Tonight's Go meetup in Austin, Texas is located within Capital Factory on the 16th floor in the Antone's room. The meeting starts at 6:30 and we have at least one talk queued up. There will be pizza, drinks, and generally nerdiness around Go!
home > posts
ATX Golang Meetup is this Wednesday in Austin, Texas - https://www.meetup.com/atxgolang/events/301842145/
Have a neat Go project you want share? A short talk? Swing on by! There will pizza & drinks!
My keynote from CypherCon 7 is now online: 25 Years of Years of Vulnerability. Thanks again to Michael Goetzman and the whole @CypherCon crew for a warm welcome and an amazing event!
One of the funny bits that didn't make it into our sshamble talks in Las Vegas: OpenSSH for Windows writes to the event log, but no longer filters dodgy characters, so you can troll your local admins:
(recent webcast version at https://www.youtube.com/watch?v=G5yRpdNbdBs)
This looks amazing: THE JUNKYARD: An End-Of-Life Pwnathon (February 21-22, 2025) DistrictCon: https://www.districtcon.org/junkyard
runZero Hour is happening NOW, livestream at: https://www.youtube.com/watch?v=6Mj1AnygFk8
Our research team will be unpacking everything from the latest threats and risky devices to the sneakiest vulnerabilities hiding in IT, OT, IoT, remote, cloud, and mobile environments.
Here's a sneak peek at today’s session:
👉 Take an OT deep dive with Blain Smith featuring the Automatic Tank Gauge (ATG) and PC-WORX protocols along with their security frameworks.
👉 Hear from @TomSellers on how RDP has adapted with Windows over the years to become secure by default and why it is more important than ever to uncover RDP misconfigurations in your networks.
👉 @rk will chat about vulnerability enrichment and wrangles our Rapid Response round-up.
👉 Tyler Diderich will share cool new platform features inspired by our customers.
"Defend against vampires with 10 gbps network encryption" by Romain Huon includes a ton of useful tips/tricks for performance tuning on 10GbE wireguard/vxlan links: https://www.synacktiv.com/en/publications/defend-against-vampires-with-10-gbps-network-encryption
Happy NVD certificate renewal day to those who celebrate!
Three of my favorite infosec quotes are from the criminally underrated novel "This Alien Shore", published in *1998* by C.S. Friedman and with a recent sequel ("This Virtual Night"): https://www.csfriedman.com/
“In a world where data is coin of the realm, and transmissions are guarded by no better sentinels than man-made codes and corruptible devices, there is no such thing as a secret.”
“The more complex our security becomes, the more complex our enemy’s efforts must be.
The more we seek to shut him out, the better he must learn to become at breaking in.
Each new level of security that we manage becomes no more than a stepping-stone for him who would surpass us, for he bases his next assault upon our best defenses.
It is a war that can never truly be won… but one we dare not lose.”
“All data leaves a trail. The search for data leaves a trail. The erasure of data leaves a trail. The absence of data, under the right circumstances, can leave the clearest trail of all.”
I am incredibly grateful that @rk and I had a chance to speak at Black Hat and DEF CON this year (https://i.blackhat.com/BH-US-24/Presentations/REVISED02-US24_Moore_Secure_Shells_in_Shambles_Wednesday.pdf).
Even after 20+ years of speaking at security conferences the entire process is anxiety-inducing, and nothing ever seems cool enough to share with the community. I've had two other talks rejected this year (BSidesLV & a public sector event) and I agree with their reasoning. I'm also excited to keynote LASCON (https://lascon.org/) and hoping to get accepted for JawnCon (https://www.jawncon.org/). I love that our community cares about the quality and appropriateness of a submission over favoritism to (what must now be) the "old guard".
If you have something unique to share with the world, please do so, and don't let the rejections keep you from continuing to apply to CFPs. A great resource for upcoming conferences is CFP Time: https://www.cfptime.org/home