<p>2025-04-26 RDP <a href="/tags/honeypot/" rel="tag">#Honeypot</a> IOCs - 3381 scans<br>Thread with top 3 features in each category and links to the full dataset<br><a href="/tags/dfir/" rel="tag">#DFIR</a> <a href="/tags/infosec/" rel="tag">#InfoSec</a></p><p>Top IPs:<br>161.97.77.37 - 3087<br>138.68.11.85 - 207<br>80.94.95.198 - 24</p><p>Top ASNs:<br>AS51167 - 3087<br>AS14061 - 208<br>AS204428 - 25</p><p>Top Accounts:<br>hello - 3301<br>142.93.8.59 - 38<br>Test - 13</p><p>Top ISPs:<br>Contabo GmbH - 3087<br>DigitalOcean, LLC - 208<br>SS-Net - 25</p><p>Top Clients:<br>Unknown - 3381</p><p>Top Software:<br>Unknown - 3381</p><p>Top Keyboards:<br>Unknown - 3381</p><p>Top IP Classification:<br>hosting - 3102<br>hosting & proxy - 208<br>Unknown - 66</p><p>Pastebin links with full 24-hr RDP Honeypot IOC Lists:<br><a href="https://pastebin.com/jLzEdz8k" rel="nofollow"><span class="invisible">https://</span>pastebin.com/jLzEdz8k</a></p><p><a href="/tags/cybersec/" rel="tag">#CyberSec</a> <a href="/tags/soc/" rel="tag">#SOC</a> <a href="/tags/blueteam/" rel="tag">#Blueteam</a> <a href="/tags/secops/" rel="tag">#SecOps</a> <a href="/tags/security/" rel="tag">#Security</a></p>
infosec
<p>"Implementing Passkeys in Practice - Computerphile" - <a href="https://www.youtube.com/watch?v=lypcC79k-gg" rel="nofollow" class="ellipsis" title="www.youtube.com/watch?v=lypcC79k-gg"><span class="invisible">https://</span><span class="ellipsis">www.youtube.com/watch?v=lypcC7</span><span class="invisible">9k-gg</span></a></p><p><a href="/tags/passkeys/" rel="tag">#passkeys</a> <a href="/tags/programming/" rel="tag">#programming</a> <a href="/tags/2fa/" rel="tag">#2fa</a> <a href="/tags/security/" rel="tag">#security</a> <a href="/tags/infosec/" rel="tag">#infosec</a> <a href="/tags/computerphile/" rel="tag">#computerphile</a></p>
Redis hits a 10.0 Critical on the CVE scale by way of use-after-free to escape the Lua sandbox and allows arbitrary code execution.<br><br><a href="https://www.wiz.io/blog/wiz-research-redis-rce-cve-2025-49844" rel="nofollow" class="ellipsis" title="www.wiz.io/blog/wiz-research-redis-rce-cve-2025-49844"><span class="invisible">https://</span><span class="ellipsis">www.wiz.io/blog/wiz-research-r</span><span class="invisible">edis-rce-cve-2025-49844</span></a><br><br><a href="/tags/redis/" rel="tag">#Redis</a> <a href="/tags/cve/" rel="tag">#CVE</a> <a href="/tags/infosec/" rel="tag">#InfoSec</a> <a href="/tags/lua/" rel="tag">#Lua</a> <a href="/tags/redishell/" rel="tag">#RediShell</a><br>
Edited 181d ago
<p>Senior <a href="/tags/state/" rel="tag">#State</a> Department official sought internal communications with <a href="/tags/journalists/" rel="tag">#journalists</a>, <a href="/tags/european/" rel="tag">#European</a> officials, & Trump <a href="/tags/critics/" rel="tag">#critics</a></p><p><a href="/tags/trump/" rel="tag">#Trump</a> appointee Darren Beattie requested records regarding a large list of high-profile names, organizations, & <a href="/tags/rightwing/" rel="tag">#RightWing</a> buzzwords for a “<a href="/tags/twitterfiles/" rel="tag">#TwitterFiles</a>” style document dump about alleged conservative censorship.</p><p><a href="/tags/law/" rel="tag">#law</a> <a href="/tags/firstamendment/" rel="tag">#FirstAmendment</a> <a href="/tags/freespeech/" rel="tag">#FreeSpeech</a> <a href="/tags/freepress/" rel="tag">#FreePress</a> <a href="/tags/privacy/" rel="tag">#privacy</a> <a href="/tags/infosec/" rel="tag">#InfoSec</a> <a href="/tags/democracy/" rel="tag">#democracy</a> <a href="/tags/revengepolitics/" rel="tag">#RevengePolitics</a> <br><a href="https://www.technologyreview.com/2025/05/01/1115988/senior-state-department-official-sought-internal-communications-with-journalists-european-officials-and-trump-critics/" rel="nofollow" class="ellipsis" title="www.technologyreview.com/2025/05/01/1115988/senior-state-department-official-sought-internal-communications-with-journalists-european-officials-and-trump-critics/"><span class="invisible">https://</span><span class="ellipsis">www.technologyreview.com/2025/</span><span class="invisible">05/01/1115988/senior-state-department-official-sought-internal-communications-with-journalists-european-officials-and-trump-critics/</span></a></p>
Colleagues have implemented TOTP as a second authentication factor on the virtual machines in the data center! 👏<br><br>But they were almost recommending that people use the Google Authenticator app... 😶🌫️<br><br>🇧🇷🇵🇹 Os colegas implantaram TOTP como segundo fator de autenticação nas máquinas virtuais do centro de dados! 👏<br><br>Mas estavam quase recomendando que a galera usasse o aplicativo Google Authenticator... ⛈️<br><br><a href="/tags/infosec/" rel="tag">#InfoSec</a> <a href="/tags/totp/" rel="tag">#TOTP</a> <a href="/tags/security/" rel="tag">#security</a> <a href="/tags/segurança/" rel="tag">#segurança</a> <a href="/tags/bigtech/" rel="tag">#BigTech</a> <a href="/tags/cloud/" rel="tag">#cloud</a> <a href="/tags/nuvem/" rel="tag">#nuvem</a><br>
<p>Exquisite.social is a delightful and innocuous generic Glitch Mastodon server, with a slight focus on technology, privacy and *BSD. We are here to play and make friends in a supportive atmosphere:</p><p><img src="https://neodb.social/media/emoji/social.growyourown.services/Fediverse.png" class="emoji" alt=":Fediverse:" title=":Fediverse:"> <a href="https://exquisite.social" rel="nofollow"><span class="invisible">https://</span>exquisite.social</a></p><p>You can find out more at <a href="https://exquisite.social/about" rel="nofollow"><span class="invisible">https://</span>exquisite.social/about</a> or contact the admin <span class="h-card"><a href="https://exquisite.social/@exquisite" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>exquisite</span></a></span> </p><p><a href="/tags/featuredserver/" rel="tag">#FeaturedServer</a> <a href="/tags/glitchmastodon/" rel="tag">#GlitchMastodon</a> <a href="/tags/glitch/" rel="tag">#Glitch</a> <a href="/tags/technology/" rel="tag">#Technology</a> <a href="/tags/tech/" rel="tag">#Tech</a> <a href="/tags/privacy/" rel="tag">#Privacy</a> <a href="/tags/infosec/" rel="tag">#InfoSec</a> <a href="/tags/bsd/" rel="tag">#BSD</a> <a href="/tags/mastodon/" rel="tag">#Mastodon</a> <a href="/tags/fediverse/" rel="tag">#Fediverse</a> <a href="/tags/freefediverse/" rel="tag">#FreeFediverse</a></p>
Edited 1y ago
<p>Introducing our 2025 keynotes - Alyssa Miller & Bruce Large! <a href="https://pancakescon.com/2025/08/22/introducing-our-2025-keynotes/" rel="nofollow" class="ellipsis" title="pancakescon.com/2025/08/22/introducing-our-2025-keynotes/"><span class="invisible">https://</span><span class="ellipsis">pancakescon.com/2025/08/22/int</span><span class="invisible">roducing-our-2025-keynotes/</span></a> <span class="h-card"><a href="https://infosec.exchange/@alyssam_infosec" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>alyssam_infosec</span></a></span> <a href="/tags/cybersecurity/" rel="tag">#cybersecurity</a> <a href="/tags/cfp/" rel="tag">#cfp</a> <a href="/tags/infosec/" rel="tag">#infosec</a></p>
<p>Following the <a href="/tags/infosec/" rel="tag">#infosec</a> hashtag has been of the worst best decisions I made when I joined the fediverse.</p><p>So. Much. New. Fears. Unlocked.</p>
<p>Pleased to announce the launch of Surveillance Watch, an interactive map and resource that documents the hidden connections within the opaque surveillance industry: <a href="https://www.surveillancewatch.io/" rel="nofollow"><span class="invisible">https://</span>www.surveillancewatch.io/</a> </p><p>By mapping out the intricate web of surveillance companies, their subsidiaries, partners, and financial backers, we hope to expose the enablers fueling this industry's extensive rights violations, ensuring they cannot evade accountability for being complicit in this abuse.</p><p><a href="/tags/privacy/" rel="tag">#Privacy</a> <a href="/tags/surveillance/" rel="tag">#Surveillance</a> <a href="/tags/infosec/" rel="tag">#InfoSec</a></p>
<p>Another of my family members just lost one of their online accounts forever due to a broken phone. And is also having extreme difficulty logging in to their phone company's website.</p><p>Which is why I keep MFA turned off if at all possible.</p><p>MFA was a horrible idea and should never have left the drawing board.</p><p><a href="/tags/cybersecurity/" rel="tag">#cybersecurity</a> <a href="/tags/infosec/" rel="tag">#infosec</a></p>
Edited 133d ago
<p>Which version best conveys the message "ISO 8601. Every over date/time format is inferior"?<br>Based on different versions of the original logo I made multiple attempts. One of them will become a sticker. White on red, Blue on White or White on Blue?</p><p><a href="/tags/iso8601/" rel="tag">#iso8601</a> <a href="/tags/iso8601ultras/" rel="tag">#iso8601ultras</a> <a href="/tags/stickerart/" rel="tag">#stickerart</a> <a href="/tags/39c3/" rel="tag">#39c3</a> <a href="/tags/infosec/" rel="tag">#infosec</a> <a href="/tags/stickers/" rel="tag">#stickers</a> <a href="/tags/bestpractice/" rel="tag">#bestpractice</a></p>
Edited 135d ago
<p>Oh I see the absurdly, negligently insecure Tea app is now getting the "hackers hacked" treatment, so that it can comfortably deflect blame to some unspecified scary hackers?</p><p>Cool, cool.</p><p>*takes out a bullhorn*</p><p>📢 Tea kept drivers license photos of thousands of women in an unprotected Google Firebase storage bucket.</p><p>📢 Centering "hackers" means helping let those responsible for the horrendous negligence at Tea off the hook.</p><p>👏 There is no "hack", only other people's negligence.</p><p><a href="/tags/infosec/" rel="tag">#InfoSec</a> <a href="/tags/tea/" rel="tag">#Tea</a></p>
<p>I recently found out that my department at work is being shut down, so I'm looking for a new position!</p><p>I spent the last 6 years building advanced security assessment capabilities around hardware/IoT, industrial, marine OT, and x86 platforms. Before that I spent 5 years as a pentester. I excel at weird and novel stuff where there's no template.</p><p>I'm based in the UK and I'm looking for a remote full-time role.</p><p>CV: <a href="https://poly.nomial.co.uk/graham_sutherland.pdf" rel="nofollow" class="ellipsis" title="poly.nomial.co.uk/graham_sutherland.pdf"><span class="invisible">https://</span><span class="ellipsis">poly.nomial.co.uk/graham_suthe</span><span class="invisible">rland.pdf</span></a></p><p>Thanks!</p><p><a href="/tags/getfedihired/" rel="tag">#getfedihired</a> <a href="/tags/fedihire/" rel="tag">#fedihire</a> <a href="/tags/fedihired/" rel="tag">#fedihired</a> <a href="/tags/infosec/" rel="tag">#infosec</a></p>
<p>Did you know Deloitte has a free job simulator?</p><p>Did you know I have a <a href="/tags/blog/" rel="tag">#blog</a> ?</p><p>Did you know... Idk, new post (This one isn't a CTF writeup) xoxo</p><p><a href="https://ligniform.blog/posts/deloitte/" rel="nofollow"><span class="invisible">https://</span>ligniform.blog/posts/deloitte/</a></p><p><a href="/tags/infosec/" rel="tag">#infosec</a> <a href="/tags/cybersecurity/" rel="tag">#cybersecurity</a></p>
<p>Unbelievable</p><p><a href="/tags/elonmusk/" rel="tag">#ElonMusk</a>’s US <a href="/tags/doge/" rel="tag">#DOGE</a> Service are feeding sensitive data into <a href="/tags/ai/" rel="tag">#AI</a> software via <a href="/tags/microsoft/" rel="tag">#Microsoft</a>’s <a href="/tags/cloud/" rel="tag">#cloud</a></p><p><a href="/tags/musk/" rel="tag">#Musk</a>’s US <a href="/tags/doge/" rel="tag">#DOGE</a> Service have fed sensitive data from across the <a href="/tags/education/" rel="tag">#Education</a> Dept into <a href="/tags/artificialintelligence/" rel="tag">#ArtificialIntelligence</a> software to probe the agency’s programs & spending….
The AI probe includes data w/personally identifiable info for people who manage grants, & sensitive internal financial data…</p><p><a href="/tags/law/" rel="tag">#law</a> <a href="/tags/security/" rel="tag">#security</a> <a href="/tags/infosec/" rel="tag">#InfoSec</a> <a href="/tags/cybersecurity/" rel="tag">#CyberSecurity</a> <a href="/tags/nationalsecurity/" rel="tag">#NationalSecurity</a> <a href="/tags/trump/" rel="tag">#Trump</a> <a href="/tags/trumpcoup/" rel="tag">#TrumpCoup</a><br><a href="https://www.washingtonpost.com/nation/2025/02/06/elon-musk-doge-ai-department-education/" rel="nofollow" class="ellipsis" title="www.washingtonpost.com/nation/2025/02/06/elon-musk-doge-ai-department-education/"><span class="invisible">https://</span><span class="ellipsis">www.washingtonpost.com/nation/</span><span class="invisible">2025/02/06/elon-musk-doge-ai-department-education/</span></a></p>
I submitted a Pull Request to update MacPorts' OpenSSH to 9.9p2 here:<br><br><a href="https://github.com/macports/macports-ports/pull/27712" rel="nofollow" class="ellipsis" title="github.com/macports/macports-ports/pull/27712"><span class="invisible">https://</span><span class="ellipsis">github.com/macports/macports-p</span><span class="invisible">orts/pull/27712</span></a><br><br>GitHub Continuous Integration checks are running. Hopefully they will be OK (Update 2 out of 3 have completed successfully, which is a good sign).<br><br>I tested locally without issues, but I also build against LibreSSL locally, whereas GitHub CI and MacPorts' Build Bots I think default to OpenSSL.<br><br>This release is to address some vulnerabilities identified by Qualys and other less critical bugs.<br><br>More details from upstream here:<br><br><a href="https://www.openssh.com/releasenotes.html#9.9p2" rel="nofollow" class="ellipsis" title="www.openssh.com/releasenotes.html#9.9p2"><span class="invisible">https://</span><span class="ellipsis">www.openssh.com/releasenotes.h</span><span class="invisible">tml#9.9p2</span></a><br><br>Of particular note:<br><br>" Fix CVE-2025-26465 - ssh(1) in OpenSSH versions 6.8p1 to 9.9p1<br>(inclusive) contained a logic error that allowed an on-path<br>attacker (a.k.a MITM) to impersonate any server when the<br>VerifyHostKeyDNS option is enabled. This option is off by default.<br><br>* Fix CVE-2025-26466 - sshd(8) in OpenSSH versions 9.5p1 to 9.9p1<br>(inclusive) is vulnerable to a memory/CPU denial-of-service related<br>to the handling of SSH2MSGPING packets. This condition may be<br>mitigated using the existing PerSourcePenalties feature.<br><br>Both vulnerabilities were discovered and demonstrated to be exploitable<br>by the Qualys Security Advisory team. We thank them for their detailed<br>review of OpenSSH."<br><br>If I read everything correctly, these vulnerabilities primarily only impact the Portable OpenSSH releases (which is what MacPorts uses). However, OpenBSD has also issued the following errata to mitigate one of the issues as it also appears to impact OpenBSD users:<br><br>"008: SECURITY FIX: February 18, 2025 All architectures<br>sshd(8) denial of service relating to SSH2MSGPING handling. ssh(1) server impersonation when VerifyHostKeyDNS enabled.<br>A source code patch exists which remedies this problem."<br><br>Source code patch for OpenBSD here:<br><br><a href="https://ftp.openbsd.org/pub/OpenBSD/patches/7.6/common/008_ssh.patch.sig" rel="nofollow" class="ellipsis" title="ftp.openbsd.org/pub/OpenBSD/patches/7.6/common/008_ssh.patch.sig"><span class="invisible">https://</span><span class="ellipsis">ftp.openbsd.org/pub/OpenBSD/pa</span><span class="invisible">tches/7.6/common/008_ssh.patch.sig</span></a><br><br>Having written as much, it appears as if the main OpenSSH version for OpenBSD is still 9.9, so I am not going to make a submission for undeadly.org Other editors reading this are welcome to though, I just kind of have a lot of other stuff on my plate at present.<br><br>As usual, I also have too much going on in my life to want more responsibilities such as commit access within MacPorts, so it's up to someone else to merge it.<br><br>Update <a href="/tags/2/" rel="tag">#2</a>: I also decided to be a good Samaritan and reported the issue to Apple. Not that they have ever acknowledged my efforts for such things nor paid me from their bug bounty program in years of doing similar things. Because, OFC, Apple can't spare a penny to anyone like me. Maybe Qualys already reported it to them anyway (though they would have no obligation to do so, they did find the vulns and reported them upstream as would be expected).<br><br><a href="/tags/openssh/" rel="tag">#OpenSSH</a> <a href="/tags/macports/" rel="tag">#MacPorts</a> <a href="/tags/secureshell/" rel="tag">#SecureShell</a> <a href="/tags/infosec/" rel="tag">#InfoSec</a> <a href="/tags/cryptography/" rel="tag">#Cryptography</a> <a href="/tags/security/" rel="tag">#Security</a> <a href="/tags/cve/" rel="tag">#CVE</a> <a href="/tags/patchtuesday/" rel="tag">#PatchTuesday</a> <a href="/tags/opensource/" rel="tag">#OpenSource</a> <a href="/tags/openbsd/" rel="tag">#OpenBSD</a> <a href="/tags/macos/" rel="tag">#macOS</a><br>
Edited 1y ago
<p>Remarkable investigation into Telegram by IStories (in Russian):<br><a href="https://www.istories.media/stories/2025/06/10/kak-telegram-svyazan-s-fsb/" rel="nofollow" class="ellipsis" title="www.istories.media/stories/2025/06/10/kak-telegram-svyazan-s-fsb/"><span class="invisible">https://</span><span class="ellipsis">www.istories.media/stories/202</span><span class="invisible">5/06/10/kak-telegram-svyazan-s-fsb/</span></a></p><p>English version by OCCRP:<br><a href="http://www.occrp.org/en/investigation/telegram-the-fsb-and-the-man-in-the-middle" rel="nofollow" class="ellipsis" title="www.occrp.org/en/investigation/telegram-the-fsb-and-the-man-in-the-middle"><span class="invisible">http://</span><span class="ellipsis">www.occrp.org/en/investigation</span><span class="invisible">/telegram-the-fsb-and-the-man-in-the-middle</span></a></p><p>tl;dr:</p><p>👉 Telegram uses a single company with ties to the Russian FSB as their sole infrastructure provider, globally.</p><p>👉 Combined with a cleartext device identifier Telegram's protocol requires to be prepended to all encrypted messages, this allows for global surveillance of Telegram users.</p><p>I am quoted in this story.</p><p><a href="/tags/telegram/" rel="tag">#Telegram</a> <a href="/tags/infosec/" rel="tag">#InfoSec</a> <a href="/tags/privacy/" rel="tag">#Privacy</a></p>
<p>Even though <a href="/tags/signal/" rel="tag">#Signal</a> *itself* has sound security - taken in isolation - it's always moored in an ecosystem (that of smartphones which run <a href="/tags/ios/" rel="tag">#iOS</a> or <a href="/tags/android/" rel="tag">#Android</a>) which, by default, have <a href="/tags/ai/" rel="tag">#AI</a> set up to shoulder-surf Signal, sending reports back to the mothership. In <a href="/tags/ios/" rel="tag">#iOS</a>, that AI is called "<a href="/tags/apple/" rel="tag">#Apple</a> Intelligence", and in <a href="/tags/android/" rel="tag">#Android</a>, it's called <a href="/tags/google/" rel="tag">#Google</a> Assistant. Repeat, these are on by default. *Only a small percentage of your family, friends, colleagues, and fellow country-persons will pain-stakingly disable these.*</p><p>Sure, Signal itself is secure by default, but "a chain is only as strong as its weakest link". And the weakest link is the ecosystem which Signal is moored in - that of smartphones policed and patrolled by AI, which report back to their respective motherships *in a strong majority of cases*.</p><p>Alternatives like <a href="/tags/deltachat/" rel="tag">#Deltachat</a> (for normies willing to open their wallets/purses to rent an auto-crypt-compatible email address) and <a href="/tags/xmpp/" rel="tag">#XMPP</a> (easily free to use, however realistic and mature only for non-iOS/<a href="/tags/macos/" rel="tag">#MacOS</a>-users at present) have comparable E2E encryption. Deltachat and XMPP *don't* require smart-phone "moorings" - thereby making it much more realistic to dodge the almost-pervasively AI-patrolled ecosystems.</p><p><a href="/tags/infosec/" rel="tag">#infosec</a></p>
Edited 1y ago
<p>My previous intro post was a few years old, so behold, new intro post:</p><p>Mike. Live in the Seattle area having grown up in the UK as a full blown British. Have a wife (incredible), child (boy), and three dogs (golden retriver/cream retriver/fuck knows).</p><p>I work in information security, something I have done for about 20 years. By day I run corporate security, enterprise IT and various other bits and pieces for an EV charging startup. I am big into EV's and currently drive one that is not a Tesla. I want an electric motorbike, so if anyone has a spare one please send it.</p><p>I also have a company of my own, Secure Being (<a href="https://securebeing.com" rel="nofollow"><span class="invisible">https://</span>securebeing.com</a>), which does pen testing and digital forensic work - it's my way of staying super hands on while still doing the management bits on the career path.</p><p>I have written books about information security things. Five of them. Two are non-fiction textbooks, and three are fiction based on real world <a href="/tags/infosec/" rel="tag">#infosec</a> things. Check out <a href="https://infosecdiaries.com" rel="nofollow"><span class="invisible">https://</span>infosecdiaries.com</a> and your local bookstore to find them, just search for my name. I have been trying to write more stuff, but always seem to find myself distracted by other things, such as work. linktr.ee/secureowl has some mini stories I've written.</p><p>I love radio and everything RF. I have lots of antennas and various scanners and radios on my desk. I love intercepting and decoding things, like digital radio protocols.</p><p>I am a big aviation nerd. I always wanted to be a commercial pilot. I gained my private pilots license in the UK at 17, all self funded by my employment at the local Safeway/Morrisons store. I did the sim test and commercial assessments, but for some reason, at 18, I was unable to find the £100k needed to complete the commercial training, so I did computers. But do not worry, because those computers and love of aviation and radio/RF combined, and I run a project called ACARS Drama. <a href="https://acarsdrama.com" rel="nofollow"><span class="invisible">https://</span>acarsdrama.com</a> has all the details.</p><p>I play guitar and am a big guitar/audio nerd as well. I record music under the moniker Operation: Anxiety, <a href="https://operationanxiety.com" rel="nofollow"><span class="invisible">https://</span>operationanxiety.com</a> - the music is on all the normal places. </p><p>Finally, I am a massive fan of motorsport. I believe I have watched every F1 race for the last 30 years, maybe 25. I also follow F2, FE, Indycar and MotoGP closely. I average around 18 hours of Le Mans 24 hour racing watching per year.</p><p>So there you have it. If you are looking for a thought leader on the topics mentioned above, you've come to the wrong place - because this is where I shitpost, and shitposting is cheap therapy.</p><p><a href="/tags/infosec/" rel="tag">#infosec</a> <a href="/tags/dfir/" rel="tag">#dfir</a> <a href="/tags/pentesting/" rel="tag">#pentesting</a> <a href="/tags/acars/" rel="tag">#acars</a> <a href="/tags/vdlm2/" rel="tag">#vdlm2</a> <a href="/tags/sdr/" rel="tag">#sdr</a> <a href="/tags/rf/" rel="tag">#rf</a> <a href="/tags/f1/" rel="tag">#f1</a> <a href="/tags/seattle/" rel="tag">#seattle</a> <a href="/tags/introduction/" rel="tag">#introduction</a></p>
Comecei escrevendo aqui, mas, como acabou ficando extenso demais, achei melhor tornar mais perene e publicar no blogue:<br><br>A dificuldade de educar usuários contra "phishing" causada pelas instituições<br><br><a href="https://blog.ayom.media/daltux/a-dificuldade-de-educar-usuarios-contra-phishing-causada-pelas-instituicoes" rel="nofollow" class="ellipsis" title="blog.ayom.media/daltux/a-dificuldade-de-educar-usuarios-contra-phishing-causada-pelas-instituicoes"><span class="invisible">https://</span><span class="ellipsis">blog.ayom.media/daltux/a-dific</span><span class="invisible">uldade-de-educar-usuarios-contra-phishing-causada-pelas-instituicoes</span></a><br><br>🤷 Quem envia mensagens mal intencionadas deita e rola mesmo! <img src="https://neodb.social/media/emoji/snac.daltux.net/takeMyMoney.png" class="emoji" alt=":takeMyMoney:" title=":takeMyMoney:"> :ciladaBino:<br><br><img src="https://neodb.social/media/emoji/snac.daltux.net/fsociety.png" class="emoji" alt=":fsociety:" title=":fsociety:"> Sinceramente, três palavas me vêm à mente quando vejo essa situação, e não são publicáveis! 🗯️<br><br><a href="/tags/phishing/" rel="tag">#phishing</a> <a href="/tags/infosec/" rel="tag">#infoSec</a> <a href="/tags/segurança/" rel="tag">#segurança</a> <a href="/tags/privacidade/" rel="tag">#privacidade</a> <a href="/tags/email/" rel="tag">#email</a> <a href="/tags/golpes/" rel="tag">#golpes</a><br>
Edited 1y ago
<p>Great, informative writeup of Cryptographic Gotchas: <a href="https://gotchas.salusa.dev/" rel="nofollow"><span class="invisible">https://</span>gotchas.salusa.dev/</a></p><p>Lots of fantastic references and links in there, too.</p><p><a href="/tags/cryptography/" rel="tag">#cryptography</a> <a href="/tags/crypto/" rel="tag">#crypto</a> <a href="/tags/security/" rel="tag">#security</a> <a href="/tags/infosec/" rel="tag">#infosec</a></p>
<p>Back on my boring post grind to document my learning. </p><p>New <a href="/tags/blog/" rel="tag">#Blog</a> post going through a <a href="/tags/tryhackme/" rel="tag">#TryHackMe</a> challenge. This time detecting two different attack types with snort!</p><p><a href="https://ligniform.blog/posts/snort-live-attacks/" rel="nofollow" class="ellipsis" title="ligniform.blog/posts/snort-live-attacks/"><span class="invisible">https://</span><span class="ellipsis">ligniform.blog/posts/snort-liv</span><span class="invisible">e-attacks/</span></a></p><p>💜 🌱 </p><p><a href="/tags/infosec/" rel="tag">#InfoSec</a> <a href="/tags/learning/" rel="tag">#Learning</a> <a href="/tags/cybersecurity/" rel="tag">#CyberSecurity</a> <a href="/tags/blueteam/" rel="tag">#BlueTeam</a> <a href="/tags/hacking/" rel="tag">#Hacking</a></p>
<p>Passkeys. 👀 </p><p><img src="https://neodb.social/media/emoji/mstdn.social/boost_ok.png" class="emoji" alt=":boost_ok:" title=":boost_ok:"> </p><p><a href="/tags/infosec/" rel="tag">#InfoSec</a></p>
<div class="poll">
<h3 style="display: none;">Options: <small>(choose one)</small></h3>
<ul>
<li>
<label class="poll-option">
<input style="display:none" name="vote-options" type="radio" value="0">
<span class="poll-number" title="108 votes">26%</span>
<span class="poll-option-text">I don't know (enough) about them</span>
</label>
</li>
<li>
<label class="poll-option">
<input style="display:none" name="vote-options" type="radio" value="0">
<span class="poll-number" title="178 votes">42%</span>
<span class="poll-option-text">I know about them, but don't use them</span>
</label>
</li>
<li>
<label class="poll-option">
<input style="display:none" name="vote-options" type="radio" value="0">
<span class="poll-number" title="54 votes">13%</span>
<span class="poll-option-text">I use them, but find them confusing</span>
</label>
</li>
<li>
<label class="poll-option">
<input style="display:none" name="vote-options" type="radio" value="0">
<span class="poll-number" title="82 votes">19%</span>
<span class="poll-option-text">I use them and find not them confusing</span>
</label>
</li>
</ul>
<div class="poll-footer">
<span class="vote-total">422 votes</span>
—
<span class="vote-end">Ended 1y ago</span>
<span class="todo">Polls are currently display only</span>
</div>
</div>
Edited 1y ago
My debit card's "fraud protection":<br><br>1. Regularly flags payments to subscription services as potential fraud even though I've used them for years, paying with the same debit card, and in spite of the fact that I've indicated many times that I trust these services; and<br>2. Has never identified a real instance of fraud<br><br>Whatever they're doing to detect potential fraud, it has a large false positive rate and does not seem adaptive (at least in my case). It's especially odd to me that this bank asks if I've authorized transactions it flagged as potentially fraudulent, I indicate no, this is not fraud, and yet the system continues to flag transactions with the same vendor as potentially fraudulent. I'm giving it a reinforcement signal that couldn't be more clear!<br><br>Edit: this post is not a request for banking or financial advice, nor an invitation to critique my choices. I'm venting about what seems to be a poor algorithm and if you have any comments or insights into that particular topic I'm happy to hear them.<br><br><a href="/tags/debitcard/" rel="tag">#DebitCard</a> <a href="/tags/banking/" rel="tag">#banking</a> <a href="/tags/fraud/" rel="tag">#fraud</a> <a href="/tags/fraudprotection/" rel="tag">#FraudProtection</a> <a href="/tags/frauddetection/" rel="tag">#FraudDetection</a> <a href="/tags/cybersecurity/" rel="tag">#cybersecurity</a> <a href="/tags/infosec/" rel="tag">#InfoSec</a><br>
Edited 273d ago
<p>A federal Judge Denise Cote in NY rejected the <a href="/tags/trump/" rel="tag">#Trump</a> admin’s effort to dismiss lawsuit alleging <a href="/tags/doge/" rel="tag">#DOGE</a> directed a massive breach of <a href="/tags/opm/" rel="tag">#OPM</a> data affecting millions of people.</p><p><a href="/tags/law/" rel="tag">#law</a> <a href="/tags/infosec/" rel="tag">#InfoSec</a> <a href="/tags/nationalsecurity/" rel="tag">#NationalSecurity</a> <br><a href="https://storage.courtlistener.com/recap/gov.uscourts.nysd.636793/gov.uscourts.nysd.636793.72.0.pdf" rel="nofollow" class="ellipsis" title="storage.courtlistener.com/recap/gov.uscourts.nysd.636793/gov.uscourts.nysd.636793.72.0.pdf"><span class="invisible">https://</span><span class="ellipsis">storage.courtlistener.com/reca</span><span class="invisible">p/gov.uscourts.nysd.636793/gov.uscourts.nysd.636793.72.0.pdf</span></a></p>