Do you have Cisco ASA devices on your network? Do you know about them all? If they are exposed to the Internet, attackers likely know. Check out my latest article that reveals some scanning trends (thanks to GreyNoise), available exploits, and EOL info for ASA. Article: eclypsium.com/blog/cisco-a...

The movie "Hackers" was released 30 years ago today. It still stands as my favorite hacker movie. What is your favorite "Hackers" movie quote? Here are some reasons why it remains my favorite:

EOL devices are something you often find in the dusty corners of an organization's IT infrastructure. Legacy devices are now a popular target for threat actors, providing a prime location to hide and a rich attack surface. How are you identifying EOL devices, and what is the remediation plan?

Pretty much all printers

Found a great guide to upgrading your graphics card

Never throw cables away!

Someone keeps stealing the drives out of these digital signs, please stop...

We did this once when Doug and I built a PC live on the air, fun times!

Temporary means permanent in IT speak

YOLO!

Someone forgot to "sign" in...

Do you remember your 1980s Blackberry?

Punishments include being forced to install NVIDIA drivers

So much this lately

This is one of the best posts this year: "The One Where We Just Steal The Vulnerabilities (CrushFTP CVE-2025-54309)" - Entertaining, memes are on point, technical details are fantastic, and there is some direct and indirect "eye poking" going on. Love it! labs.watchtowr.com/the-one-wher...

So true, especially with the Arduino code I've seen

Fixed it for ya: cd .. ls cd .. ls cd .. pwd cd .. ls cd .. pwd

I am fascinated by recent reports suggesting that "Flipper Zeros can be used to steal cars." I believe the first myth is that attackers can start the car, which is not true. The attacks allow attackers to unlock a car

A little JavaScript humor never hurt anyone...

I've had my issues with Ubuntu, but also every other Linux distro...

Amazing quote

WiFi AP Lite Edition

LLM guardrails are super annoying. It feels like a bunch of conditional statements trying to prevent broad swaths of activity that could be even remotely malicious. When I ask an LLM to perform a "sketchy" task and it comes back with "No, Dave, I can't do that," I throw my hands up.

You were the chosen one Claude! You were supposed to fix my code, not break it!

AI: The Shiny New Attack Surface! New technology gets adopted, then we start to think about security. Really? This seems backwards...

I've tested many hacking devices, and this one is hands down my favorite! With several models to choose from, the Hackberry PI stands out as the best portable device that runs Kali, offering battery power, USB ports, and more. I customized mine with a 3D printed enclosure for an external antenna.

Spin the SSL VPN vulnerability roulette wheel, who will be next? Vendors are fighting technical debt, scurrying to find, fix, and deploy patches to thwart attackers. It feels like a losing battle. Perhaps it's never too late to implement secure SDLCs?

Yes, this happens. We need to improve our ability to deploy secure systems more easily. Test keys make it easier to get up and running and do development, but one false move and the test keys end up in production. Perhaps test keys need to have a short lifespan, so we are forced to rotate them.

Hacker Mindset: "No one said we can do it, but also no one said we can't do it."

The first time could be the last time depending on the level of success...

Amazing UEFI research has been presented at Blackhat conferences in the past couple of years. For example, last year my favorite was option ROMs, and this year it was malware that lives in UEFI, both from the same researcher!

Kali is now lightning fast!

Wifi math, similar to Microsoft operating system version number math...

Linux is what you make of it. If you want to overcomplicate things, you can. If you want something simple, Linux will usually lead you towards more complicated things, but that's all part of the experience!

I miss the days of "ifconfig" and "eth0", but I've come to accept that Linux environments are constantly changing. This is why it is essential to keep notes on command syntax and related topics; even a couple of Google Docs can be really helpful!

Heh, I was wondering where AI fits...

Jonathan Bennett does a great job of summarizing the week's security news highlights. Released every Friday, it's a must-read: hackaday.com/2025/08/15/t...

The Internet Explorer costume is hilarious!

Standard office environments do not give off fast-paced or exciting vibes...

I had to replace the USB-C cable for charging my laptop because it was damaged in two places. If I still had the phone cord from my house in the 90s, it would still work...

The BadCAM research has been published! Why is this significant? Attackers can now weaponize connected USB peripherals that run Linux and do not validate firmware signatures. Turn a webcam into a BadUSB device: eclypsium.com/blog/badcam-...

Me: I need to reboot Windows. My options are "Restart" or "Update and Restart", so I chose "Restart" Windows: "Ha! Fooled you again, I'm updating anyway." Me: "I am replacing you with Linux." Windows: "Nooooooooooooooo"

AI’s future isn’t just about fast GPUs or clever models—it’s about verifiable infrastructure security. As billion-dollar AI projects launch, leaders must secure every layer: hardware, firmware, and the global supply chain. Check out Yuriy’s Forbes article for more: www.forbes.com/councils/for...

Attending Defcon this year? Want to attend a fantastic talk? This is my pick! Watch as my co-workers Mickey and Jesse show off some really cool stuff! (Yes, I am biased, but I believe you will love this.)

I'm sorry, this answer is totally correct (maybe not the answer the teacher was looking for, but still a correct answer!)

Is Windows Defender really that bad? Also, how would you maintain privacy in this situation? (Both questions are slightly rhetorical)

Plus, no license key, no required account creation, no wacky minimum requirements...

Often, when I look under the hood of a device, I find some form of open-source software...

Dear Dave Kennedy, we have a mission for you...

A file is a file...