Exploring the Internals of Linux v0.01 https://seiya.me/blog/reading-linux-v0.01
seiya.me
Exploring the internals of Linux v0.01
Cargo Cult Science by Richard P. Feynman (1974) [pdf] https://calteches.library.caltech.edu/51/2/CargoCult.pdf
Forwarded from Hacker News (yahnc_bot)
MLIR For Beginners: A series of articles on the MLIR framework https://github.com/j2kun/mlir-tutorial
GitHub
GitHub - j2kun/mlir-tutorial: MLIR For Beginners tutorial
MLIR For Beginners tutorial. Contribute to j2kun/mlir-tutorial development by creating an account on GitHub.
Online Historical Encyclopaedia of Programming Languages
http://hopl.info/
http://hopl.info/
Large Language Models: Compilers for the 4th Gen of Programming Languages? [pdf] https://drops.dagstuhl.de/opus/volltexte/2023/18524/pdf/OASIcs-SLATE-2023-10.pdf
RedHotel:_A_Prolific,_Chinese_State_Sponsored_Group_Operating_at.pdf
3.7 MB
RedHotel: A Prolific, Chinese State-Sponsored Group Operating at a Global Scale
Writing a Package Manager https://antonz.org/writing-package-manager/
antonz.org
Writing a package manager
Without spending a year on it.
π1
Forwarded from Hacker News (yahnc_bot)
Is Computer Hacking a Crime? (1989) [pdf] https://faculty.weber.edu/apainter1/Readings/Hacking%20a%20Crime.pdf
Programming as Theory Building (1985) [pdf] https://algoritmos-iii.github.io/assets/bibliografia/programming-as-theory-building.pdf
Forwarded from Compsci Library π
How to write correct code by construction using the Coq Proof Assistant https://betterprogramming.pub/a-taste-of-coq-and-correct-code-by-construction-111bf74d3b98
Medium
A Taste of Coq and Correct Code by Construction
How to write correct code by construction using the Coq Proof Assistant
Forwarded from Hacker News (yahnc_bot)
Critical ignoring as a core competence for digital citizens (2022) https://journals.sagepub.com/doi/epub/10.1177/09637214221121570
Forwarded from vx-underground
Let's talk about ransomware for a second.
Ransomware Threat Actors are opportunity driven. They do not have specific targets in mind. If you've got a dollar, they want it.
The reality of the matter, in the ransomware ecosystem, is initial access brokering is cheap and affordable, it is a worthwhile investment for ransomware affiliates to establish a good relationship with an initial access broker.
There is an initial access broker who will sell you roughly 1,000,000 misconfigured VPN's for $1,500. These 'misconfigured' VPNs typically will be companies which have accidentally set a VPN user login to something like 'test' as the username AND password. Although this may sound absurd, or unlikely, these are extremely common as companies may simply overlook small errors. However, these misconfigured VPNs are not curated. Ransomware affiliates might have to spend weeks, or months, sorting through the list determining which companies discovered have:
1. Money
2. Do not violate the rules of the ransomware group
3. Have insufficient security posture
4. Are outside with CIS (ex-soviet countries).
This is often how ransomware groups collide with each other. Two different initial access brokers may have identified (or gotten access) to the exact same organization and then sold this identified vulnerable organization, or access, to two different ransomware groups. There have been stories where ransomware affiliates gain access, only to discover upon entry the organization has already been ransomed!
Companies that have correctly configured EDRs (a detected blue team), a SOC, and have good policy and/or asset control will defeat most ransomware affiliates. More often than not, if an affiliate encounters a company that has a good EDR, or hardened machines, they may simply abandon the target all together (or sell it to a different ransomware operator) because it may not be worth their time. Metaphorically speaking, time is money to the Ransomware Threat Actor.
Regarding targets, there is another aspect often overlooked. Ransomware operators residing outside NATO often do not understand the culture or targets they have identified. For example, we have witnessed ransomware groups target public school systems, failing to understand how the United States allocates money for schools. They mistakenly believe tax-funded schools are ripe with cash and simply do not believe negotiators when they say the victim doesn't have the money. They rely on publicly available information (often wrong information) from places like Wikipedia or ZoomInfo. They see big numbers and believe that this is the profit margins.
tl;dr if you very seriously want to defeat ransomware, security companies need to understand the financial limitations many organizations face. They do not have the money, or man power, larger companies have to combat an ever evolving threat landscape.
NOTE: There are some caveats to this rant. Every ransomware affiliate will seek different avenues of gaining access. Blah, blah, blah.
Thanks for reading. Have a goodnight (or morning).
Ransomware Threat Actors are opportunity driven. They do not have specific targets in mind. If you've got a dollar, they want it.
The reality of the matter, in the ransomware ecosystem, is initial access brokering is cheap and affordable, it is a worthwhile investment for ransomware affiliates to establish a good relationship with an initial access broker.
There is an initial access broker who will sell you roughly 1,000,000 misconfigured VPN's for $1,500. These 'misconfigured' VPNs typically will be companies which have accidentally set a VPN user login to something like 'test' as the username AND password. Although this may sound absurd, or unlikely, these are extremely common as companies may simply overlook small errors. However, these misconfigured VPNs are not curated. Ransomware affiliates might have to spend weeks, or months, sorting through the list determining which companies discovered have:
1. Money
2. Do not violate the rules of the ransomware group
3. Have insufficient security posture
4. Are outside with CIS (ex-soviet countries).
This is often how ransomware groups collide with each other. Two different initial access brokers may have identified (or gotten access) to the exact same organization and then sold this identified vulnerable organization, or access, to two different ransomware groups. There have been stories where ransomware affiliates gain access, only to discover upon entry the organization has already been ransomed!
Companies that have correctly configured EDRs (a detected blue team), a SOC, and have good policy and/or asset control will defeat most ransomware affiliates. More often than not, if an affiliate encounters a company that has a good EDR, or hardened machines, they may simply abandon the target all together (or sell it to a different ransomware operator) because it may not be worth their time. Metaphorically speaking, time is money to the Ransomware Threat Actor.
Regarding targets, there is another aspect often overlooked. Ransomware operators residing outside NATO often do not understand the culture or targets they have identified. For example, we have witnessed ransomware groups target public school systems, failing to understand how the United States allocates money for schools. They mistakenly believe tax-funded schools are ripe with cash and simply do not believe negotiators when they say the victim doesn't have the money. They rely on publicly available information (often wrong information) from places like Wikipedia or ZoomInfo. They see big numbers and believe that this is the profit margins.
tl;dr if you very seriously want to defeat ransomware, security companies need to understand the financial limitations many organizations face. They do not have the money, or man power, larger companies have to combat an ever evolving threat landscape.
NOTE: There are some caveats to this rant. Every ransomware affiliate will seek different avenues of gaining access. Blah, blah, blah.
Thanks for reading. Have a goodnight (or morning).