"what's their email address?" IDK "what's their phone number?" IDK "what's their last name?" I don't even know their first name "I thought you said this was a good friend. What *do* you know?" I have their Signal handle, their hacker name, and a raft of questionable collaborative activities. #BFF

Paste your favorite one liner that also says something about you as a person: for f in *.flac; do ffmpeg -i "$f" -ab 320k "${f%.flac}.mp3"; done

Was doomscrolling and husband says “name some Wayne Enterprises executive who isn’t Lucius Fox and is also kind of sleazy” and I instantly perked up and said “William Earle, at least until the stock buyback” and then realized I’d been nerdsniped. Excellent husbanding, top marks, ⭐️ ⭐️ ⭐️ ⭐️ ⭐️

Dark have been my memes of late.

Absolutely chuffed to hear that I'll be presenting at @npub1j3q7...nnx8 with my good friend Dr. Jon Martin @Jon Martin, Ph.D. 🦕. He's the digital archivist for the University of Cambridge. We'll be talking about the creation of digital monasteries to preserve knowledge in this age of #enshittification. Knowledge exists, but it's retreating behind bullshit paywalls, subscriptions, and segmenting into "content" based on its format, instead of being freely circulated online. Jon and I will talk about the history of this new Digital Dark Age, organizations doing good work, and some TTPs to join the good fight! Thrilled to see @Adam Shostack :donor: :rebelverified: @Wendy Nather keynoting, and folk like @Maya Kaczorowski @npub1ly02...d6he there as well!

Bsides Seattle

Bsides Seattle Schedule

Schedule for Bsides Seattle Security Conference

Slack channels can be 80 characters and "these-trivialities-demean-me-i-must-away-and-tend-to-my-ravens" is only 62 characters. Do with this knowledge what ye will.

I say this as a CEO: From now on, when children’s health data is compromised because multi factor authentication was not enforced, fire the CEO, not the CISO. I mean, sure, fire the CISO as well, but the CEO bears the responsibility. An update on the PowerSchool breach from the ever-incise @Dan Goodin

Ars Technica

Data breach hitting PowerSchool looks very, very bad

Schools are now notifying families their data has been stolen.

I know some truly wonderful infosec journalists but here's a thing I need help with: currently, there are essentially *no* news stories out there about MSPs, small business cybersecurity - anything really meaningful beyond "here's a puff piece on a commercial white paper that did sentiment analysis on 70 small biz owners and they're all scared of furrin hackerz" or PR releases on "Google just bought an MSP in Indonesia". Is there a cyber journalist with a beat that doesn't focus on the big gov and F500 stories?

New Year’s resolution: when I’d like a table in a restaurant, I am alone, and I’m asked by the host “is a seat at the bar ok?” I will practice saying “No” as a complete sentence without apology.

Clicking on a phishing email is not an “advanced cyberattack.”

Cyber startup employee hacked to distribute malicious Chrome extension

Cybersecurity startup Cyberhaven, which specializes in insider threats, said it is investigating a hack of a single administrative account that spr...