Introducing entropyscan-rs, a #RustLang entropy scanner for analyzing files and directories during incident response. Used carefully, this can quickly identify likely malware when not all stages of an attack have been discovered, such as during a web server compromise without adequate logging. Enjoy!
North Korean hackers crack DMARC to spoof emails from trusted sources
North Korean state-sponsored threat actors are abusing misconfigurations in DMARC to send convincing phishing emails and gather vital intelligence from Western targets~impersonating journalists, officials have warned.
#AskInfoSec I'm trying to wrap my head around security aspects of IPv6 protocol.
From what I've learned that now my networking devices have a public IP address (unlike with IPv4 which would have to be port translated at the router).
In order to talk to a service I still will need a port next to the IP address.
Does that mean that every device in the network should have a firewall? Or can I still have one at the router level handle everything?
My fear is that a router could be easily bypassed.
“The general problem of mixing data with commands is at the root of many of our computer security vulnerabilities.” Great explainer by security researcher Bruce Schneier on why large language models may not be a great choice for tasks like processing your emails. https://cacm.acm.org/opinion/llms-data-control-path-insecurity/
I was up late trying to figure out a stupid issue I was having with the Crowdstrike API so I didn't stream on twitch last night, hoping to do a stream tonight. I think they took a feature out my team was actually using which would allow me to contain a device and make a note that could be viewed in the dashboard.