Public
- Public
- Network
- Groups
- Popular
- People

infosec (infosec) group

zorak (zorak@social.ilikefreedom.ro)'s status on Saturday, 02-Mar-2019 12:59:16 EST zorak
- infosec
Just remember, if it has the extra word "Enterprise" in it, it's probably an insecure, convoluted, undocumented, slow, etc. version of the original...

#ETS Isn't #TLS and You Shouldn't Use It https://www.eff.org/deeplinks/2019/02/ets-isnt-tls-and-you-shouldnt-use-it !infosec
In conversation Saturday, 02-Mar-2019 12:59:16 EST from social.ilikefreedom.ro permalink
Attachments
1. ETS Isn't TLS and You Shouldn't Use It
  
  from Electronic Frontier Foundation
  
  The good news: TLS 1.3 is available, and the protocol, which powers HTTPS and many other encrypted communications, is better and more secure than its predecessors (including SSL). The bad news: Thanks to a financial industry group called BITS, there’s a look-alike protocol brewing called called ETS...
zorak (zorak@social.ilikefreedom.ro)'s status on Tuesday, 29-Jan-2019 05:39:32 EST zorak
in reply to
- infosec
- zorak
https://pisilinux.org is #cringy as fuck. Here's what I mean: "The virus is not a problem. There's no need to check the files you download from the Internet." !infosec

In conversation Tuesday, 29-Jan-2019 05:39:32 EST from social.ilikefreedom.ro permalink
zorak (zorak@social.ilikefreedom.ro)'s status on Tuesday, 15-Jan-2019 03:10:19 EST zorak
- infosec
#scp client multiple #vulnerabilities https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt https://news.ycombinator.com/item?id=18909289 !infosec

In conversation Tuesday, 15-Jan-2019 03:10:19 EST from social.ilikefreedom.ro permalink
zorak (zorak@social.ilikefreedom.ro)'s status on Sunday, 06-Jan-2019 16:00:20 EST zorak
- infosec
!Chess #Steganography https://incoherency.co.uk/chess-steg/ https://news.ycombinator.com/item?id=18840192 !infosec

In conversation Sunday, 06-Jan-2019 16:00:20 EST from social.ilikefreedom.ro permalink
zorak (zorak@social.ilikefreedom.ro)'s status on Tuesday, 14-Aug-2018 05:49:01 EDT zorak
- infosec
Faxploit: Sending #Fax Back to the Dark Ages https://research.checkpoint.com/sending-fax-back-to-the-dark-ages/ !infosec
In conversation Tuesday, 14-Aug-2018 05:49:01 EDT from social.ilikefreedom.ro permalink
Attachments
1. File without filename could not get a thumbnail source.
  
  Faxploit: Sending Fax Back to the Dark Ages - Check Point Research
  
  from Check Point Research
  
  Research By: Eyal Itkin and Yaniv Balmas Fax, the brilliant technology that lifted mankind out the dark ages of mail delivery when only the postal service and carrier pigeons were used to deliver a physical message from a sender to a receiver. Technology wise, however, that was a long time ago. Today we are light... Click to Read More
@mcscx2@quitter.no (mcscx2@quitter.no)'s status on Sunday, 10-Jun-2018 06:28:35 EDT @mcscx2@quitter.no
- infosec
- hoergen on Friendica
@hoergen allerdings: auch sofern ein Ausschaltknopf da ist weiß man trotzdem nicht, ob das Gerät (z. B. iPhone) wirklich aus ist. Zum Beispiel könnte ein Mobiltelefon 1x täglich (unauffällig, ohne Display) hochfahren und schauen, ob es Anweisungen des Herstellers herunterzuladen gibt und sich wieder ausschalten.
Es werden ja schon lange keine die-Stromversorgung-physisch-trennenden Schalter mehr verwendet. !infosec

In conversation Sunday, 10-Jun-2018 06:28:35 EDT from quitter.no permalink
kaveh (kaveh@mblog.kavehmoravej.com)'s status on Friday, 02-Mar-2018 17:43:18 EST kaveh
- infosec
Trustico's website was vulnerable to a trivial shell command substitution injection, running as uid=0

https://arstechnica.com/information-technology/2018/03/trustico-website-goes-dark-after-someone-drops-critical-flaw-on-twitter/

!infosec !security
In conversation Friday, 02-Mar-2018 17:43:18 EST from mblog.kavehmoravej.com permalink
Attachments
1. Trustico website goes dark after someone drops critical flaw on Twitter
  
  from Ars Technica
  
  Outage comes a day after CEO admitted emailing private keys for 23k HTTPS certs.
kaveh (kaveh@mblog.kavehmoravej.com)'s status on Tuesday, 27-Feb-2018 16:51:29 EST kaveh
- infosec
Harpoon - a tool to automate threat intelligence and open source intelligence tasks.

https://www.randhome.io/blog/2018/02/23/harpoon-an-osint-/-threat-intelligence-tool/

!infosec !security
In conversation Tuesday, 27-Feb-2018 16:51:29 EST from mblog.kavehmoravej.com permalink
Attachments
1. File without filename could not get a thumbnail source.
  
  Harpoon: an OSINT / Threat Intelligence tool · Tek's blog
  
  from Tek's blog
kaveh (kaveh@mblog.kavehmoravej.com)'s status on Friday, 23-Feb-2018 07:42:32 EST kaveh
- infosec
Automated Twitter phishing tool.

https://github.com/omergunal/PoT

!infosec !security
In conversation Friday, 23-Feb-2018 07:42:32 EST from mblog.kavehmoravej.com permalink
Attachments
1. omergunal/PoT
  
  from GitHub
  
  PoT - Phishing on Twitter
kaveh (kaveh@mblog.kavehmoravej.com)'s status on Friday, 23-Feb-2018 07:33:26 EST kaveh
- infosec
PinMe, a novel user-location mechanism that exploits non-sensory/sensory data stored on the smartphone, e.g., the environment's air pressure, along with publicly-available auxiliary information, e.g., elevation maps, to estimate the user's location when all location services, e.g., GPS, are turned off.

https://arxiv.org/abs/1802.01468

!infosec !security

In conversation Friday, 23-Feb-2018 07:33:26 EST from mblog.kavehmoravej.com permalink
kaveh (kaveh@mblog.kavehmoravej.com)'s status on Friday, 16-Feb-2018 14:37:43 EST kaveh
- infosec
SSH-Audit, checks your SSH config and suggests improvements.

https://github.com/arthepsy/ssh-audit

!infosec !security
In conversation Friday, 16-Feb-2018 14:37:43 EST from mblog.kavehmoravej.com permalink
Attachments
1. arthepsy/ssh-audit
  
  from GitHub
  
  ssh-audit - SSH server auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)
kaveh (kaveh@mblog.kavehmoravej.com)'s status on Friday, 16-Feb-2018 14:31:38 EST kaveh
- infosec
What will the warrior-guardian of the future look like?

!infosec !security https://mblog.kavehmoravej.com/attachment/2821

In conversation Friday, 16-Feb-2018 14:31:38 EST from mblog.kavehmoravej.com permalink
zorak (zorak@social.ilikefreedom.ro)'s status on Friday, 19-Jan-2018 12:51:00 EST zorak
- infosec
libre processors https://lwn.net/Articles/743602/ !infosec

In conversation Friday, 19-Jan-2018 12:51:00 EST from social.ilikefreedom.ro permalink
zorak (zorak@social.ilikefreedom.ro)'s status on Thursday, 11-Jan-2018 12:20:09 EST zorak
- infosec
https://www.fsf.org/blogs/sysadmin/the-management-engine-an-attack-on-computer-users-freedom !infosec

In conversation Thursday, 11-Jan-2018 12:20:09 EST from social.ilikefreedom.ro permalink
zorak (zorak@social.ilikefreedom.ro)'s status on Saturday, 30-Dec-2017 05:59:14 EST zorak
- infosec
Your Mother’s Maiden Name Is Not a Secret https://www.nytimes.com/2017/12/28/opinion/sunday/internet-security-questions.html !infosec
In conversation Saturday, 30-Dec-2017 05:59:14 EST from social.ilikefreedom.ro permalink
Attachments
1. Your Mother’s Maiden Name Is Not a Secret
  
  By By ANNE DIEBEL from The New York Times
zorak (zorak@social.ilikefreedom.ro)'s status on Tuesday, 28-Nov-2017 16:49:23 EST zorak
- infosec
In other news: root login with no password in #MacOS High Sierra https://news.ycombinator.com/item?id=15800676 !infosec

sudo laugh

In conversation Tuesday, 28-Nov-2017 16:49:23 EST from social.ilikefreedom.ro permalink
zorak (zorak@social.ilikefreedom.ro)'s status on Friday, 22-Sep-2017 04:14:15 EDT zorak
- infosec
An Analysis of #CVE-2017-5638 https://blog.gdssecurity.com/labs/2017/3/27/an-analysis-of-cve-2017-5638.html #equifax !infosec

In conversation Friday, 22-Sep-2017 04:14:15 EDT from social.ilikefreedom.ro permalink
kaveh (kaveh@mblog.kavehmoravej.com)'s status on Friday, 04-Aug-2017 13:11:33 EDT kaveh
- infosec
306 Million Freely Downloadable Pwned Passwords (SHA1 hashed) and how this data can be employed to do good things:

https://www.troyhunt.com/introducing-306-million-freely-downloadable-pwned-passwords/

!security !infosec
In conversation Friday, 04-Aug-2017 13:11:33 EDT from mblog.kavehmoravej.com permalink
Attachments
1. Introducing 306 Million Freely Downloadable Pwned Passwords
  
  from Troy Hunt
  
  Edit: The following day, I loaded another set of passwords which has brought this up to 320M. More on why later on. Last week I wrote about Passwords Evolved: Authentication Guidance for the Modern Era with the aim of helping those building services which require authentication to move into the
zorak (zorak@social.ilikefreedom.ro)'s status on Sunday, 18-Jun-2017 19:13:32 EDT zorak
- infosec
Mozilla #OpenSSH #hardening guide https://wiki.mozilla.org/Security/Guidelines/OpenSSH !infosec

In conversation Sunday, 18-Jun-2017 19:13:32 EDT from social.ilikefreedom.ro permalink
zorak (zorak@social.ilikefreedom.ro)'s status on Wednesday, 24-May-2017 12:52:01 EDT zorak
- infosec
#CVE-2017-7494: https://www.samba.org/samba/security/CVE-2017-7494.html #samba !infosec

In conversation Wednesday, 24-May-2017 12:52:01 EDT from social.ilikefreedom.ro permalink

Before

Jonkman Microblog is a social network, courtesy of SOBAC Microcomputer Services. It runs on GNU social, version 1.2.0-beta5, available under the GNU Affero General Public License.

All Jonkman Microblog content and data are available under the Creative Commons Attribution 3.0 license.

Switch to desktop site layout.