Steve Fink

@v3rtig0 @d4rkm4tter Not quite Russ. The CA was around 180. We're not there yet! ❤️

@d4rkm4tter Freaking NOC team is larger than the volunteer team used to be! Holy cow!

Did anyone zoom in on that team photo? 😂 Miss all you, literally the best folks to work with on the planet!! Best year yet!!!! 🖤🖤🖤🖤

@d4rkm4tter Dear autocorrect... It's NEVER ducking!

Why is music on music sometimes the most annoying thing on the planet? Turn off your ducking Bluetooth speaker for ducks sake

Happy Fri-Yay, nerds! Whatcha up to this weekend? Gif replies only.

Cisco has released updates for two serious security issues in its Identity Services Engine (ISE) and Passive Identity Connector (ISE-PIC). Unpatched, these flaws could have allowed hackers to take full control of your system. Read more about it here: zurl.co/Hw8kf

Teach your employees to be your biggest defenders! Training from Secure Yeti's @jaysonstreet will help you make security “personal” so your employees think like a hacker and fiercely protect your company’s assets 24/7. August 2-3 at @BlackHatEvents. #BHUSA zurl.co/L44r3

@Grifter801 and I are always finding ourselves in some underground sketchy places!

Right now there are a lot of new eyes on Signal, and not all of them are familiar with secure messaging and its nuances. Which means there’s misinfo flying around that might drive people away from Signal and private communications. One piece of misinfo we need to address is the claim that there are ‘vulnerabilities’ in Signal. This isn’t accurate. Reporting on a Pentagon advisory memo appears to be at the heart of the misunderstanding: npr.org/2025/03/25/nx-…. The memo used the term ‘vulnerability’ in relation to Signal—but it had nothing to do with Signal’s core tech. It was warning against phishing scams targeting Signal users. Phishing isn’t new, and it’s not a flaw in our encryption or any of Signal’s underlying technology. Phishing attacks are a constant threat for popular apps and websites. In order to help protect people from falling victim to sophisticated phishing attacks, Signal introduced new user flows and in-app warnings. This work has been completed for some time and is unrelated to any current events. If you’re interested in learning more, this WIRED article from February 19th (over a month ago) goes into more detail: wired.com/story/russia-s… Signal is open source, so our code is regularly scrutinized in addition to regular formal audits. We also constantly monitor security@signal.org for any new reports, and we act on them with quickness while also working to protect the people who rely on us from outside threats like phishing with warnings and safeguards. This is why Signal remains the gold standard for private, secure communications.

Working our third BEC this month that spoofs a Dropbox share, steals your credentials and then your contacts. DON'T BE FOOLED! @irsecfink can't keep up!

Thank you so much to everyone who came out to Hak-In-the-Box (@HITBUTT) during @SAINTCON, we had an incredible turn out and raised $2500 for @NAMIUtah! We couldn't have done that without your very generous donations and the donations of minibadges and electronics! We are so proud of our community and glad we had another successful year! Thank you again from the bottom of my heart, I sincerely love this community! And know that if you are struggling, this world is better with you in it! Check in on your friends if you haven't and if you or someone you know is struggling, there are resources like 988, or 988lifeline.org for chat.

Continue the SAINTCON experience on Discord: discord.com/invite/saintcon

Visit the @801Labs booth outside of the Expo Hall

@surbo presenting @SAINTCON Awesome job!!

Blinded by Tunnel Vision by @InfoSecFink and @d4rkm4tter in Track 3

And @snowfensive is giving away free practice locks!!! Get to their booth before they are gone!!

Everyone at @SAINTCON T minus one hour prepare to be Blinded by TunnelVision with @d4rkm4tter and I. See you there!

The telegram situation has brought out some very interesting comments regarding Signal... Here I'll make a chart: Fully open source: ✅ Signal ❌ Telegram ❌ Whatsapp 3rd party code audits: ✅ Signal ❌ Telegram ❌ Whatsapp For profit: ❌ Signal ✅ Telegram ✅ Whatsapp

Family Night is one of the most fun events at SAINTCON because it welcomes the whole family. Join in the many activities and challenges being prepared for this year. Registration opens on Monday, August 19: saintcon.org/evt-family-nig…

Never in a million years did I think this would happen! I'm a Lego! #blackhat #lego

Nerdsssss, it's Fri-Yay! Whatcha up to this weekend? Gif replies only