Peter C's Avatar

Peter C

@peterc.ollins.me

Security Engineer https://peterc.ollins.me

246 Followers  |  323 Following  |  31 Posts  |  Joined: 15.05.2023  |  1.9174

Latest posts by peterc.ollins.me on Bluesky

Exciting! MLS e2ee messaging with fingerprints in Bluesky bios (to prevent silent bindings) and pre-keys in PDS.

Kinda wish the key was published in the DID document though, especially if one day plc.directory will become a tlog. (Basically free KT!)

www.germnetwork.com/blog/integra...

28.07.2025 18:09 β€” πŸ‘ 58    πŸ” 21    πŸ’¬ 6    πŸ“Œ 1
Preview
Hackers Can Remotely Trigger the Brakes on American Trains and the Problem Has Been Ignored for Years β€œAll of the knowledge to generate the exploit already exists on the internet. AI could even build it for you,” the researcher told 404 Media.

New from 404 Media: we spoke to the researcher who found hackers can remotely trigger brakes on American trains. Says was ignored for years, DHS confirmed. "All of the knowledge to generate the exploit already exists on the internet, AI could even build it for you." www.404media.co/hackers-can-...

15.07.2025 02:04 β€” πŸ‘ 177    πŸ” 48    πŸ’¬ 6    πŸ“Œ 15

Just to clear up some misinfo, a BGP hijack was not the cause of Cloudflare DNS going down today.

At 21:51 UTC, Cloudflare (AS13335) withdrew both 1.1.1.0/24 and 1.0.0.0/24 for an unknown reason.

I suspect AS4755 was always announcing 1.1.1.0/24, when CF went away, it leaked a bit (%2).

15.07.2025 00:14 β€” πŸ‘ 25    πŸ” 11    πŸ’¬ 4    πŸ“Œ 4
Preview
Activision pulls Call of Duty game after PC players are hacked Call of Duty: Remote Code Execution

Activision has pulled a Call of Duty game after multiple reports of PC players having their computers hacked. An old insecure version of the game was reportedly uploaded to the Microsoft Store 😬 www.theverge.com/news/702255/...

09.07.2025 09:35 β€” πŸ‘ 76    πŸ” 10    πŸ’¬ 2    πŸ“Œ 6
Preview
161. The Court's Disastrous Ruling in the Third-Country Removal Case The majority did not just greenlight an especially odious immigration policy without any explanation; it did so in a case in which the government defied the district courtβ€”twiceβ€”with no consequence.

Today’s unsigned, unexplained #SCOTUS ruling clearing the way for removals of migrants to third countries without any additional process is a disasterβ€”not just on the merits, but because of the government misbehavior that it not only refuses to punish, but effectively rewards.

Me, via β€œOne First”:

23.06.2025 21:59 β€” πŸ‘ 9351    πŸ” 3481    πŸ’¬ 583    πŸ“Œ 320
[TLS] Photosynthesis, an update to Merkle Tree Certificates Photosynthesis combines the Static CT API with the ideas in Merkle Tree Certificates.

Here's something I am very excited about: Photosynthesis! πŸŒ±β˜€οΈ

A proposal to have CAs run transparency logs and make X.509 certificates out of Merkle Tree inclusion proofs.

This is similar to how CT would have worked in an ideal world, and it solves the problem of PQC sizes in logs and handshakes.

20.06.2025 19:11 β€” πŸ‘ 39    πŸ” 11    πŸ’¬ 1    πŸ“Œ 0

this is actually how my cursed Online brain read the post

21.08.2023 02:50 β€” πŸ‘ 804    πŸ” 175    πŸ’¬ 16    πŸ“Œ 2
Preview
Coinbase breach tied to bribed TaskUs support agents in India A recently disclosed data breach at Coinbase has been linked to India-based customer support representatives fromΒ outsourcing firm TaskUs, who threat actors bribed to steal data from the crypto exchange.

A recently disclosed data breach at Coinbase has been linked to India-based customer support representatives fromΒ outsourcing firm TaskUs, who threat actors bribed to steal data from the crypto exchange.

03.06.2025 13:18 β€” πŸ‘ 2    πŸ” 3    πŸ’¬ 0    πŸ“Œ 0
Preview
Democratizing Detection Engineering at Block: Taking Flight with Goose and Panther MCP A comprehensive overview of how Block leverages Goose and Panther MCP to democratize and accelerate security detection engineering.

Most engineers aren’t taught how to write secure code or catch threats after deploy.

Detection engineering used to be limited to experts. Now anyone can do it with prompts, Goose, and the Panther MCP server. πŸ’ͺ

block.github.io/goose/blog/2...

02.06.2025 22:07 β€” πŸ‘ 10    πŸ” 5    πŸ’¬ 0    πŸ“Œ 0
Preview
Vanta bug exposed customers' data to other customers | TechCrunch The compliance company said the customer data exposure was caused by a product change.

New, by me: Compliance startup Vanta said it's fixing a bug that exposed some customer data to other Vanta customers.

One Vanta customer told us that they were notified that some of their data was pulled out of their Vanta instance "into other customers’ instances."

02.06.2025 17:17 β€” πŸ‘ 14    πŸ” 6    πŸ’¬ 2    πŸ“Œ 1

Our latest investigation…

31.05.2025 21:13 β€” πŸ‘ 156    πŸ” 55    πŸ’¬ 7    πŸ“Œ 0
Post image Post image Post image Post image

I'm often asked if I'll redo the 2019 quantum factoring estimate. Denser storage by yokes, smaller magic factories by cultivation, slimmer approx arithmetic by Chevignard et al… surely the cost is lower now?

Yes, it's lower now.

security.googleblog.com/2025/05/trac...

arxiv.org/abs/2505.15917

23.05.2025 13:25 β€” πŸ‘ 74    πŸ” 15    πŸ’¬ 2    πŸ“Œ 4
Preview
Probe Found Security Lapses Led to US Contractor’s Data Breach Failures in cybersecurity practices at a software company that helps federal agencies manage investigations and FOIA requests allowed two convicted hackers to delete databases, according to internal d...

SCOOP: In Feb, federal agencies "lost" many #FOIA requests but you probably had no idea. It turns out that the FOIAs disappeared due to an "insider threat attack" by 2 employees at a software company who were previously convicted of hacking into the State Dept

🧡

🎁 www.bloomberg.com/news/article...

21.05.2025 13:17 β€” πŸ‘ 523    πŸ” 328    πŸ’¬ 24    πŸ“Œ 31
DHI

DHI

New: Docker Hardened Images πŸ”

βœ… Non-root by default
βœ… SLSA Level 3 compliant
βœ… SBOMs, VEX, provenance β€” all signed
βœ… Built-in to Docker Hub

πŸ‘‰ http://spklr.io/63323CAqR

#Docker #DevSecOps #SoftwareSupplyChain #Containers #CloudNative #DockerHardenedImages

19.05.2025 13:12 β€” πŸ‘ 5    πŸ” 3    πŸ’¬ 0    πŸ“Œ 1

DDoSecrets publishes 410 GB of heap dumps, hacked from TeleMessage's archive server micahflee.com/ddosecrets-p...

19.05.2025 16:54 β€” πŸ‘ 138    πŸ” 79    πŸ’¬ 6    πŸ“Œ 12
Branch Privilege Injection: Exploiting Branch Predictor Race Conditions – Computer Security Group

Time to update microcode on your Intel processors (gen >9)
new speculative prediction bug lets you capture /etc/shadow with 99% reliability. They didn't make anything like it work on AMD or ARM, yet...

comsec.ethz.ch/research/mic...

www.intel.com/content/www/...

github.com/intel/Intel-...

13.05.2025 16:56 β€” πŸ‘ 2    πŸ” 3    πŸ’¬ 0    πŸ“Œ 0
Preview
Despite misleading marketing, Israeli company TeleMessage, used by Trump officials, can access plaintext chat logs Despite their misleading marketing, TeleMessage, the company that makes a modified version of Signal used by senior Trump officials, can access plaintext chat logs from its customers. In this post I ...

Despite misleading marketing, Israeli company TeleMessage, used by Trump officials, can access plaintext chat logs. My findings are based on TM SGNL's source code, and they are corroborated by hacked data micahflee.com/despite-misl...

06.05.2025 20:00 β€” πŸ‘ 783    πŸ” 332    πŸ’¬ 23    πŸ“Œ 89
Preview
Windows RDP lets you log in using revoked passwords. Microsoft is OK with that. Researchers say the behavior amounts to a persistent backdoor.
30.04.2025 18:37 β€” πŸ‘ 40    πŸ” 10    πŸ’¬ 5    πŸ“Œ 2
Preview
The Signal Clone the Trump Admin Uses Was Hacked TeleMessage, a company that makes a modified version of Signal that archives messages for government agencies, was hacked.

TeleMessage, the Israeli company that makes the modified Signal app used by Trump officials, was hacked. β€œI would say the whole process took about 15-20 minutes,” the hacker said micahflee.com/the-signal-c...

04.05.2025 22:05 β€” πŸ‘ 1841    πŸ” 878    πŸ’¬ 37    πŸ“Œ 87
Post image

PhD Timeline xkcd.com/3081

25.04.2025 15:32 β€” πŸ‘ 60711    πŸ” 20857    πŸ’¬ 610    πŸ“Œ 840
Post image

🧡 THREAD: A federal whistleblower just dropped one of the most disturbing cybersecurity disclosures I’ve ever read.

He's saying DOGE came in, data went out, and Russians started attempting logins with new valid DOGE passwords

Media's coverage wasn't detailed enough so I dug into his testimony:

18.04.2025 00:10 β€” πŸ‘ 14177    πŸ” 7493    πŸ’¬ 334    πŸ“Œ 1032

Turning the Security Flywheel

This post explores the "flywheel" concept and its application to security, demonstrating how to create self-reinforcing cycles that improve effectiveness.

www.philvenables.com/post/turning...

08.03.2025 15:44 β€” πŸ‘ 5    πŸ” 3    πŸ’¬ 0    πŸ“Œ 1
Preview
Safe.eth on X: "Investigation Updates and Community Call to Action" / X Investigation Updates and Community Call to Action

New details on the ByBit/Safe{Wallet} breach, and uhhh wow, some really silly blunders on the DPRK side. They still succeeded which is the most upsetting part of all of this. Let's bully some threat actor tradecraft! A🧡
x.com/safe/status/...

06.03.2025 17:21 β€” πŸ‘ 23    πŸ” 12    πŸ’¬ 1    πŸ“Œ 2

Security engineering should be embedded in engineering teams, doing joint engineering work.

Security engineering that operates as its own isolated team is an organizational artifact of a company’s β€œwe’ll bolt on security later” culture.

25.02.2025 20:24 β€” πŸ‘ 161    πŸ” 23    πŸ’¬ 10    πŸ“Œ 1

The executive response to Copilot products consistently violating data security policies and development requirements causing escalations every release was to just stop having the escalation meetings for a while

I am not even exaggerating

08.02.2025 00:33 β€” πŸ‘ 131    πŸ” 36    πŸ’¬ 5    πŸ“Œ 3

On the other hand, it will be redundant to all the other actual vulnerabilities in the EOL version which have actual quantifiable severities.

24.01.2025 16:56 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Yep, basically!

24.01.2025 16:33 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
CVE Website

I guess we're creating vulnerabilities about the potential for vulnerabilities now and classifying them as high severity 😩
www.cve.org/CVERecord?id...

24.01.2025 16:07 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 2    πŸ“Œ 0
Preview
Hacking Subaru: Tracking and Controlling Cars via the STARLINK Admin Panel On November 20, 2024, Shubham Shah and I discovered a security vulnerability in Subaru’s STARLINK admin panel that gave us unrestricted access to all vehicles and customer accounts in the United State...

Outstanding write-up from @zlz.bsky.social (as always)

samcurry.net/hacking-subaru

β€’ Enumeration
β€’ Account takeover via vulnerable password reset feature
β€’ 2FA bypass as it was implemented only as an UI limitation (not server-side)

23.01.2025 13:28 β€” πŸ‘ 6    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Exploring the Kubernetes API Server Proxy

First blog post of the new year and this is one I've been meaning to write up for a while which is some details on #Kubernetes API Server proxy feature and how it might be possible to use some known weaknesses in it to escalate your privileges in a cluster.

raesene.github.io/blog/2025/01...

18.01.2025 12:54 β€” πŸ‘ 24    πŸ” 14    πŸ’¬ 0    πŸ“Œ 0

@peterc.ollins.me is following 20 prominent accounts