At long last - Phrack 72 has been released online for your reading pleasure! Check it out: phrack.org/

A couple reflections on the quantum computing breakthrough we just announced... Most of us grew up learning there are three main types of matter that matter: solid, liquid, and gas. Today, that changed. After a nearly 20 year pursuit, we’ve created an entirely new state of matter, unlocked by a new class of materials, topoconductors, that enable a fundamental leap in computing. It powers Majorana 1, the first quantum processing unit built on a topological core. We believe this breakthrough will allow us to create a truly meaningful quantum computer not in decades, as some have predicted, but in years. The qubits created with topoconductors are faster, more reliable, and smaller. They are 1/100th of a millimeter, meaning we now have a clear path to a million-qubit processor. Imagine a chip that can fit in the palm of your hand yet is capable of solving problems that even all the computers on Earth today combined could not! Sometimes researchers have to work on things for decades to make progress possible. It takes patience and persistence to have big impact in the world. And I am glad we get the opportunity to do just that at Microsoft. This is our focus: When productivity rises, economies grow faster, benefiting every sector and every corner of the globe. It’s not about hyping tech; it’s about building technology that truly serves the world.

Looking forward to giving a webinar tomorrow on Defense-in-Depth engineering. We’ll talk through four key areas to help harden our applications and systems, including real tangible examples that folks can start utilizing right away. us02web.zoom.us/webinar/regi…

Michael McCabe de @CloudSecPartner nos explica como asegurar nuestra infraestructura con Terraform, incluyendo sus vulnerabilidades y las mejores prácticas para proteger los sistemas de IAC. youtu.be/OxtUkgs6JHc #HackGDL #HackGDL2025 #hacking #cybersecurity #Mexico

No solutions yet for the challenge. Anyone up for some Actions exploitation?

I know folks still have annual security budget. This training is like the gift that keeps on giving. Good virtual training is hard to come by - don’t miss this one.

Amen to the 30/90 password resets. If you are reading this and your enterprise is doing this, I’m here to tell you right now this type of password policy at your org is doing more harm than good.

Fairly certain I spend half my time online selecting which cookies I want sites to be able to access. How did we get ourselves into this mess?

Thank you to everyone who brought this article to our attention. We agree that customers should not have to pay for unauthorized requests that they did not initiate. We’ll have more to share on exactly how we’ll help prevent these charges shortly. #AWS #S3 How an empty S3 bucket can make your AWS bill explode - medium.com/@maciej.pocwierz/…

As a kid, the magic of software was that I could sit down and make something with no license, degree, or ~money. Gotta say, publishing an iOS app from scratch today is a verrry diff vibe. I wonder how many young people's ideas we've lost at "and now register for a DUNs number."

Heads-Up: Many of the current generation of Amazon RDS and Amazon Aurora SSL/TLS certificates will expire in 2024 and you need to rotate them ASAP. Learn more at aws.amazon.com/blogs/aws/rot… #AWS

One of my favorite talks I attended was at HOPE X, 9 years ago. @deviantollam and @SgtHowardPayne dropped some knowledge on elevator hacking, which has stuck with me to this day. You will learn amazing things you never expected to hear about. Get a ticket while you can.

DOMPurify is an amazing sanitization library, which I regularly recommend to customers. But even well-maintained libraries will suffer from vulnerabilities from time-to-time. @ryotkak and team shared a great example!

Here at Cloud Partners, we recommend our clients adopt Infrastructure as Code (IaC) for early detection of security vulnerabilities, version control, consistent environments, and much more! Check out our blog post on IaC and Terraform! #iac #Security blog.cloudsecuritypartners.c…

It appears that there is a phishing campaign going around trying to steal AWS credentials. Be on the lookout in your organization! Major thank you to those sharing these in the AWS Security Forum.

Love is in the air, and so is our passion for Cloud Security. 💗 🔒 Need a team that's dedicated to protecting your tech stacks? We're your match. #CloudSecurity

Looking forward to teaching this course! I'm coming prepared with more memes and more tips.

I continue to be impressed by @gitlab's mission to make it so that anyone can contribute. Working with a client, I was trying to understand some of the controls around GitLab Secrets Manager. They published the ADR: docs.gitlab.com/ee/architect…

Ten months ago, we launched the Vesuvius Challenge to solve the ancient problem of the Herculaneum Papyri, a library of scrolls that were flash-fried by the eruption of Mount Vesuvius in 79 AD. Today we are overjoyed to announce that our crazy project has succeeded. After 2000 years, we can finally read the scrolls: This image was produced by @Youssef_M_Nader, @LukeFarritor, and @JuliSchillij, who have now won the Vesuvius Challenge Grand Prize of $700,000. Congratulations!! These fifteen columns come from the very end of the first scroll we have been able to read and contain new text from the ancient world that has never been seen before. The author – probably Epicurean philosopher Philodemus – writes here about music, food, and how to enjoy life's pleasures. In the closing section, he throws shade at unnamed ideological adversaries – perhaps the stoics? – who "have nothing to say about pleasure, either in general or in particular." This year, the Vesuvius Challenge continues. The text that we revealed so far represents just 5% of one scroll. In 2024, our goal is to from reading a few passages of text to entire scrolls, and we're announcing a new $100,000 grand prize for the first team that is able to read at least 90% of all four scrolls that we have scanned. The scrolls stored in Naples that remain to be read represent more than 16 megabytes of ancient text. But the villa where the scrolls were found was only partially excavated, and scholars tell us that there may be thousands more scrolls underground. Our hope is that the success of the Vesuvius Challenge catalyzes the excavation of the villa, that the main library is discovered, and that whatever we find there rewrites history and inspires all of us. It's been a great joy to work on this strange and amazing project. Thanks to Brent Seales for laying the foundation for this work over so many years, thanks to the friends and Twitter users whose donations powered our effort, and thanks to the many contestants whose contributions have made the Vesuvius Challenge successful! Read more in our announcement: scrollprize.org/grandprize