adulau

@adulau@infosec.exchange

Enjoy when humans are using machines in unexpected ways. I break stuff and I do stuff.

The other side is at https://paperbay.org/@a (photography, art and free software at large)

#infosec #opensource #threatintelligence #fedi22 #threatintel

This profile is from a federated server and may be incomplete. Browse more on the original instance.

RL_Dane, (edited ) to random
@RL_Dane@fosstodon.org avatar

Dear @mozilla
Please, please, please put the RSS indicator back in Firefox.

People need to know about this technology which empowers users over greedy, controlling corporations.

Update: As many have pointed out, you can use @thunderbird as an RSS feed reader, and there are many add-ons to restore the RSS indicator (one of which I'm already using). But my point is that Firefox needs to lean into RSS as an answer to all the crap that is the modern web, and help educate users about it

a, to RSS
@a@paperbay.org avatar

As 2024 marks the resurgence of RSS and Atom, I decided to update my rudimentary RSS tools from 2007 to make them contemporary and works under Python 3. The release v1.0 marks this step and allow everyone to use and improve the RSS toolset.

🔗 GitHub https://github.com/adulau/rss-tools

#rss #opensource #atom #open #rsstools #federated #unix

SecurityWriter, to random

Not to be the “what are they teaching kids at school these days” guy. But I have two digital forensics/cyber security post grads on my team, and I had to give them the birds and the bees talk (networking and DNS).

I’m happy to of course, you don’t learn by not asking, but it was a revelation to them.

Both are more ‘qualified’ than me, but had no clue further than what an IP address does.

a,
@a@paperbay.org avatar

@SecurityWriter I have the same experience. As an example, I gave them some CTI courses and they are blown away when I show the use of the routing analysis from TTL to BGP peering to explain how an adversary infrastructure operates. It seems they had more sessions about policy, risk assessment and legal than actually the basis of operating system and networking.

bert_hubert, to random
@bert_hubert@fosstodon.org avatar

"To be good with technology requires actually doing technology" - it is so sad that we have to point this out today. You can't outsource all the things you do and assume you'll continue to be in control of what you do. (from https://www.techpolicy.press/the-dangers-of-moving-key-internet-governance-functions-to-amazons-cloud-the-case-of-the-netherlands/)

jtk, (edited )

@adulau @bert_hubert Years ago the head of the NCSA security team gave a guest security lecture to a grad class I had. He said he liked to hire people with backgrounds in this order of preference:

  1. networking
  2. system administration
  3. security (e.g., firewall admins)
circl, to infosec
@circl@social.circl.lu avatar

A out-of-bounds write vulnerability [CWE-787] in FortiOS may allow a remote unauthenticated attacker to execute arbitrary code or command via specially crafted HTTP requests.

"Workaround : disable SSL VPN (disable webmode is NOT a valid workaround)"

🔗 https://www.fortiguard.com/psirt/FG-IR-24-015

#fortinet #vulnerability #infosec

sillon_fictionnel, to art

🎨 📚 Quel plaisir. Lire les lettres entre Nicolas De Staël et René Char, est une plongée dans les années raisonnables. Une époque où le temps n’était pas compté, on échange des lettres et on espère avoir une réponse dans le mois si tout va bien. Cette correspondance éclaire nos curiosités sur le processus artistique.

🔗 chronique https://sillon-fictionnel.club/post/nicolas-rene/

#chronique #lecture #livre #nicolasdestael #art #peinture #critique #chronique #culture

misp, to opensource

MISP 2.4.184 released with performance improvements, security and bugs fixes.

https://misp-project.org/2024/02/06/MISP.2.4.184.released.html/

Don't forget to update. It's easy, it's not a VPN gateway to update ;-)

https://www.misp-project.org/2024/02/06/MISP.2.4.184.released.html/

circl, to privacy
@circl@social.circl.lu avatar

Pandora is an analysis framework designed to determine if a file is suspicious, conveniently displaying the results. Pandora provides a user-friendly content preview interface for large documents, including a preview of the metadata. This allows users to view files without the need to open them locally and don't put their computer at risk.

🔗 https://www.circl.lu/services/pandora-document-analysis/

#privacy #infosec #malicious

a, to Futurology
@a@paperbay.org avatar

Very cool research and work from @CoolSWEng alexandria3k which includes a local access to openly-available publication data sets.

The database is huge huge but you have a set of tools to populate and access the dataset for your researches.

🔗 source https://github.com/dspinellis/alexandria3k
🔗 documentation https://dspinellis.github.io/alexandria3k/

a, to freesoftware
@a@paperbay.org avatar

So the CRA is becoming even a more a complex beast for the open source communities, so sponsorship is going there too and then applicable to CRA...

Open source should have been totally excluded which would have forced vendors to go for open source.

#freesoftware #fosdem #cra #legal

Daojoan, to random
@Daojoan@mastodon.social avatar

Modern work:

you get a message in Slack with a link to the Confluence doc to prep for the meeting on Zoom, where you take notes in Notion, and track project progress on Monday and then update the Trello and you get to the end of the week and instead of doing fucking anything you've just moved bits of information around in 17 different databases and each one costs $15 a month per user...

MastodonEngineering, to random
@MastodonEngineering@mastodon.social avatar

We just released critical security patches for versions 4.1, 4.2, nightly, and the already discontinued 3.5 and 4.0.

If you are using nightly, you can upgrade to the 4.3.0-nightly.2024-02-02-security tag to get the patch.

Please upgrade as soon as possible!

a, to art
@a@paperbay.org avatar

On avait un petit club de lecture dans un groupe Signal et puis c’est devenu est un peu plus grand avec pas mal de critiques culturelles… Alors un site web avec nos critiques est maintenant disponible. Tout est libre, sans pub. On a aussi un compte Mastodon.

🕸️ https://sillon-fictionnel.club
🐘 @sillon_fictionnel

#culture #book #livre #libre #art

circl, to opensource
@circl@social.circl.lu avatar

Cybersecurity Unites Across Borders - FETTA (Federated European Team for Threat Analysis) Project Launched to Strengthen EU Cyber Threat Intelligence

🔗 https://www.circl.lu/pub/press/20240131/

@misp

circl, to random
@circl@social.circl.lu avatar

New Mitigations to Defend Against Exploitation of Ivanti Connect Secure and Policy Secure Gateways

"Threat actors are continuing to leverage vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways to capture credentials and/or drop webshells that enable further compromise of enterprise networks. "

#Ivanti #CISA #vulnerability

🔗 https://www.cisa.gov/news-events/alerts/2024/01/30/new-mitigations-defend-against-exploitation-ivanti-connect-secure-and-policy-secure-gateways

MastodonEngineering, to random
@MastodonEngineering@mastodon.social avatar

We are planning to release critical security patches for versions 3.5, 4.1, 4.2 and nightly this Thursday, Feb 01, at 15:00 UTC. We encourage server administrators to plan for a timely upgrade to ensure their Mastodon server is protected.

d3tm4r, to random

SSO without a second factor like TOTP is a grossly underrated security risk.

Change my mind!

hackingump1, to infosec

In July 2023, we reacted to an attempt to load a driver named pskmad_64.sys. This led to the discovery of three CVEs in the widely used security driver used by many Panda Security products:

https://news.sophos.com/en-us/2024/01/25/multiple-vulnerabilities-discovered-in-widely-used-security-driver/

List of CVEs also on my personal website: https://malwareandstuff.com/vulnerability-research/

rh0main, to random

LIEF v0.14.0 is out!

https://lief-project.github.io/blog/2024-01-20-lief-0-14-0/

ail_project, to opensource

Enhancing Daily Operations for Analysts with Open Source Tools: The AIL Project.

Video from @leHACK has been released.

🔗 Video https://www.youtube.com/watch?v=PwxtAWtnoF4
🔗 https://github.com/ail-project
🔗 https://www.ail-project.org/

misp, to opensource

Bridging the Gap: Introducing MISP Airgap for Secure Environments

🔗 https://www.misp-project.org/2024/01/12/MISP-airgap.html/
🔗 https://github.com/MISP/misp-airgap

#misp #opensource #airgap #threatintelligence #infosec

shadowserver, to random

We are starting regular reporting of ransomware victims (published by ransomware actors on their public data leak sites) to National CSIRTs & LE agencies subscribed to our daily feeds - https://shadowserver.org/what-we-do/network-reporting/ransomware-victim-report/

Reports enabled as part of EU ISF MISP-LEA project: https://misp-lea.org (project in collaboration with @circl )

shadowserver, to random

We are sharing out a Special Report on Compromised SSH hosts detected through leakage of malicious public SSH keys placed on them by attackers: https://shadowserver.org/what-we-do/network-reporting/compromised-ssh-host-special/

3327 compromised hosts detected on IPv4/IPv6 using this methodology.

For background: https://rushter.com/blog/public-ssh-keys/

Top countries affected: US (535), Germany (486), Netherlands (333).

If you receive such a report for your network/constituency, make sure to investigate!

Note: Data sourced through an external trusted partner.

image/png

shadowserver,

Heads up! We are sharing out a second Special Report on Compromised SSH hosts detected through leakage of malicious public SSH keys placed on them by attackers: https://shadowserver.org/what-we-do/network-reporting/compromised-ssh-host-special/

This time 10020 compromised hosts found. Top countries US (3K), China (2.9K), Singapore (423)

If you receive a report from us on compromised IPs in your network/constituency make sure to investigate (check for wider compromise) & remediate!

Data shared in collaboration with an external partner.

image/png

  • All
  • Subscribed
  • Moderated
  • Favorites
  • JUstTest
  • mdbf
  • ngwrru68w68
  • tester
  • magazineikmin
  • thenastyranch
  • rosin
  • khanakhh
  • InstantRegret
  • Youngstown
  • slotface
  • Durango
  • kavyap
  • DreamBathrooms
  • megavids
  • tacticalgear
  • osvaldo12
  • normalnudes
  • cubers
  • cisconetworking
  • everett
  • GTA5RPClips
  • ethstaker
  • Leos
  • provamag3
  • anitta
  • modclub
  • lostlight
  • All magazines
    •