The #OPLArchive is my project to preserve the history of DOS-based chiptune music in a central location, using the universal VGM file format. I'm trying to find and add as many songs as I can. Check it out at https://opl.wafflenet.com - You can even listen in your browser! #YM3812 #YMF262
You can learn how to use radius2 by checking the new repository collecting several usage examples! By @alkali https://github.com/aemmitt-ns/radius2-examples
"USING CLOUDFLARE TO BYPASS CLOUDFLARE
An attacker can setup a custom domain with Cloudflare and point the DNS A record to victims IP address. The attacker then disables all protection features for that custom domain in their tenant and tunnel their attack(s) through the Cloudflare infrastructure. This approach allows attackers to bypass the protection features by the victim."
https://certitude.consulting/blog/en/using-cloudflare-to-bypass-cloudflare/
In 2000, the Beatles created THEBEATLES.COM in relation to a new Beatles compilation album set, "1". For whatever reason, the legendary demoscene group MELON was hired to make flash animations for their songs. The results are now emulated at Internet Archive.
Warning: Flashing lights galore.
https://archive.org/details/melon-cometogether
https://archive.org/details/melon-ifeelfine
"Risky Biz News: Chinese APT hacks subsidiaries, pivots to corporate headquarters
In other news: Google and Mozilla patch another Chrome & Firefox zero-day; Cisco patches its own zero-day; and new DarkRiver APT targets Russian defense sector."
https://riskybiznews.substack.com/p/chinese-apt-hacks-subsidiaries
The slides for the #radare2 #ai presentation made by @pancake are now public! Check them out while they are still hot! https://github.com/radareorg/radare2-extras/blob/master/r2ai/local/r2ai.pdf
"Risky Biz News: China admits NSA hacked Huawei
In other news: iOS zero-days used to hack Egyptian presidential candidate; new Sandman APT targets telcos across the world; Russia's largest travel agency breached by pro-Ukraine hackers."
https://riskybiznews.substack.com/p/china-says-nsa-hacked-huawei
How about a Friday WIP video? Metal Gear for the MD/Genesis. #metalgear #genesis #megadrive
#libwebp 1.3.2 has two #security related flaws that have been fixed in main:
• Fix invalid incremental decoding check:
https://github.com/webmproject/libwebp/commit/95ea5226c870449522240ccff26f0b006037c520
• Fix next is invalid pointer when WebPSafeMalloc fails:
https://github.com/webmproject/libwebp/commit/dce8397fec159c9edfeec7c6388cb81428c87ed8
While these are not as easy to exploit as CVE-2023-4863 it seems evident that there has been some gaps in libwebp fuzzing at google. Also CVE-2023-4863 was obviously assigned to a wrong project. #infosec #vulnerabilities #cve
Need to know whether a piece of hardware is supported by free software? #hNode has you covered! Its search engine will help you verify #freesoftware compatibility. https://u.fsf.org/3uj
100MHz FM transmitter from 1982, 25 Watts that we used for 3 months of non-licensed radio broadcast. A few coils in power amplifier are missing, and 2N6081/2N6082 (wrong marking) replaced the very expensive original BLY87/BLY89 (~$80-100 for a pair in those days!).
A while ago I tested #nostr and all i found was cryptobros and porn. Today it seems like the porn issue is under control and the feed seems nicer.
Clients got significant UI improvements, but still it feels a bit dangerous to post on a place where data spreads beyond author's control.
I managed to remove notes i published. But in theory all devs say this is UB. Considering there are tons of relays replicating and caching data, some users may still see it.
About this privacy topic it makes me think about the fact that we are not aware enough about all the data we give away and the false feeling of controlling it. Maybe being anonymous instead of having your real persona in this network is the way to go.. but still, i have mixed feelings with this interesting technology (yeah i like the protocol and it's simplicity)
Thoughs?
Live in 115 minutes...
"Unidentified Anomalous Phenomena Independent Study Report"
https://www.youtube.com/watch?v=idJKLP5hcuQ
Newsletter: https://riskybiznews.substack.com/p/china-cracks-down-on-se-asia-scam-call-centers
Podcast: https://risky.biz/RBNEWS195/
-China cracks down on the SE Asia scam call center problem
-MinIO servers exploited to breach cloud infrastructure
-Paraguay's National Police hacked
-Crypto-gambling site Stake loses $41 million in crypto-heist
-Freecycle and chipmaker NXP disclose breaches
-Belarusian Red Cross hack
-Dutch government looks at Telegram
-New Bangladesh Cyber Security Act reaches parliament
-qBittorrent clients exploited to drop cryptominers
-"When the going gets weird, the weird turn pro..."