0x58

@0x58@infosec.exchange

๐Ÿ‘จโ€๐Ÿ‘ฉโ€๐Ÿ‘งโ€๐Ÿ‘ฆ Husband. Proud Father. He/Him.

๐Ÿ‘๏ธ ๐Ÿ โ“‚๏ธ IBM Inventor and Cloud Security Solution Architect at @IBM. Member of the IBM Academy of Technology (AoT).

:openbsd: ex-#OpenBSD (xsa@). Hacker. Open Source Advocate.

#ibm #infosec #cloudsecurity #fedi22 #fedi23 #wehackhealth #crossfit #emtb #fieldhockey #porsche #nobot

๐Ÿ’ฌ My Own Views. Always.

My #cybersecurity and #infosec Weekly Newsletter:

๐Ÿ“จ https://infosec-mashup.santolaria.net

Maintaining a list of {Cyber,Info}Security Events:

๐Ÿ“† https://github.com/xsa/infosec-events

This profile is from a federated server and may be incomplete. Browse more on the original instance.

0x58, to Cybersecurity

๐Ÿ“จ Latest issue of my curated and list of resources for week /2024 is out! It includes the following and much more:

โž ๐Ÿ”“ Support Portal Exposed Customer Device Info
โž ๐Ÿ”“ ๐Ÿ‡น๐Ÿ‡ญ Major in Exposes Personal Data of 20 Million Elderly Citizens
โž ๐Ÿ”“ ๐Ÿ‡ซ๐Ÿ‡ท Millions at risk of fraud after massive health data hack in
โž ๐Ÿ”“ ๐Ÿ‡บ๐Ÿ‡ธ employee inadvertently leaks data of 63 thousand colleagues
โž ๐Ÿ”“ ๐Ÿ–ฅ๏ธ Hacked: Revokes Passwords, Certificates in Response
โž ๐Ÿ”“ ๐Ÿ‡บ๐Ÿ‡ธ says caused $49 million in expenses
โž ๐Ÿ’ธ ๐Ÿ“ˆ Payments Exceed $1 Billion in 2023, Hitting Record High After 2022 Decline
โž ๐Ÿ‡บ๐Ÿ‡ธ ๐Ÿ’ฐ US offers $10 million for tips on ransomware leadership
โž ๐Ÿ‡จ๐Ÿ‡ณ ๐Ÿ‡บ๐Ÿ‡ธ -backed Volt Typhoon hackers have lurked inside US for โ€˜at least five yearsโ€™
โž ๐Ÿ‡จ๐Ÿ‡ณ ๐Ÿ‡ณ๐Ÿ‡ฑ Chinese Hackers Exploited Flaw to Breach Dutch Network
โž ๐Ÿ‡ฎ๐Ÿ‡ท ๐Ÿ‡ฎ๐Ÿ‡ฑ accelerates cyber ops against from chaotic start
โž ๐Ÿ‡ง๐Ÿ‡พ ๐Ÿ‡บ๐Ÿ‡ธ Belarusian National Linked to BTC-e Faces 25 Years for $4 Billion Money Laundering
โž ๐Ÿ‡ญ๐Ÿ‡ฐ ๐Ÿ’ธ worker pays out $25 million after video call with โ€˜chief financial officerโ€™
โž ๐Ÿ‡บ๐Ÿ‡ฆ is Creating a โ€˜Cyber Diplomatโ€™ Post
โž ๐Ÿ‡ฉ๐Ÿ‡ฐ orders schools to stop sending student data to
โž ๐Ÿ‡ช๐Ÿ‡บ โš–๏ธ proposes criminalizing AI-generated child sexual abuse and deepfakes
โž ๐Ÿ‡ณ๐Ÿ‡ฑ ๐Ÿ’ฐ Fined 10 Million Euros by Dutch Data Regulator
โž ๐Ÿ‡บ๐Ÿ‡ธ ๐Ÿ›‚ US to Roll Out Visa Restrictions on People Who Misuse to Target Journalists, Activists
โž ๐Ÿฆ  ๐Ÿ’ฌ Raspberry Robin Upgrades with Spread and New Exploits
โž ๐Ÿฆ  ๐ŸŽ New Backdoor Linked to Prominent Ransomware Groups
๐Ÿฆ  ๐Ÿชฅ Surprising 3 Million Hacked Story Goes Viralโ€”Is It True?
โž ๐Ÿ‡จ๐Ÿ‡ฆ ๐Ÿฌ declares public enemy No. 1 in car-theft crackdown
โž ๐Ÿฉน : Patch new Connect Secure auth bypass bug immediately
โž ๐Ÿ› ๐Ÿ“ Security flaw in a popular smart helmet allowed silent location tracking
โž ๐Ÿฉน Critical Patches Released for New Flaws in , , Products
โž ๐Ÿ› ๐Ÿง Critical Boot Loader in Shim Impacts Nearly All Distros
โž ๐Ÿ› โœˆ๏ธ App Vulnerability Introduced Aircraft Safety Risk
โž ๐Ÿฉน Patches High-Severity Bugs in QTS, Qsync Central

--

๐Ÿ“š This week's recommended reading is: "x86 Software Reverse-Engineering, Cracking, and Counter-Measure" by Stephanie Domas & Christopher Domas

--

Subscribe to the newsletter to have it piping hot in your inbox every week-end โฌ‡๏ธ

https://infosec-mashup.santolaria.net/p/infosec-mashup-week-062024

0x58, to infosec

๐Ÿ†• Added to the list of events! See you in ๐Ÿ‡น๐Ÿ‡ญ in August! ๐Ÿ“† โœˆ๏ธ

https://github.com/xsa/infosec-events

0x58, to Cybersecurity

๐Ÿ“ฌ Your weekly #InfosecMASHUP was just sent out! Read it here if you missed it! ๐Ÿ‘‡

#cybersecurity #infosec

https://open.substack.com/pub/0x58/p/infosec-mashup-week-062024?r=299go8&utm_campaign=post&utm_medium=web&showWelcomeOnShare=true

0x58, (edited ) to superbowl

Who you r00ting for this week-end? ๐Ÿˆ #superbowl

GossiTheDog, to random
@GossiTheDog@cyberplace.social avatar

deleted_by_author

    •
    0x58,

    @GossiTheDog I wonder when the mix up between Sweden and Switzerland will stop... coming from the ๐Ÿ‡บ๐Ÿ‡ธ

    0x58, to infosec

    ๐Ÿ“† Some of the recently added #infosec events to my list are: @bsidesboulder @rootedcon #NullconBerlin2024 #Zer0Con @typhooncon @BSidesLV

    Thanks to @lcheylus for his many submissions! ๐Ÿ™

    #cybersecurity #travel

    Go check the rest ๐Ÿ‘‡

    https://github.com/xsa/infosec-events

    0x58, to opensource

    #BSD lovers - Your opportunity to submit a paper for @bsdcan 2024! You have 3 days left! :freebsd:โ€‹ #opensource

    https://www.bsdcan.org/2024/papers.php

    0x58, to infosec

    ๐Ÿ‡บ๐Ÿ‡ธ New "Cybergang Bounty" - #infosec #cybersecurity

    https://www.bleepingcomputer.com/news/security/us-offers-10-million-for-tips-on-hive-ransomware-leadership/

    krypt3ia, to random

    So, Iโ€™ve been creating posts again, but, I think Iโ€™ve sussed something out. People arenโ€™t reading anything anymore. Unless itโ€™s 240 characters or lessโ€ฆ

    0x58,

    @krypt3ia Turn it into a 30 secs video and people will love it.

    howelloneill, to random

    i've seen literally 50x more people complaining about the toothbrush thing compared to actual blogs, which is funny to me but okay, I understand.

    It's probably significant that all the places i've seen publish it are mass production reblog factories. all due respect, these are not well regarded news outlets. maybe that's not obvious to the general public or even the cyber expert public? There's a difference.

    contrary to the viral outrage, this is absolutely not an example of "a dozen well-regarded news outlets" being tricked. It's still worth learning from as an example of the pitfalls of aggregation but you all could act a little less outraged, if I didn't know better I'd think this thing was just published on the front page of the washington post. everyone, drink a glass of water and get some air. This is not a big deal :)

    0x58,

    @GossiTheDog @howelloneill They only wanted to deflect attention on the FortiSIEM new flaws announcement fiasco :flan_laugh:โ€‹

    0x58,

    @GossiTheDog @howelloneill While I can attest that German, and Swiss German languages are different... They can't blame it on the "lost in translation" excuse.

    What website is that screenshot from?

    0x58, to AWS

    ๐Ÿ“บ One to watch today - Interesting @frichetten talk titled "Evading Logging in the Cloud: Bypassing AWS CloudTrail" :cloudcomputing:โ€‹

    https://youtu.be/YP2XNAbB_Nw?si=mLK1z_fh8MZkgsVG

    matthew_d_green, to random
    @matthew_d_green@ioc.exchange avatar

    Iโ€™m sad there are no malware-infested toothbrushes.

    0x58,

    @matthew_d_green Maybe that should be a pet project for someone :flan_laugh:โ€‹

    krypt3ia, to random

    Mornin!

    We doomed.

    0x58,

    @krypt3ia Can't seem to find the toothbrush on this one. Is it virtually DDoS'in something? :flan_laugh:โ€‹

    0x58,

    @krypt3ia Brilliant! Love it! ๐Ÿ˜

    accidentalciso, to random

    Me: I suppose I should make my breakfast.

    Wife: Oh, I just cleaned up the kitchen. Sorry, I didnโ€™t know you didnโ€™t eat yet.

    Me: No worries, I can make a mess again. Iโ€™m good at that.

    0x58,

    @accidentalciso Now you left us hanging. What did you wife say after your last comment? ๐Ÿ˜†

    0x58, to random

    So, we've been talking about giving sh!t to #Ivanti recently (and rightfully).. Can we talk about #jetbrains? Like every other week they release security patches....

    Weld, to random

    Images of the Dental DoS attack are starting to trickle in

    0x58,

    @Weld At least GenAI servers some (important) purpose! :flan_laugh:โ€‹

    SecurityWriter, to random

    Been in so many meetings today that Iโ€™m losing my voice. Itโ€™s been brutal.

    0x58,

    @SecurityWriter As long as you're not loosing your sh!t during these meetings... :flan_laugh:โ€‹

    0x58,

    @SecurityWriter Decent ratio. Congrats ๐Ÿ‘๐Ÿป

    0x58, to Cybersecurity

    SQL injection and cross-site scripting (XSS) attacks still going strong ๐Ÿš€

    #cybersecurity #infosec #xss #sqlinjection

    https://www.bleepingcomputer.com/news/security/hackers-steal-data-of-2-million-in-sql-injection-xss-attacks/

    molly0xfff, to random
    @molly0xfff@hachyderm.io avatar

    just inventoried my bin of bulk/duplicate spices bc i need to make a penzey's order

    FOUR bottles of smoked paprika

    i use it in one (1) recipe

    0x58,

    @molly0xfff Should be good on potatoes cut in slices, with some olive oil, herbs, and put in the over... Yummy ๐Ÿ˜‹

    0x58, (edited ) to random

    Just to make sure people stay on their toes :flan_laugh:โ€‹

    #infosec #fortinet #cybersecurity #cve

    https://www.bleepingcomputer.com/news/security/fortinet-snafu-critical-fortisiem-cves-are-duplicates-issued-in-error/

    joel, to IBM
    @joel@piou.foolbazar.eu avatar

    I added and to my profile. That would be great to get a job related to this technology.

    BTW, I didn't add Cloud. Because... I'd rather not use that thing anymore :D

    0x58,

    @joel Sad to hear your complicated relationship with though. Hope you'll clinch that next job of yours! ๐Ÿคž

    GossiTheDog, (edited ) to random
    @GossiTheDog@cyberplace.social avatar

    The three million toothbrush botnet story isnโ€™t true.

    Hereโ€™s the original source of the story: https://archive.is/2024.01.30-203406/https://www.luzernerzeitung.ch/wirtschaft/kriminalitaet-die-zahnbuersten-greifen-an-das-sind-die-aktuellen-cybergefahren-und-so-koennen-sie-sich-schuetzen-ld.2569480

    Itโ€™s simply a made up example. It doesnโ€™t exist. It starts talking about NoName Ddosia, too, which also isnโ€™t toothbrushes.

    0x58,

    @GossiTheDog Toothbrush spike!

  • All
  • Subscribed
  • Moderated
  • Favorites
  • โ€ข
  • JUstTest
  • InstantRegret
  • rosin
  • modclub
  • Youngstown
  • khanakhh
  • Durango
  • slotface
  • mdbf
  • cubers
  • GTA5RPClips
  • kavyap
  • DreamBathrooms
  • ngwrru68w68
  • provamag3
  • magazineikmin
  • osvaldo12
  • tester
  • tacticalgear
  • ethstaker
  • Leos
  • thenastyranch
  • everett
  • normalnudes
  • anitta
  • megavids
  • cisconetworking
  • lostlight
  • All magazines
    •