Tifa! #FinalFantasy #TifaLockhart #cosplay https://t.co/Z5Y3PFqepo

科研人员一定要有一种精神，努力去解释WHY。女科学家为了努力解释WHY，几次跨了赛道去追寻科学真理。有天，她跟我说，搞科研的乐趣之一在于你做的科学假设得到证实，发现别人尚未发现的啥啥。第二天得到同行进一步证实后，此君在朋友圈发出猪一般的嚎叫，家属不明觉厉中。图文无关。

一些开源的 AI 工具以及模型，包括文本转图像、音频、视频、代码等等。

在秋叶原中古店买了一个老小三，一个新小三，配我2016年买的新大三，3DS家族现在就差个老大三了 日本·东京

Re @Galaxygamerone Coming soon

Re @Tesmanian_com It will per vehicle

Re @TPostMillennial !!

Old joke about agnostic technologists building artificial super intelligence to find out if there’s a God. They finally finish & ask the question. AI...

Understanding Windows Lateral Movements https://attl4s.github.io/assets/pdf/Understanding_Windows_Lateral_Movements.pdf

SafeMoon ‘burn’ bug abused to drain $8.9 million from liquidity pool https://www.bleepingcomputer.com/news/cryptocurrency/safemoon-burn-bug-abused-t...

Mélofée: The Latest Malware Targeting Linux Servers https://www.hackread.com/melofee-latest-malware-targeting-linux/

"Log-out king" Instagram scammer gets accounts taken down, then charges to reinstate them https://www.malwarebytes.com/blog/news/2023/03/log-out-king-...

Microsoft Defender shoots down legit URLs as malicious https://go.theregister.com/feed/www.theregister.com/2023/03/29/microsoft_defender_url_alerts/

Almost 500K impacted in NCB Management Services cyberattack https://www.scmagazine.com/brief/breach/almost-500k-impacted-in-ncb-management-services-cy...

Brightline impacted by Fortra GoAnywhere attacks https://www.scmagazine.com/brief/ransomware/brightline-impacted-by-fortra-goanywhere-attacks

RPC Investigator: advanced discovery and analysis interface to Windows RPC endpoints https://securityonline.info/rpc-investigator-advanced-discovery-a...

aerleon: Generate firewall configs for multiple firewall platforms https://securityonline.info/aerleon-generate-firewall-configs-for-multiple-firewall...

Smugglers busted sneaking tech into China https://go.theregister.com/feed/www.theregister.com/2023/03/30/smugglers_busted_sneaking_tech_into/

Another year, another North Korean malware-spreading, crypto-stealing gang named https://go.theregister.com/feed/www.theregister.com/2023/03/30/mandia...

RT vx-underground: Earlier today @CrowdStrike reported a supply chain attack targeting the 3CX Voice Over Internet Protocol (VOIP) Windows desktop cli...

RT Khaled Yakdan: New Paper on Automatic Generation of Fuzz Tests from Unit Tests. Blog: https://research.samsung.com/blog/UTopia-From-unit-tests-to-f...

RT NullMode: Not that I want to dismiss the threat of man-in-the-middle attacks on a network but... red teamers/other infra peeps, how often are you d...

It seems that the supply chain attack began with a supply chain attack https://twitter.com/malwrhunterteam/status/1641345575009353729

We've published more YARA & Sigma rules rel to #3CX YARA - in-mem matching of the decrypted payload - for the 3 macOS binaries Sigma - 3CX app suspcio...

Re @pxmme1337 Write up when sir?

This was meant as an honest question, not as a challenge. No need to scan my host with Burp to find the answer people...

2023年了，在DOS上编译一个ChatGPT客户端，并跑起来，作者这是，往好听了说，情怀。我看了一眼，他这个是MS-DOS 6.22，不是经典版本。Building a DOS ChatGPT client in 2023h--ps://yeokhengmeng.com/2023/03/building-a-dos-chatgpt-client-in-2023/

我一直都说搞网络安全的其实都是弱势群体，很多人还不服，还经常自嗨！你看拼夕夕搭理你们嘛？！

大V被支配了～～

我小时候看CCTV科教频道就介绍过草方格。还有个效果对比。两侧不弄草方格的路段铁轨很快就被沙埋了。当时好像就是人工用方头锹把稻草戳到沙里，不知道现在有机械化的办法了没有。//@奶舅_吴斌://@重工组长于彦舒://@兽族矿工://@赵脱俗:这可怜的转发数……

据solidot(奇客)于2023年3月27日发文 网页链接 称国外有安全公司Intezer在3月24日发布报告称："自南亚的黑客组织 Bitter APT 最近正以中国核能机构为攻击目标" 网页链接 简单看了下Intezer发布的几个ioc地址 qwavemediaservice[.]net mirzadihatti[.]com coauthcn[.]com 均以 ...全文

有人做 1999 年地球保卫战的图片了吗？

这个例子也一样能看出 Claude+ 比 GPT-4 强多了。

MacOS malware expert @patrickwardle has been covering the MacOS variant of the 3CX VOIP supply chain attack. Additionally, we have managed to get our ...

Re @neke86_ @CrowdStrike @Sophos https://t.co/cuDz2uEJua

#BHASIA Trainings "YARA from zero to hero (Virtual)" aims to teach the critical skills required by cyber defenders to understand existing YARA rules a...

Re @terryyuezhuo @DeepTestConf @ICSEconf Nice!! The technique is simple yet quite effective.

#RCE for #CVE-2023-28434 MinIO unauthorized to CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags="-s -w " -trimpath mc admin update node1 http:/...

4月12日香港见 https://t.co/iCG4pk5wKk

RT Andrew Ng: 1/The call for a 6 month moratorium on making AI progress beyond GPT-4 is a terrible idea. I'm seeing many new applications in education...

RT Patrick Wardle: RE: The 3CX VOIP supply chain attack, vendors have stated that macOS was also targeted - but I couldn't find any specific technical...

应该是早上有不同的兄弟接力举报，反正现在这个账号404了。不知道下次换哪个马甲再回来，发现了再举报。

这事儿沾上马斯克我就觉得他是嫉妒……而且我也不信停几个月就能制定出安全规范，就算能制定也不一定被遵守，就算不遵守也不一定查得出，就算查得出也不一定管用，管用的结果就是会被金将军的天才科学家超过……

昨天马斯克呼吁暂停GPT-5的研发。我自己是做安全的，但我坚定地认为，不发展才是最大的不安全。

渣们，做题，勿放狗It's easier to capture the fortress from within.赠品hornbill

Re @CyberSubversive https://t.co/SUNS4cg0Xo

Re @neke86_ @CrowdStrike @Sophos Cool story, bro. We attributed it to several vendors and noted CrowdStrike was the first to identify the threat. We a...

Re @Laughing_Mantis @CrowdStrike @Sophos @ESET @PaloAltoNtwks @SentinelOne @malwrhunterteam Based on forum reports, it looks like the attack began Mar...

We have malware samples from the recent 3CX VOIP supply chain attack. - SmoothOperator.7z - 48.1MB compressed - Samples from CrowdStrike and SentinelO...

Re @CrowdStrike @Sophos @ESET @PaloAltoNtwks @SentinelOne @malwrhunterteam .@SentinelOne has released an in-depth analysis of the malware and payload,...