Matthew Conway

Jewelry, medicine, books, oh my! Plenty of seemingly innocuous items have landed travelers in trouble at Russia’s border. Here’s how to avoid it. — Meduza No matter how normalized Russia’s invasion of Ukraine and its political arrests may have become, the country remains unsafe for tourism. Nevertheless, many people are still going: in 2024, more than…

The only foolproof way to avoid getting arrested at the Russian border is not to go. Still, over 20,000 people from E.U. countries have made the trip this year anyway. If you’re determined to join them, at least read this first.
meduza.io/en/cards/jew...

The viral Bay Area pancake breakfast that you can't drive to Now, 1,000 people at a single event is commonplace.

“Most people know what they’re getting into,” she said of the hike to the inn along state park access roads/trails. “There just is something really old-fashioned about that ... I continue to be blown away by the amount of enthusiasm and happiness.”

via @sfgate.com
www.sfgate.com/food/article...

GitHub - pstirparo/machofile: machofile is a module to parse Mach-O binary files machofile is a module to parse Mach-O binary files - pstirparo/machofile

🍎 machofile 🍏 first official release is finally live: github.com/pstirparo/ma...

It is a python module to parse #Mach-O binary files, with a focus on malware analysis and reverse engineering.
machofile is self-contained.

#macho #ios #reverseengineering #detection #threathunting #threatintel 1/3

EFF fights surveillance…and we do so in 14 languages in our educational resource, Surveillance Self-Defense.

Have they not seen John Wick?!

a man is holding a microphone and making a funny face . Alt: Donald Glover holding a microphone and saying "good," really raising his eyebrows

"If you don't sign in soon, we'll delete your account and its data!" GOOD

macOS.ZuRu Resurfaces | Modified Khepri C2 Hides Inside Doctored Termius App ZuRu malware continues to prey on macOS users seeking legitimate business tools, adapting its loader and C2 techniques to backdoor its targets.

👀 Apple: “macOS is secure by design.”
💻 Meanwhile, in /Users/Shared:
🕵️‍♂️ Persistent Malware masquerading as Apple “agent”
>> Khepri beacon in /tmp
📦 Ad-hoc signed payloads
🌍 Targeting Chinese diaspora
Deep dive from Dinesh Devadoss and me 👉 s1.ai/zuru
#icymi #macOS #malware #APT #infosec

🐧 Giving BlackArch Linux a go for HackTheBox and whatnot. It's my first Arch-based distro, and I think the rules are you have to tell everyone you run Arch...

80s news screen of a frowning male news anchor sitting in front of a graphic that repeats the word “Coping” in various colors

Breached. Kremlin’s new data leaks crackdown scores direct hits on its own security officials turned probiv dealers Moscow’s Tverskoy District Court has remanded in custody a man with alleged ties to the Federal Security Service (FSB) and a former Ministry of Defence official, as part of a widen...

Moscow’s crackdown on the probiv data market has targeted an ex-MoD official “essential to nuclear deterrence” and a data broker with FSB ties.

Mikhail Seifetdinov was detained on July 24, the same day Solaris probiv service went offline

en.zona.media/article/2025...

In 24 months we’re going to be hearing from law enforcement officials about the need to tackle “the VPN problem.” Set your watch to it.

A Startup is Selling Data Hacked from Peoples’ Computers to Debt Collectors Infostealer data can include passwords, email and billing addresses, and the embarrassing websites you use. Farnsworth Intelligence is selling to divorce lawyers and other industries.

A startup's new business model is to take data hacked from people's computers and to sell it to debt collectors. do not think i could make this up

www.404media.co/a-startup-is...

Engineering Manager, Security Automation & Incident Response, United States - Careers at HashiCorp Join our team and help us build industry-leading products that are redefining how enterprises are running their IT infrastructure.

HashiCorp Threat Detection & Response is hiring an Engineering Manager for Security Automation & Incident Response 🕵️‍♂️ #DIFR #hiring www.hashicorp.com/career/6759554

One ping only!

Looks like the maintainer of a number of highly-popular npm packages was phished through npnjs[.]com, and his access used to publish malicious versions of their packages

x.com/JounQin/stat...

www.linkedin.com/feed/update/...

github.com/prettier/esl...

The “Working from China” Problem When employees want to work remotely from “risky” places

I wrote about that moment every security team faces when someone asks if they can work from China for a while, and then everyone freaks out.

magoo.medium.com/the-working-...

Obsidian 1.9.5 (early access) is now available to Catalyst members

- New formula editor for Bases, with autocomplete and syntax highlighting
- Bases remember your scroll position when navigating forward and back
- New commands: "Add item" and "Add view" for Bases

Russian Banks Have Discussed Seeking Bailouts Within Next Year Top executives at some of Russia’s biggest banks have privately discussed seeking a state-funded bailout if the level of bad loans on their books continues to worsen over the next year.

Top execs at some of Russia’s biggest banks have privately discussed seeking a state-funded bailout if the level of bad loans on their books continues to worsen over the next year, reports Bloomberg. Nabiullina has been downplaying the risk of a systemic crisis. www.bloomberg.com/news/article...

The corporate cybersecurity fantasy vs the cybersecurity reality.

Search and be fined. New Russian law targets VPN usage and mere access (!) to “extremist” content Russia’s State Duma has advanced new legislation that would introduce fines for searching prohibited material online, including when using VPNs. Until now, even amid sweeping crack...

Googling LGBT-related topics could soon be an offence in Russia. The parliament is set to back fines for VPN use and accessing “extremist” content. It’s deliberately vague to mean almost anything, and seems like browser history might be evidence

en.zona.media/article/2025...

Just had a couple of plums right off our tree 🌳 We don't deserve nature

For the study, the researchers uploaded millions of pages of e-mails, essays, academic papers, and news stories to ChatGPT, then prompted the AI to “polish” the text. Then they identified several words that ChatGPT seemed to favor, such as “delve,” “realm,” or “meticulous”—dubbing them “GPT words.” Finally, they tracked the frequency of GPT words in over 360,000 YouTube videos and 771,000 podcast episodes from before and after ChatGPT’s release. The paper, posted to the preprint server arXiv, has not yet been peer reviewed.

“‘Delve’ is only the tip of the iceberg,” Brinkmann noted to the Verge. Other frequently used GPT words included “underscore,” “comprehend,” “bolster,” “boast,” “swift,” “inquiry,” “meticulous,” and “groundbreak.”

This is "em-dash tell" all over again. SOME OF US USE THESE WORDS.

The only thing I've ever seen on LaserDisc

MalwareTech Labs - Learn Reverse Engineering & Malware Analysis Practical reverse engineering labs designed to imitate real-world malware techniques, helping beginners improve their skills in a safe and fun way.

Looking to get started learning malware analysis or reverse engineering? Check out my ever increasing selection of practical labs. Challenge range in difficulty and each one is designed to introduce a new malware technique.
malwaretech.com/labs/

Critical RCE in Anthropic MCP Inspector (CVE-2025-49596) Enables Browser-Based Exploits | Oligo Security A critical Remote Code Execution flaw (CVSS 9.4) in Anthropic’s MCP Inspector exposes AI developers to browser-based attacks via 0.0.0.0 and DNS rebinding. Learn how CVE-2025-49596 was exploited from ...

Upgrade MCP Inspector, which enables RCE on endpoints from the browser before v0.14.1 www.oligo.security/blog/critica...

Преступно-патриотический симбиоз: синергия спецслужб, киберпреступности и квазиактивизма вывела Россию в мировые лидеры кибердеструкции Российские власти создали сложную экосистему кибервоздействия, объединяющую спецслужбы, криминальные кибергруппы, а также активистские и псевдоактивистские проекты. Результатом этого симбиоза стал стр...

Article argues that symbiosis between Russia’s cybercriminals and security services in a “cybermafia state” have turned it into a world leader in cyber destruction. Probably a good bit of truth there.
re-russia.net/analytics/03...

Senior Security Researcher - GenAI | Datadog Careers We're building a platform that engineers love to use. Join us, and help usher in the future.

Join my team! We’re looking for a Senior Security Researcher specializing in Generative AI. You’ll have the opportunity to be a part of one of the leading security research organizations in the industry and shape Datadog’s security products! A 🧵
careers.datadoghq.com/detail/70312...

Exclusive: Evidence of cell phone surveillance detected at anti-ICE protest Mobile network anomalies consistent with cell phone surveillance were detected at a July 4 protest at an ICE field office in Washington state.

EXCLUSIVE: I discovered evidence that an IMSI-catcher, commonly called a Stingray, was used during a July 4 protest at an ICE facility.

Using an advanced detection tool called Marlin, I scanned cellular traffic & found hundreds of anomalies indicative of surveillance san.com/cc/exclusive...