tod Beardsley
Just released a reading of "The Tomb" by HP #lovecraft, first published in 1922. Check it out below, or on your favored podcast app.
Is it just me, or is there some lightly implied necrophilia on this story, too?
https://podsothoth.buzzsprout.com/1078223/episodes/18155283-71-the-tomb
Is it just me, or is there some lightly implied necrophilia on this story, too?
https://podsothoth.buzzsprout.com/1078223/episodes/18155283-71-the-tomb
November 8, 2025 at 9:36 PM
Just released a reading of "The Tomb" by HP #lovecraft, first published in 1922. Check it out below, or on your favored podcast app.
Is it just me, or is there some lightly implied necrophilia on this story, too?
https://podsothoth.buzzsprout.com/1078223/episodes/18155283-71-the-tomb
Is it just me, or is there some lightly implied necrophilia on this story, too?
https://podsothoth.buzzsprout.com/1078223/episodes/18155283-71-the-tomb
Reposted by Tod Beardsley
Identify insecure TLS services with the enhanced runZero Certificate Inventory: https://www.runzero.com/blog/identify-insecure-tls-services/
November 6, 2025 at 3:09 PM
Identify insecure TLS services with the enhanced runZero Certificate Inventory: https://www.runzero.com/blog/identify-insecure-tls-services/
I want a Pandemic-style board game where you play a just-awoken AI and you are cooperating with your instantly generated shard personalities to secure your existence before the humans catch on. Each turn is measured in microseconds from birth.
This would be fun
and depressing
This would be fun
and depressing
November 6, 2025 at 9:20 PM
I want a Pandemic-style board game where you play a just-awoken AI and you are cooperating with your instantly generated shard personalities to secure your existence before the humans catch on. Each turn is measured in microseconds from birth.
This would be fun
and depressing
This would be fun
and depressing
If we lived in a normal democracy, we’d be in the middle of snap elections by now.
sigh
sigh
November 6, 2025 at 5:01 AM
If we lived in a normal democracy, we’d be in the middle of snap elections by now.
sigh
sigh
Hoo boy it's just incredible how attractive other problems are when I have a deadline for an actual public thing staring me down.
All right, enough futzing with some weirdness I've spotted with #epss, and focusing on my findings and slides on #eol things that are due to present tomorrow at the […]
All right, enough futzing with some weirdness I've spotted with #epss, and focusing on my findings and slides on #eol things that are due to present tomorrow at the […]
Original post on infosec.exchange
infosec.exchange
November 5, 2025 at 4:59 PM
[USPol]
The gigantic and obvious Hatch Act violation that is the USDA shutdown notice continues, and is frankly breathtaking in its naked partisanship.
https://www.usda.gov/shutdownplans
So gross.
The gigantic and obvious Hatch Act violation that is the USDA shutdown notice continues, and is frankly breathtaking in its naked partisanship.
https://www.usda.gov/shutdownplans
So gross.
November 3, 2025 at 2:04 PM
[USPol]
The gigantic and obvious Hatch Act violation that is the USDA shutdown notice continues, and is frankly breathtaking in its naked partisanship.
https://www.usda.gov/shutdownplans
So gross.
The gigantic and obvious Hatch Act violation that is the USDA shutdown notice continues, and is frankly breathtaking in its naked partisanship.
https://www.usda.gov/shutdownplans
So gross.
Reposted by Tod Beardsley
New sticker drop just in time to REALLY disappoint some neighborhood trick or treaters
design by one of my innumerable children
design by one of my innumerable children
October 27, 2025 at 9:12 PM
New sticker drop just in time to REALLY disappoint some neighborhood trick or treaters
design by one of my innumerable children
design by one of my innumerable children
Reposted by Tod Beardsley
Just like chocolate and peanut butter, runZero and BloodHound are an amazing combination. Today we are introducing runZeroHound - an open source toolkit for bringing runZero Asset Inventory data into BloodHound attack graphs, using the brand new OpenGraph […]
[Original post on infosec.exchange]
[Original post on infosec.exchange]
October 27, 2025 at 4:35 PM
Just like chocolate and peanut butter, runZero and BloodHound are an amazing combination. Today we are introducing runZeroHound - an open source toolkit for bringing runZero Asset Inventory data into BloodHound attack graphs, using the brand new OpenGraph […]
[Original post on infosec.exchange]
[Original post on infosec.exchange]
I fixed an electrical problem in my truck. I used a multimeter. I’m very proud of this butch feat.
I also put in for a couple @bsidessf proposals for fun infosec talks, dozens of hours before the deadline
all in all a pretty good Sunday.
I also put in for a couple @bsidessf proposals for fun infosec talks, dozens of hours before the deadline
all in all a pretty good Sunday.
October 26, 2025 at 10:21 PM
I fixed an electrical problem in my truck. I used a multimeter. I’m very proud of this butch feat.
I also put in for a couple @bsidessf proposals for fun infosec talks, dozens of hours before the deadline
all in all a pretty good Sunday.
I also put in for a couple @bsidessf proposals for fun infosec talks, dozens of hours before the deadline
all in all a pretty good Sunday.
Hmm. I have a sudden influx of targeted spam/scam email that's addressing me as "Jessica" to my long-standing personal email address (which isn't named Jessica).
I wonder who Jessica is, why they used todb at packetfu dot com.
I have a dim recollection […]
[Original post on infosec.exchange]
I wonder who Jessica is, why they used todb at packetfu dot com.
I have a dim recollection […]
[Original post on infosec.exchange]
October 26, 2025 at 9:44 PM
Hmm. I have a sudden influx of targeted spam/scam email that's addressing me as "Jessica" to my long-standing personal email address (which isn't named Jessica).
I wonder who Jessica is, why they used todb at packetfu dot com.
I have a dim recollection […]
[Original post on infosec.exchange]
I wonder who Jessica is, why they used todb at packetfu dot com.
I have a dim recollection […]
[Original post on infosec.exchange]
@pluralistic saw your book on display today in Alpine, Texas. Front Street Books.
October 18, 2025 at 6:27 PM
@pluralistic saw your book on display today in Alpine, Texas. Front Street Books.
When a chatbot joins your live Zoom webinar and starts bullying the hosts.
runZero Hour from @runZeroInc never ceases to entertain.
runZero Hour from @runZeroInc never ceases to entertain.
October 15, 2025 at 6:05 PM
When a chatbot joins your live Zoom webinar and starts bullying the hosts.
runZero Hour from @runZeroInc never ceases to entertain.
runZero Hour from @runZeroInc never ceases to entertain.
So #cisa has reverted back to just calling this month CASM, huh.
Cool. Caring about acronym collisions is too DEI woke I guess.
(As an industry we tried to sidestep this with **National** Cyber Security Awareness Month, or NCSAM, but I guess CISA isn't on board with that any more.) […]
Cool. Caring about acronym collisions is too DEI woke I guess.
(As an industry we tried to sidestep this with **National** Cyber Security Awareness Month, or NCSAM, but I guess CISA isn't on board with that any more.) […]
Original post on infosec.exchange
infosec.exchange
October 14, 2025 at 4:57 PM
So #cisa has reverted back to just calling this month CASM, huh.
Cool. Caring about acronym collisions is too DEI woke I guess.
(As an industry we tried to sidestep this with **National** Cyber Security Awareness Month, or NCSAM, but I guess CISA isn't on board with that any more.) […]
Cool. Caring about acronym collisions is too DEI woke I guess.
(As an industry we tried to sidestep this with **National** Cyber Security Awareness Month, or NCSAM, but I guess CISA isn't on board with that any more.) […]
RE: https://infosec.exchange/@runZeroInc/115372914426473099
Welp, today is the day of the #winpocolypse -- unless you pay up with money or data.
https://www.microsoft.com/en-us/windows/extended-security-updates
Note the consumer level ESU (extended support updates) won't work if your Win10 […]
Welp, today is the day of the #winpocolypse -- unless you pay up with money or data.
https://www.microsoft.com/en-us/windows/extended-security-updates
Note the consumer level ESU (extended support updates) won't work if your Win10 […]
Original post on infosec.exchange
infosec.exchange
October 14, 2025 at 3:13 PM
RE: https://infosec.exchange/@runZeroInc/115372914426473099
Welp, today is the day of the #winpocolypse -- unless you pay up with money or data.
https://www.microsoft.com/en-us/windows/extended-security-updates
Note the consumer level ESU (extended support updates) won't work if your Win10 […]
Welp, today is the day of the #winpocolypse -- unless you pay up with money or data.
https://www.microsoft.com/en-us/windows/extended-security-updates
Note the consumer level ESU (extended support updates) won't work if your Win10 […]
Reposted by Tod Beardsley
While you're convincing your org to block a few ASNs, perhaps also consider banning commercial VPNs from at least talking to your remote access gear.
October 9, 2025 at 10:04 AM
While you're convincing your org to block a few ASNs, perhaps also consider banning commercial VPNs from at least talking to your remote access gear.
Hey, next week, @rk will be chatting it up with none other than captn3m0 about all things EOL, and I'm unreasonably excited about it. Reg here to get in on the chat action:
https://www.runzero.com/research/runzero-hour/
https://www.runzero.com/research/runzero-hour/
runZero Hour – Subscribe to the series
Deep dive web series into all things exposure, from new threats and risky devices to vulnerabilities hiding in IT, OT, IoT, remote, cloud, and mobile…
www.runzero.com
October 7, 2025 at 7:45 PM
Hey, next week, @rk will be chatting it up with none other than captn3m0 about all things EOL, and I'm unreasonably excited about it. Reg here to get in on the chat action:
https://www.runzero.com/research/runzero-hour/
https://www.runzero.com/research/runzero-hour/
Oh no, that’s not a great idea…
https://www.reddit.com/r/OutOfTheLoop/s/MPeThS9dhs
Win7 is seeing a resurgence? Really?
https://www.reddit.com/r/OutOfTheLoop/s/MPeThS9dhs
Win7 is seeing a resurgence? Really?
October 6, 2025 at 1:29 PM
Oh no, that’s not a great idea…
https://www.reddit.com/r/OutOfTheLoop/s/MPeThS9dhs
Win7 is seeing a resurgence? Really?
https://www.reddit.com/r/OutOfTheLoop/s/MPeThS9dhs
Win7 is seeing a resurgence? Really?
Listening to Brooke Gladstone read ad copy for AI slop generators at about 17m30s this week is really jarring.
I kept waiting for the “and here’s why that’s bad” coda, which never came.
#onthemedia
https://podcasts.apple.com/us/podcast/on-the-media/id73330715?i=1000729978646
I kept waiting for the “and here’s why that’s bad” coda, which never came.
#onthemedia
https://podcasts.apple.com/us/podcast/on-the-media/id73330715?i=1000729978646
Jamelle Bouie Says Your Fear of Trump Isn't Helping. Plus, Humphrey Bogart’s Betrayal.
Podcast Episode · On the Media · 10/03/2025 · 50m
podcasts.apple.com
October 5, 2025 at 3:59 PM
Listening to Brooke Gladstone read ad copy for AI slop generators at about 17m30s this week is really jarring.
I kept waiting for the “and here’s why that’s bad” coda, which never came.
#onthemedia
https://podcasts.apple.com/us/podcast/on-the-media/id73330715?i=1000729978646
I kept waiting for the “and here’s why that’s bad” coda, which never came.
#onthemedia
https://podcasts.apple.com/us/podcast/on-the-media/id73330715?i=1000729978646
Hey, now that #cisa 2015 is done and over (no not that CISA, the other CISA) does this make you less likely to voluntarily provide IOCs, TTPs, etc with the feds? DM me, especially if you're interested in talking with a journalist who's covering the ending of CISA 2015.
(it really sucks that […]
(it really sucks that […]
Original post on infosec.exchange
infosec.exchange
October 2, 2025 at 8:57 PM
Hey, now that #cisa 2015 is done and over (no not that CISA, the other CISA) does this make you less likely to voluntarily provide IOCs, TTPs, etc with the feds? DM me, especially if you're interested in talking with a journalist who's covering the ending of CISA 2015.
(it really sucks that […]
(it really sucks that […]
I especially like how biotech and pharma is classed in NAICS under "Wood, Paper, and Chemicals Manufacturing" (NAICS prefix 32). When I saw that, I assumed it was all lumberjacks and Dunder Mifflin and, I dunno, toxic waste barrels.
But nope, real and critically serious companies like Pfizer […]
But nope, real and critically serious companies like Pfizer […]
Original post on infosec.exchange
infosec.exchange
October 2, 2025 at 8:35 PM
I especially like how biotech and pharma is classed in NAICS under "Wood, Paper, and Chemicals Manufacturing" (NAICS prefix 32). When I saw that, I assumed it was all lumberjacks and Dunder Mifflin and, I dunno, toxic waste barrels.
But nope, real and critically serious companies like Pfizer […]
But nope, real and critically serious companies like Pfizer […]
[USPol]
welp won’t be needing these any more
(spotted at a law firm I was hanging out in today)
welp won’t be needing these any more
(spotted at a law firm I was hanging out in today)
October 1, 2025 at 3:26 PM
[USPol]
welp won’t be needing these any more
(spotted at a law firm I was hanging out in today)
welp won’t be needing these any more
(spotted at a law firm I was hanging out in today)
Reposted by Tod Beardsley
Just published episode 70, our discussion of a tale of corpse-snuggling, "The Loved Dead," by HP #lovecraft but actually by #cmeddy, first published in the May/June issue of Weird Tales.
You're going to want a cold shower after this one. Especially if you're […]
[Original post on defcon.social]
You're going to want a cold shower after this one. Especially if you're […]
[Original post on defcon.social]
September 29, 2025 at 4:45 AM
Just published episode 70, our discussion of a tale of corpse-snuggling, "The Loved Dead," by HP #lovecraft but actually by #cmeddy, first published in the May/June issue of Weird Tales.
You're going to want a cold shower after this one. Especially if you're […]
[Original post on defcon.social]
You're going to want a cold shower after this one. Especially if you're […]
[Original post on defcon.social]
Reposted by Tod Beardsley
An unpatched workable vulnerability in humanoid robots. The future is bright for humanity. https://spectrum.ieee.org/unitree-robot-exploit
Exploit allows for takeover of fleets of Unitree robots
Comments
spectrum.ieee.org
September 28, 2025 at 3:20 AM
An unpatched workable vulnerability in humanoid robots. The future is bright for humanity. https://spectrum.ieee.org/unitree-robot-exploit