New.

Wiz: MongoBleed (CVE-2025-14847) exploited in the wild: everything you need to know https://www.wiz.io/blog/mongobleed-cve-2025-14847-exploited-in-the-wild-mongodb @wiz #infosec #MongoBleed

Dites la team #infosec vous auriez un tuto récent pour faire l'analyse de paquet sur un réseau local?
Un truc genre wireshark mais peut-être qu'il existe des trucs plus simple à utiliser aujourd'hui.
J'aimerais voir les infos échangées par un appareil connecté chez moi.

🐱 New Blog Post: Petlibro Smart Pet Feeder Vulnerabilities (Partially Fixed, $500)

Found critical vulns in Petlibro - one of the biggest smart pet feeder companies:

• Auth bypass via broken OAuth - just need Google ID (public info via Google APIs) to login as anyone
• Access any pet's data, devices, serial numbers, MAC addresses
• Hijack any device - change feeding schedules, access cameras
• Access private audio recordings (mealtime messages to pets)
• Add yourself as shared owner to any device

The worst part? They "fixed" the auth bypass by making a new endpoint... but left the old vulnerable one active for "legacy compatibility." Two months later, still working.

Also tried to get me to sign an NDA AFTER paying the bounty. That's not how contracts work.

Full writeup: https://bobdahacker.com/blog/petlibro

#InfoSec #BugBounty #ResponsibleDisclosure #IoT #Petlibro #Security #Privacy #CyberSecurity #SmartHome #OAuth

#LabPlot is an #OpenSource tool for #DataVisualization and #DataAnalysis, and its #Wikipedia page should reflect its latest features and developments.

@labplot@lemmy.kde.social
@opensource

If you’re a user or contributor, take a moment to check and update the page.

#Wikipedia #Science #Community #FLOSS #FOSS #Tech #Data #DataScience #InfoSec

Alt...

Image: Sparklines in LabPlot (published on Wikipedia)

Ubisoft Rainbow Six Siege servers shut down after multi-group cyberattack

Ubisoft suffered a multi-vector cyberattack involving up to four hacker groups who claim to have exploited vulnerabilities including MongoBleed to compromise game services, ban players, and exfiltrate decades of internal source code from the company's Git repositories. The breach resulted in unauthorized access to backend systems, exposure of critical software development kits and multiplayer services code, and forced the shutdown of Rainbow Six Siege servers.

**If you play Rainbow Six Siege or use Ubisoft services, change your Ubisoft password and remove any saved payment methods from your account. Don't click on any emails claiming to be from "Ubisoft Support" asking for passwords or payment info - these are likely phishing attempts exploiting the breach.**
#cybersecurity #infosec #incident #databreach
https://beyondmachines.net/event_details/ubisoft-rainbow-six-siege-servers-shut-down-after-multi-group-cyberattack-e-1-l-v-f/gD2P6Ple2L

#CVECrowd, your go-to place for #CVE discussions on the Fediverse and Bluesky, now supports email alerts.

https://cvecrowd.com

Here's how it works:

- You define one or more alert keywords
- Keywords are matched against vendor, product, and package names from official CVE data
- If a post mentions a CVE that matches one of your keywords, you receive an email notification

Read more below 🧵

#Pentesting #AppSec #InfoSec #CyberSecurity #BugBounty #Hacking

First post! Glad to be here on infosec.exchange.

Nine Lives, Zero Trust is live.

I write about cloud security & the stuff that keeps defenders up at night.

Three cats taught me nothing should be trusted, especially at 3 AM.

nineliveszerotrust.com

#Introduction #InfoSec #CloudSecurity #ZeroTrust #DevSecOps

🔓 Found critical vulns in Taimi (LGBTQ+ dating app) - all fixed, $10k bounty

What I found:

• "Expiring" videos didn't expire, URLs stayed valid forever
• Decrement attachment ID = anyone's private videos
• Location feature bypassed photo permission checks (why upload a map preview image through the photo system??)
• Fake system messages (made a Raid Shadow Legends sponsorship lol)

The good news: Taimi actually handled this right. Fast response, $10k bounty, everything fixed quickly. No lawyers, no threats.

This is how disclosure should work. Take notes, Lovense.

Full writeup: https://bobdahacker.com/blog/taimi-idor

#InfoSec #BugBounty #ResponsibleDisclosure #IDOR #Taimi #DatingApp #Security #Privacy #CyberSecurity #LGBTQ

Yesterday was Christmas Eve.

What is today? Christmas Mallory? 🤔

#infosec #cybersecurity #fun #joke

@vermaden

Thank you for this valuable insight from the powerful BSD POV
This would make hosting for pure personal LAN use fairly affordable and with fairly low HDD power requirements, since you use 30TB 27.28 TiB HDD at a lower HDD count

Do you have a link to these 27.28 TiB drives because I haven't seen them yet

#HDD #ZFS #partitions #BSD #technology #InfoSec #passwords #Spotify #breach #300TB

@vermaden

It may look like I was joking but making such a backup is technically simple.

300TiB / 24TiB per HDD is 12.5 drives

300TiB / 16TiB is 18.75 drives

In reality it's more complex.
A 16TiB HDD is not 16TiB but 16TB lineair

Given a typical 4TB HDD I get just 3.64TiB in partitoned EXT4 HDD Space
That is 91% of the 4TB HDD

At 16TB that is 14.56 TiB {yes the loss is enormous and those hard drive companies are idiots because computer systems count in base² Binary not base10}

A 16TB drive is actually a 14.56 TiB Drive, it should be sold as 14.56 TiB not 16TB because that is misleading and false advertisement.

With these parameters we will need in reality 300 TiB / 14.56 TiB = 20.6
So we will need 21 drives for the task at 14.56 TiB. In the replication you will need twice the amount

This would become a JBOD just a bundle of drives, which is the easiest form to concatenate hard drive space to together.

A 4U JBOD enclosure can harbour a lot of drives. At the most you will need two.

Double the amount if you want a local backup of your main Spotify data.

Then you will need a 1U case for the computing System. A typical server motherboard, 1x AMD EPYC CPU, 512GB ram is more than sufficient.

You will need Fast Access to the Drive Array. 10GBit / sec in duplo should be enough. That means that your switches cables and network infrastructure will be expensive.

The high cost of AC power globally, can be a limiting factor when you have to power 42 hard drives provided that you are a Soho Network Builder, though.

That is the only factor you cannot calculate with constants

^Z

#HDD #EXT4 #partitions #Linux #technology #InfoSec #passwords #Spotify #breach #300TB

🧵 Tech-themed works, 26/x

Black Hat hacker (2016)

#hacker #malware #cybercrime #cybersecurity #InfoSec #security #safety #LowPoly #CharacterDesign #design #artwork #sculpture #3DArt #3DModeling #3DArtist #illustration #illustrator #picture #digital #style #art #artist #arts #arte #designer #GraphicDesign #3D #3DRendering #CGI #Blender3D #B3D #blender #DigitalArt #ArtLovers #MastoArt #FediArt #MastodonArt #CreativeToots #ArtistsOnMastodon

Alt...

Faceted, low-polygon style hacker character design, sitting in front of a laptop with a large skull sticker on the back of its screen.

🧵 Tech-themed works, 33/x

Hacker zombie, isometric pixel art (2025).

#hacker #PixelArt #isometric #CharacterDesign #malware #InfoSec #cybercrime #cybersecurity #security #safety #zombie #design #artwork #3DArt #3DArtist #illustration #illustrator #picture #digital #style #art #artist #arts #arte #designer #GraphicDesign #3D #3DRendering #CGI #DigitalArt #ArtLovers #MastoArt #FediArt #MastodonArt #CreativeToots #ArtistsOnMastodon #computer #computing

Alt...

Isometric pixel artwork of a hacker with a skull inside a hoodie, sitting behind a monitor with a skull sticker on it.

🧵 Tech-themed works, 39/x

Cybersecurity, isometric pixel illustration.

#CharacterDesign #cybersecurity #InfoSec #security #safety #tech #technology #design #artwork #PixelArt #VoxelArt #3DArt #3DModeling #3DArtist #illustration #illustrator #picture #digital #style #art #artist #arts #arte #designer #GraphicDesign #3D #isometric #DigitalArt #OriginalArt #ArtLovers #MastoArt #FediArt #MastodonArt #CreativeToots #ArtistsOnMastodon

Alt...

Isometric pixel artwork, showing a character sitting behind a laptop, surrounded by security measures, such as a wall and cameras.

Azure Engineer @ Human Rights Watch
#getfedihired #jobs #jobsearch #hiring #infosec #humanrights

@vermaden
We should all be grateful for this reference backup creator

No we need to fetch a few HDD to make our own backup of that backup

#InfoSec #passwords #Spotify #breach #300TB

FreeRadical.zone is a Mastodon server themed around infosec and privacy and technology and leftward politics and cats and dogs.

This server has been online since 2017.

https://freeradical.zone

You can find out more at https://freeradical.zone/about or contact the admin account @tek

#FeaturedServer #InfoSec #Privacy #Tech #Technology #Mastodon #Fediverse #FreeFediverse

Just published a deep dive on locking down my self-hosted #Mastodon instance on bare metal #Kubernetes. 🛡️

I used #Cilium Network Policies to implement a Zero Trust model—blocking internal LAN access while allowing federation. The post covers: ✅ Safely deploying with PolicyAuditMode ✅ Troubleshooting MinIO (toServices vs toEndpoints) ✅ Handling Redis via FQDN

Read the full write-up: https://wael.nasreddine.com/kubernetes/mastodon-locking-down-with-net.html

#kubernetes #cilium #sre #infosec

Remember yesterday when I told y’all some of the redactions were easy to remove? The Guardian has words.

People examining documents released by the Department of Justice in the Jeffrey Epstein case discovered that some of the file redaction can be undone with Photoshop techniques, or by simply highlighting text to paste into a word processing file.

Y’all, they used Acrobat. Because the #DOJ fired all the #infosec people who normally sanitize data, and told 1200 agents not trained in infosec to hide anything that might embarrass the #GuardiansofPedophiles, and this is the result.

Have fun y’all, let’s see who we can embarrass.

https://www.theguardian.com/us-news/2025/dec/23/epstein-unredacted-files-social-media

Santa texted me and said he's stranded without presents and needs me to buy a bunch of Apple gift cards. I was suspicious, but he ended the text with Ho Ho Ho, so I think it's legit.

#phishing #infosec #cybersecurity

Q: Are you aware of any anti-counterfeiting measures in scanners in general or Brother scanners in particular which would cause them to refuse to scan checks?
Read on for additional info.
UPDATE: @ireneista figured it out. See https://adhd.irenes.space/@ireneista/statuses/01KD6R8ZKBJ24YJ2YPZQA4MHHM in the replies.
#infosec #anticounterfeiting #Brother #scanner (1/6)

Webrat, disguised as exploits, is spreading via GitHub repositories

A new malware campaign targeting security professionals and students has been uncovered. The threat actor behind Webrat is now disguising the backdoor as exploits and proof-of-concept code for high-profile vulnerabilities, distributing it through GitHub repositories. The malware, which previously spread via game cheats and cracked software, now aims to infect inexperienced security researchers. The campaign uses carefully prepared repositories with AI-generated vulnerability reports to build trust. The malicious files, when executed, disable Windows Defender, escalate privileges, and fetch the Webrat backdoor. This backdoor can steal data from various applications, perform keylogging, and access webcams and microphones. The attack serves as a reminder for cybersecurity professionals to exercise caution when handling potentially malicious files and to use isolated environments for analysis.

Pulse ID: 694ab732eda29a7aec8e476b
Pulse Link: https://otx.alienvault.com/pulse/694ab732eda29a7aec8e476b
Pulse Author: AlienVault
Created: 2025-12-23 15:37:21

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BackDoor #CyberSecurity #GitHub #InfoSec #Malware #OTX #OpenThreatExchange #RAT #Rust #Vulnerability #Windows #bot #AlienVault

Well, this isn't good.
"US insurance giant Aflac says hackers stole personal and health data of 22.6 million"
https://techcrunch.com/2025/12/23/us-insurance-giant-aflac-says-hackers-stole-personal-data-of-22-6-million/
#infosec #breach #AFLAC

One of my favorite "security challenges" is the "verify your email" one. By this point my email has been verified so many times it should have top secret clearance.

#SecurityTheater #cybersecurity #infosec #Slack #tech #dev

Un simple et bon conseil : Ne pas utiliser de #navigateurs / #OS agentiques.

#OpenAI : les injections de prompts resteront « un défi pour de nombreuses années »

Si OpenAI veut montrer qu’elle prend le problème des attaques par injection très au sérieux, elle reconnait dans le même temps qu’il ne sera probablement jamais circonscrit.

https://next.ink/215914/openai-les-injections-de-prompts-resteront-un-defi-pour-de-nombreuses-annees/

#infosec #IA #Atlas #Chrome #Comet #W11 #Windows11

This Gmail hack is unsettling not because it’s flashy, but because it’s bureaucratic. Attackers aren’t breaking encryption or outsmarting algorithms. They’re filling out forms. By changing an account’s age and abusing Google’s Family Link feature, they can quietly reclassify an adult user as a “child” and assume parental control. At that point, the rightful owner isn’t hacked so much as administratively erased.

The clever part is that everything happens inside legitimate features. Passwords are changed. Two-factor settings are altered. Recovery options are overwritten. And when the user tries to get back in, Google’s automated systems see a supervised child account and do exactly what they were designed to do: say no.

Google says it’s looking into the issue, which suggests this wasn’t how the system was supposed to work. But it’s a reminder of an old lesson. Security failures often happen when protective mechanisms are combined in ways no one quite imagined. The tools aren’t broken. The assumptions are.

There’s no dramatic fix here, only mildly annoying advice that suddenly feels urgent. Review recovery settings. Lock down account changes. Use passkeys. Because once an attacker controls the recovery layer, proving you’re you can become surprisingly difficult.

TL;DR
🧠 Family safety tools are being weaponized
⚡ Account recovery can be shut down entirely
🎓 Legitimate features enable the lockout
🔍 Prevention matters more than appeals

https://www.forbes.com/sites/daveywinder/2025/12/07/google-looking-into-gmail-hack-locking-users-out-with-no-recovery

#Cybersecurity #Gmail #IdentitySecurity #AccountRecovery #DigitalRisk #security #privacy #cloud #infosec

I'm not sure what to think about an #infosec company, specifically #BitSight, running a web crawler (see https://internet-census.org/) which lies in its user-agent string and doesn't provide instructions for blocking it via robots.txt (which presumably means that it ignores robots.txt).
Actually on second thought, I _am_ sure what to think about this: it's shitty behavior and suggests that BitSight is a shitty company.

Many #Terraform providers using SSH do not check the SSH host key... they just run with ssh.InsecureIgnoreHostKey...

And to be honest, it is partly the fault of the SSH standard library which makes it super easy to ignore the host key and does not provide any useful builtin key verification function. People are lazy. ssh.FixedHostKey is niche.

So I implemented a small library to verify SSH host keys. It builds a verification function using your known_hosts file, another one of your choice, known_hosts entries or SSHFP records queried over classic DNS, DNS over TLS or DNS over HTTPS.

https://codeberg.org/X_Cli/sshhostkey

Cheers! 🥳

#infosec #ssh #terraform #opentofu #iac

Backing up Spotify

https://annas-archive.li/blog/backing-up-spotify.html

#Spotify #Hacking #InfoSec

EU Chat Control 2.0 returns as Going Dark / ProtectEU - aiming for lawful access to encrypted data and possibly VPN services.

Expanded metadata retention also under discussion.

Full Article:
https://www.technadu.com/eu-chat-control-2-0-evolves-into-going-dark-initiative/616316/

Where should the line be drawn?

#Encryption #Privacy #EU #InfoSec #VPN

Alt...

EU Chat Control 2.0 Evolves into Going Dark Initiative – Everything You Need to Know

You are an experienced Dev(Sec)Ops. How well do you know Kubernetes?

#devops #devsecop #infosec #it #ops #sysadmin

A commercial VPN does not protect you from Google, Facebook or browser fingerprinting. It does not stop your country's version of NSA. All it does is shift your trust from your ISP (who you pay) to a random company (who you also pay, but has no oversight). If you are buying a VPN for privacy rather than just geolocation spoofing or torrenting, you have been sold a bridge.

#infosec #facebook #google #meta #socialmedia

I've been enquiring about upgrading my company's #CyberEssentials certification to CE Plus, which would involve undergoing an actual audit by a third-party organisation. The auditing company I spoke to said I would need to install a proprietary endpoint detection thingy (from Qualys...?), which I would be extremely reluctant to do. I wonder if I could use an open-source alternative instead, perhaps one of the Greenbone open-source products...

#InfoSec #CyberSecurity

#RoundCube #webmail admins brace for CVE-2025-68461, remote (!) mailbox takeover exploited by a single email sent to the victim using #XSS

#infosec

The federated feed is great, but I want to follow more experts who are deep in the weeds.

Tag a Mastodon account that posts high-quality content about:

• Reverse Engineering
• Vintage Computing
• Network Security
• Accessibility / UX
• Privacy
• Enshittification
• Art
• Photography

Who is your favorite "must-follow" account that deserves more eyes?

#weekend #followfriday #feditips #askfedi #linux #sysadmin #mastodon #vintage #infosec #enshittification #art #photography #writing #design #ux

New.

Picus: Omnissa Workspace One CVE-2025-25231 Path Traversal Exploit https://www.picussecurity.com/resource/blog/omnissa-workspace-one-cve-2025-25231-path-traversal-exploit #infosec #threatresearch

This might be a bit of a long shot, but does anyone have some great examples of questions and answers pertaining to #infosec and #cybersecurity that you'd get, as a company from your clients?

I know in the past I've had clients ask for stuff like longer log or backups retention, etc. but what sorts of questions are usually expected?

Thanks very much in advance and please boost far and wide!

La CAF victime d'une fuite massive de données de 8,6 millions de Français

https://www.generation-nt.com/actualites/caf-fuite-donnees-piratage-cyberattaque-allocataires-2068061

#InfoSec

Un ferry attaqué avec un Raspberry Pi

https://www.lemondeinformatique.fr/actualites/lire-un-ferry-attaque-avec-un%A0raspberry%A0pi%A0-98856.html

#InfoSec

Here is a brief summary of the AI/AI adjacent vulnerability-types I've noted in pen tests over the last year (some are AI specific, others could happen with any software project, I just happened to have found them in the context of an AI one):

- code injection type things: in order to better understand how they are making decisions, pretty much everything you send to an LLM is logged. I've had more than one successful SSRF this year simply by including code, or a link to code in my LLM convo. Sometimes it's self inflicted, in real time, other times it happens hours later when a human is reviewing the logs and wondering wtf is going on.

- mixing in outside knowledge: was able to get what was a closed loop transcription tool to go look something up and put it in the transcription. Could likely be used maliciously.

- Github storage of training data: for some reason, AI-tool developers seem intent on storing emails, documents, spreadsheets, whatever it is they are training their stuff on in public Github repos. Have easily found 8 or 9 examples of this in 2025.

- letting the AI do authorization: if you give AI access to 'all of the data' and expect it to self manage who is authorized to see what based on a prompt, you are in for a bad day/week/month. People are doing this.

- Exposure of third party Oauth tokens etc: Most of these agents etc are connecting to things like Google Workspace, Exchange, to read emails, documents etc. For some reason, people seem to do a very poor job of protecting the tokens that they give the AI. I can think of two examples this year where those tokens were readily accessible in an API response.

#infosec #pentesting

It’s interesting how many people think wanting privacy means you’re doing something nefarious. The fact is, privacy is about sharing what you want with whom you choose.

(I don’t recall who wrote these words or where I originally saw them. I only made the graphic.)

#Privacy #InfoSec #OpSec #BigBrother

Alt...

Illustration of some eyes looking straight at you followed by text that reads “I need privacy, not because my actions are questionable. But because your judgment and intentions are.”

Apple Leak Confirms Work on Foldable iPhone, AirTag 2, and Dozens More Devices

https://www.macrumors.com/2025/12/15/apple-leak-unreleased-devices-codenames/

#InfoSec #Leak

Amazon: Russian Hackers Now Favor Misconfigurations in Critical Infrastructure Attacks

After years of exploiting zero-day and n-day vulnerabilities, Russian state-sponsored threat actors are shifting to misconfigured devices.

https://www.securityweek.com/amazon-russian-hackers-now-favor-misconfigurations-in-critical-infrastructure-attacks/

#infosec #russia #apt #cybersecurity

Ran into a problem in prod?
Just generate a fake cloudflare error page and blame it on them - gives you time to fix.

https://github.com/donlon/cloudflare-error-page

#foss #devops #cloudflare #infosec

Alt...

Editor to generate a fake internal server error page complete with You, Cloud, Server in red and green

Google will end dark web reports that alerted users to leaked data

https://arstechnica.com/gadgets/2025/12/google-is-shutting-down-dark-web-reports-in-january-because-they-werent-helpful/

#InfoSec #Google

Some #infosec bro in Israel just reached out to me cold on #LinkedIn and asked if I could spare 15 minutes to give him feedback about the product idea his new stealth startup is working on.
This is how I responded.
#politics #Israel #Gaza #WestBank #genocide

Alt...

That depends. Have you said anything publicly critical of the genocide your country's government is perpetrating in Gaza and the West Bank? If not, then no. Just as I think it is morally incumbent upon Americans to speak up against the fascist shit Trump and his administration are doing, I think it is morally incumbent upon Israelis to speak up against the fascist shit their government is doing. I've spoken out publicly about both. How about you?

IT security in the 90s ...

#infosec

Alt...

A photograph of a locked transparent case of beige 3.5 inch floppy disks

Massive 16TB database leaks 4.3 billion professional records

An unsecured 16-terabyte MongoDB database containing approximately 4.3 billion professional records was exposed without authentication from November 23-25, 2025, including names, emails, phone numbers, work histories, and other personally identifiable information. It's suspected that the data set is owned by a data broker or a lead-generation company, but the researchers did not disclose any details.

**Data brokers are just greedy, but not at all good with their data protection. Because it's not their data, it's simply grabbed and abused.**
#cybersecurity #infosec #incident #databreach
https://beyondmachines.net/event_details/massive-16tb-database-leaks-4-3-billion-professional-records-v-8-u-f-u/gD2P6Ple2L

...

Ok. An app is actually a less secure (no visibilty on the WEBPAGES it's accessing, no way to tell if they're http or https) way of interacting with a website. #infosec

What desktops/laptops have is typically not cutting edge cameras. So if you send a selfie from them, it's probably going to be kinda crappy

THEY say it's more difficult to compare with the passport pic but really, we know, they want high quality biometric data to add to your profile

6/

#Privacy

https://www.federalregister.gov/documents/2025/12/10/2025-22461/agency-information-collection-activities-revision-arrival-and-departure-record-form-i-94-and

Here are the four paragraphs of conclusion from that clickbaity piece ("Is Signal safe?") by @protonprivacy about @signalapp that is doing rounds.

1. "Signal remains widely regarded as the gold standard for secure private messaging for very good reasons. The Signal Protocol is extremely secure, and unlike most other apps that use the Signal Protocol, Signal collects almost no metadata from the Signal app."

1/🧵

#Signal #Privacy #InfoSec

Passwords are yesterday’s defense. 🔐

Hardware security keys using FIDO2/WebAuthn give you phishing resistant logins with a tap, and they work across major services like Google, Microsoft, and many password managers.​

New TechGlimmer guide explains:

How hardware keys work

Why they are stronger than SMS or app codes

What to look for (USB‑C, NFC, platform support) when choosing a key.​

Read more: https://techglimmer.io/learn-about-hardware-keys-guide/

#SecurityKeys #Passkeys #FIDO2 #WebAuthn #InfoSec #Privacy

A Zero-Day Vulnerability in Gogs has been Exploited in the Wild

CVE-2025-8110 is an actively exploited remote code execution vulnerability in the Gogs Git platform caused by a symlink bypass that lets authenticated users overwrite arbitrary files and execute code on the server. The flaw is a bypass of an earlier patch affects internet-exposed Gogs instances and currently has no official fix making mitigation steps such as restricting access and disabling open registration critical.

Pulse ID: 693cadc44709dfbcac1a38ac
Pulse Link: https://otx.alienvault.com/pulse/693cadc44709dfbcac1a38ac
Pulse Author: cryptocti
Created: 2025-12-13 00:05:24

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #OTX #OpenThreatExchange #RAT #RemoteCodeExecution #Vulnerability #ZeroDay #bot #cryptocti

Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloads

https://thehackernews.com/2025/12/fake-osint-and-gpt-utility-github-repos.html

#OSINT #GPT #Github #InfoSec

Qui aurait pu prédire ?

Le ministère de l’Intérieur victime d’une cyberattaque

https://next.ink/brief_article/le-ministere-de-linterieur-victime-dune-cyberattaque/

#InfoSec

Brave is testing an agentic AI mode with Leo to automate research, comparisons, and summaries 🤖

Because agentic actions pose risks, it runs in an isolated profile with strict access limits, intent checks, and no user-data training 🔐

But… is this really safe? What do you think, privacy folks? 👀

@brave

🔗 https://www.bleepingcomputer.com/news/artificial-intelligence/brave-browser-starts-testing-agentic-ai-mode-for-automated-tasks/

#TechNews #Privacy #Security #AI #Browser #Cybersecurity #OpenSource #DataProtection #Automation #Web #Safety #Technology #Infosec #Brave #Browser #AIAgent #AIAgents

Based on personal vibes only: much of Fedi is #infosec?
#BoostsWelcome #GerneBoosten

@briankrebs

#GenAiMil uses Gemini 2.5 not the latest 3.0 which is only 3 weeks old. Nevertheless, it excels at reasoning tasks (ranked #1) Its got a context window of 1 million tokens, which means one can feed a sizable document into it.

There is a joke here about reasoning #AI in an unreasoning administration, except there us a reason here, one which most Americans are unable to acknowledge. Destruction of the American state.

The good news us it's for level IL5 (Sensitive but unclassified) information, which means this clownshow is about to start feeding a whole bunch of classified content into it.
I'm looking forward to reading future #infosec breaches post mortems.

Also, remember the #Google now abandoned motto "Do no evil"? How much does evil cost?
$200 million dollars (June contract).
I vaguely remember a whole bunch of Google employees quitting.

Finally, do remember that there is absolutely no regulations WHATSOEVER controlling this tech.
This is nuclear power without safeties.
Car design without seatbelts and crumplezones
and
Food additives with no regulation.
In fact trump "administration" actively threatened states that tried to make houses about #regulateai
#LLM #skynet

Recently we completed a security audit of Thunderbird Send, our upcoming end-to-end encrypted large file sharing service, with the help of the @ostifofficial and 7ASecurity. Read our summary of the report's findings, and learn how we've acted on these recommendations to be more secure and worthy of the trust our user community places in us.

#Thunderbird #OpenSource #InfoSec

https://blog.thunderbird.net/2025/12/thunderbird-send-security-audit-with-ostif-and-7asecurity/

😂 👍🏼

En Angleterre, des dizaines de trains mis à l'arrêt à cause d'un hoax généré par IA

https://www.clubic.com/actualite-590875-en-angleterre-des-dizaines-de-trains-mis-a-l-arret-a-cause-d-un-hoax-genere-par-ia.html

#InfoSec

Qilin ransomware gang claims breach of the Church of Scientology's UK operations

The Russia-based Qilin ransomware gang claimed responsibility for breaching the Church of Scientology's UK headquarters (AOSH UK), publishing proof-of-access screenshots and internal operational documents dated April-November 2025. The Church of Scientology has declined to comment.

****
#cybersecurity #infosec #incident #ransomware
https://beyondmachines.net/event_details/qilin-ransomware-gang-claims-breach-of-the-church-of-scientology-s-uk-operations-8-b-i-q-d/gD2P6Ple2L

It's important to fully patch a new Operating System before you start playing with the OS while being online.

Due to the nature of the distribution your initial patch will be significantly larger than one of standard MX Linux don't be alarmed; Kali has a beautiful suite of forensic software, which naturally takes space and also needs to be patched

#Programming #networking #Linux #InfoSec #passwords #ASCII #Kali #Mata #X86 #technology

Managing files over #WebDAV with Terraform

https://broken-by-design.fr/posts/remotefs/

In this blog post, I document the development of a #Terraform provider allowing practitioners to manage files over WebDAV.

This provider uses write-only attributes to handle sensitive content, which increases dramatically the complexity of this provider under the hood. The blog post explains why. There are takeaways and controls to add to your checklist if you are a security auditor.

#devops #devsecops #infosec #security #iac

I am admiring the restraint of the reporting I'm seeing of Kohler's false security claims about their toilet-bowl camera. I can't understand how every headline isn't an END-to-end encryption joke. It's right there.
#infosec #Kohler

I love 💕 how Mata Kali is configured by default;

zsh
XCFE
custom Dark Theme
light footprint

Since the powerful zsh is the default shell evironment you will fly over the keyboard, esp as a touch typist with all ten fingers

https://www.kali.org/

#Programming #networking #Linux #InfoSec #passwords #ASCII #Kali #Mata #X86 #technology

Playing with the power of Mata Kali

https://www.kali.org/

#Programming #networking #Linux #InfoSec #passwords #ASCII #Kali #Mata #X86 #technology

From Concealment to Exposure: Understanding the Lifecycle and Infrastructure of APT Domains

OH! Excited to dive into this - few places doing deeper & more insightful research than GA Tech & friends.

Also gonna note with pride that @DomainTools has 3 citations, and my pal Pawel Foremski from our Research team also has a citation herein!

#infosec

https://tillsongalloway.com/Atropos_Final.pdf

Hey @simplex is this really your founder? 👀
https://xcancel.com/epoberezkin

#SimpleX #InfoSec

RE: https://mastodon.social/@quad9dns/115669189435393037

Tagging #InfoSec #CyberSecurity

@mathewi 4/
I’m going to delay elaborating my other concerns about the maturity of #SelfDriving #autonomous vehicles. For now, please consider the following:

1. #AI in general, self-driving cars in particular, are not people. These technology systems do not have our human-lived experiences, they do not think like us, even if you believe that thinking is computational. With a few exceptions, such systems have no common sense ability to reason about the world. They don’t understand human behavior the way we do.

2. They will not make the same mistakes that humans make while driving. That is not only a requirement, it follows from 1. Instead, they will make their own mistakes. We are already seeing plenty of these. Sure, engineers will grind out most of these, but not all.

3. The first two points mean that the behavior of self-driving cars will be difficult to predict in all but the most common vanilla driving situations. People complain about how rigid the current vehicles are at following the law. What? Now you want them to break the law when it is expedient?

4. There are a near infinite number of “edge cases” and those are when safe driving is the most difficult — exactly when we want self-driving vehicles to excel. There are too many to test. The complexity of the real-world, specifically edge cases, cannot be simulated in a laboratory. A decade or more experience on the road is required.

5. Cars are increasingly connected and computerized, and that makes them a new #security threat. Any modern car today can be hacked and remotely controlled. AI systems add multiple new attack vectors. Yes, companies are working on security, but so are the bad guys. #Infosec people will tell you their world is hand-to-hand combat. The more such cars are on the road, the greater the opportunity and attraction for mischief (or worse).

The big question is when will we, as a society, feel safe and convinced by the benefits of self-driving cars? That question is a trap, because most people don’t know the details. It is already happening.

Speaking as an expert and a grandfather, I will not be putting my grandchildren in the back seat of a self-driving car any time soon.

The #Defense Dept’s #InspectorGeneral released a long-awaited report Thursday morning about Secy #PeteHegseth’s disclosure of plans for airstrikes in #Yemen on a #Signal chat group. The office simultaneously released a second report on “the use of unclassified networks & non–#DoD-controlled electronic messaging systems to discuss sensitive & classified information.”

https://media.defense.gov/2025/Dec/04/2003834916/-1/-1/1/DODIG_2026_021.PDF

#Trump #Hegseth #SignalGate #law #MilitaryLaw #military #OpSec #NationalSecurity #InfoSec #idiocracy

Kohler peut accéder à vos datas et images à partir de sa caméra connectée pour toilettes qu'elle décrit comme chiffrée de bout en bout.

https://securite.developpez.com/actu/378180/Kohler-peut-acceder-a-vos-datas-et-images-a-partir-de-sa-camera-connectee-pour-toilettes-qu-elle-decrit-comme-chiffree-de-bout-en-bout-un-chercheur-indique-que-le-chiffrement-est-TLS-standard-pour-du-transit/

#InfoSec

Fuite de données à Leroy Merlin

* Nom et prénom
* Numéro de téléphone
* Courriel
* Adresse postale
* Date de naissance
* Programme de fidélité

https://www.bleepingcomputer.com/news/security/french-diy-retail-giant-leroy-merlin-discloses-a-data-breach/

#infosec #databreach #france

Somehow I had missed the November @calyxos status update:
https://calyxos.org/news/2025/11/10/calyxos-progress/

Apparently, they are:

- finalizing the design of a Hardware Security Module (HSM) signing solution

- finalizing the detailed provisioning plan for the signing process

- trying to figure out how to sustainably access and publish OS security patches in the face of #Google's meddling and gradual closing of Android code.

Also, they are hiring:
https://job-boards.greenhouse.io/calyxinstitute

#FuckGoogle #InfoSec #CalyxOS

I read the serious discussions about ‘who eavesdropped on Ushakov and Dmitriev’ and can’t help but chuckle to myself.

All these deliberations about whether it was the NSA or GCHQ are based on the assumption that Ushakov had to use a secure means of communication. Had to… because why exactly?

Because politicians are renowned for their unwavering commitment to adhering to rules, including #OPSEC? But they are not.

Let us recall the US and European leaders who, in #Ukraine Kyiv in 2013, happily chatted on the phone and were recorded (‘Nuland–Pyatt call’).

Shortly afterwards, Sergei Glazyev from the #Russia presidential administration did the same and was recorded… by the new SBU (‘Glazyev tapes’, much less well-known but much more devastating).

In summary, if one can generalise the concept of high-level politics in #infosec matters, it is that those in power do not apply the rules to themselves and do not learn from their mistakes precisely because they are in power.

In short, Hanlon’s razor applies.

#SmartTube, l’app #YouTube alternative la plus populaire sur #Android TV, a été détournée pour pousser des mises à jour malveillantes

Une anomalie détectée fin novembre dans une mise à jour de SmartTube a révélé l’intrusion d’un module non documenté dans plusieurs versions signées de l’APK. L’incident a poussé le développeur à reconnaître une compromission de son environnement, et conduit à la refonte complète du projet.

https://www.clubic.com/actualite-589720-smarttube-l-app-youtube-alternative-la-plus-populaire-sur-android-tv-a-ete-detournee-pour-pousser-des-mises-a-jour-malveillantes.html

#infosec

Ohh I like this... Aikdo has presented a more detailed analysis of the early steps for the Shai Hulud 2.0 worm.

Attempting to map what steps the original threat actor took to gain a foothold. Useful stuff IMHO

https://www.aikido.dev/blog/shai-hulud-2-0-unknown-wonderer-supply-chain-attack

#Infosec #Cybersecurity #ThreatIntel

Life hack: it's really easy to avoid getting phished by e-mails pretending to be coming from GitHub if you don't use GitHub!

#ProTip #LifeHack #InfoSec #Developers

My underrated Linux pick is the lsof command. It tells you exactly which files are open and which processes are using them. Because Linux treats everything as a file, this tiny command ends up being insanely powerful and useful in everyday troubleshooting.

Here are useful lsof command examples 😎👇 #cybersecurity #infosec #sysadmin

Find high-res pdf books with all my #linux related infographics at https://study-notes.org

https://www.thesiteoueb.net/actualite/article-9327-fuite-de-donnees-massive-etes-vous-sur-la-liste-des-1300-mairies-touchees.html

#infosec

Mais j'en peux plus des campagnes de sensibilisation au phishing :

https://www.linkedin.com/posts/regissenet_phishing-activity-7400081394380722176-6her

"Ouin, les résultats sont pas top"

Aucune remise en question du principe de ces campagnes alors que MANIFESTEMENT elles ne marchent pas !

Ces campagnes ne servent à rien et les chiffres sont là pour le démontrer. Le problème n'est pas l'utilisateur, mais les mesures techniques et organisationnelles déployées. Au fond, peu importe que l'utilisateur tombe dans le panneau, si les bonnes mesures techniques et organisationnelles ont été mises en place pour qu'il n'y ait aucune conséquence due au piègeage de l'utilisateur. Mettre en place un SSO reposant sur une méthode d'authentification non phishable est un excellent premier pas. Implémenter des procédures séparant les responsabilités et les controles à 4 yeux est également super important.
On ne parviendra jamais à un succès de 100% sur de la sensibilisation et il suffit parfois d'une victime pour pêter tout une boite, alors faut tacler le problème de manière systémique et arrêter de faire chier les utilisateurs et engraisser les boites de conseil.

#infosec #phishing

> CVE-2025-45311: If a user can execute fail2ban-client with sudo, they can achieve local privilege escalation and command injection via user-modified actions.

In other words: If a user has root privileges they can get root privileges.

The disclosure on PacketStorm is straight up AI stuff, unless I’m missing something obvious. C’mon now.

Flooding the zone.

#infosec

Publication par le CERT-FR @cert_fr d'un document sur l'état de la menace ciblant les téléphones portables et des recommandations pour y faire face #Infosec https://www.cert.ssi.gouv.fr/cti/CERTFR-2025-CTI-012/

New certificate transparency search tool https://www.certkit.io/tools/ct-logs/ #infosec

@GrapheneOS @otyugh @straybun @watchfulcitizen

The French justice department also has a really interesting case against the founder of Telegram

You can read all about it in the Telegram group that the founder is running

What's interesting in the case of Telegram is that the French government didn't follow the standard rules of reporting within the Telegram ecosystem

FR is hostile against privacy in the Digital Realm

France is falling back into the Dark Ages

#InfoSec #FR #GrapheneOS #privacy #programming #Telegram #backdoor

@GrapheneOS

It looks like the French government is going in the same direction as the American government

#InfoSec #GrapheneOS #programming #Android #technology #OpenSource #InfoSec #Police #fascism

Adversarial Poetry as a Universal Single-Turn Jailbreak Mechanism in Large Language Models
https://arxiv.org/abs/2511.15304
#LLM #IA #InfoSec

We completely disabled TLS 1.0 & 1.1 on www.bbc.co.uk, www.bbc.com & BBC Account web endpoints today.

This follows a deprecation (soft-retirement via HTML warning page) period of about a month. Usage was low - ~5-10 RPS - and mostly from crufty old bots/scripts.

This one change took our TLS rating (on SSLLabs & testssl.sh) from B to A+.

Next up:
* Enabling PQC & *Finally *removing 3DES on our in-house CDN
* Retiring non-FS ciphers

#Infosec #WebDev #TLS

Alt...

Screenshot of SSLLabs Server Test report for www.bbc.com showing grade "B"

Alt...

Screenshot of SSLLabs Server Test report for www.bbc.com showing grade "A"

Alt...

Screenshot of TestSSL.SH Server Test report for www.bbc.com showing grade "B"

Alt...

Screenshot of TestSSL.SH Server Test report for www.bbc.com showing grade "A"

So, curl doesn’t integrate with libsecret in any way? I assume that since there’s no discussion on the main mailing list of in the GitHub issues for it that I’m somehow being dumb thinking I want it.
If the service that I’m authenticating to uses basic auth, and I don’t want to store my passwords in a .netrc in my HOME or pass it in clear on the command-line, what are my best options?
@bagder
#curl #gnome_libsecret #infosec #LazyWeb

Le gestionnaire de mots de passe open-source et multiplateforme KeePassXC (version 2.7.9) vient de recevoir sa certification CSPN (Certification de sécurité de premier niveau) délivrée par l'ANSSI #Infosec https://cyber.gouv.fr/produits-certifies/keepassxc-version-279

https://committing-crimes.com/articles/2024-09-09-jitpack/

The infosec hell was never users writing down their password in a post-it stuck to their monitor.

The true infosec hell is developers trusting centralized repositories of "open source" that nobody reads nor audits.

Again I have to battle against devs that, for pure convenience and laziness, put users and the company at the mercy of any random of the internet, with the willing to perform a supply chain attack.

#infosec #centralization #zerotrust #supplychainattack

@mike recently recommended to me @daedalus's weekly newsletter, "The Crux". It covers enterprise tech, the cloud, and infosec. I subscribed last week and just got the first newsletter since subscribing. It is REALLY GOOD and I highly recommend it. Solid content that you won't necessarily see elsewhere. Go here to sign up: https://pivotnine.com/newsletter/
#tech #cloud #infosec

Thoughts on proposed Massachusetts Consumer Data Privacy Act, H.4746

The Massachusetts House version of the privacy act is superior to the Senate version but still has some problems. Also, it has a role to play in reducing privacy-invasive ALPR mass surveillance.
#politics #MAPoli #USPol #ALPR #privacy #infosec #Massachusetts
https://blog.kamens.us/2025/11/23/thoughts-on-proposed-massachusetts-consumer-data-privacy-act-h-4746/

In case you had not yet seen this elsewhere.

#gmail #ai #privacy #infosec

Alt...

screenshot of a 2 post thread: @ash.renee411 Gmail rolled out an update on October 10, 2025, and a lot of people didn't notice what it actually does. Google's Gemini can now automatically scan everything in your inbox - emails, attachments, receipts, financial docs, all of it - to train their Al and build ad profiles. If you don't want that, you can turn it off. 1/2 @ash.renee411 1. Open Gmail in your browser 2. Go to All Settings 3. Under General, scroll to Smart features and personalization 4. Uncheck the box 5. Then go to Google Workspace → Smart features → Manage Workspace and toggle off both smart-feature settings. That's it - you've opted out. 2/2

The AI Act Whistleblower Tool is a secure channel set up by the European AI Office for individuals who wish to anonymously report potential breaches of the AI Act, thereby contributing to the safe and transparent development of AI technologies.

https://ai-act-whistleblower.integrityline.app/

#JokeOfTheDay #InfoSec

Which version best conveys the message "ISO 8601. Every over date/time format is inferior"?
Based on different versions of the original logo I made multiple attempts. One of them will become a sticker. White on red, Blue on White or White on Blue?

#iso8601 #iso8601ultras #stickerart #39c3 #infosec #stickers #bestpractice

Alt...

3 different versions of the same logo. 1st version: The current ISO logo with the a very simple grid of of globe, the text ISO 8601 in the center and the title ultras in an aggressive sports team like font below. Red background, white structures and text 2nd version: The ISO 9001 style logo logo with the a simple grid of of globe, the text ISO 8601 in the center and the title ultras in an aggressive sports team like font below. White background, light blue structures and text 3rd version: The old ISO logo with the a simple grid of of globe, the text ISO 8601 in the center and the title ultras in an aggressive sports team like font below. Blue background, white structures and text

Needed 4 random characters for my PIN, so chose Samwise Gamgee, Rose Tyler, Zoë Boutin-Perry and Hawkeye Pierce

Had to replace Zoë with her mom Jane because the server couldn't handle umlauts

#GeekHumor #sysadmin #InfoSec #MFAshortStories

https://mensago.org/in-pursuit-of-the-dream/

#mensago #programming #infosec #email

Moving Beyond the NPM elliptic Package

If you're in a hurry, head on over to soatok/elliptic-to-noble and follow the instructions in the README in order to remove the elliptic package from your project and all dependencies in node_modules. Art: CMYKat Why replace the elliptic package? Yesterday, the Trail of Bits blog published a post about finding cryptographic bugs in the elliptic library (a Javascript package on NPM) by using the Wycheproof.

http://soatok.blog/2025/11/19/moving-beyond-the-npm-elliptic-package/

#npm #crypto #cryptography #elliptic #security #infosec #cve #mitigation #appsec #javascript #js #npm #npmsecurity #npmpackages

New.

Google Threat Intelligence Group: Beyond the Watering Hole: APT24's Pivot to Multi-Vector Attacks https://cloud.google.com/blog/topics/threat-intelligence/apt24-pivot-to-multi-vector-attacks #Google #threatintel #threatintelligence #infosec #espionage

New.

Threat Fabric: Sturnus: Mobile Banking Malware bypassing WhatsApp, Telegram and Signal Encryption https://www.threatfabric.com/blogs/sturnus-banking-trojan-bypassing-whatsapp-telegram-and-signal

More:

The Hacker News: New Sturnus Android Trojan Quietly Captures Encrypted Chats and Hijacks Devices https://thehackernews.com/2025/11/new-sturnus-android-trojan-quietly.html @thehackernews #Android #Google #infosec #malware #WhtsApp #Meta

This is a fascinating use of a #sidechannel timing attack against calls to an #AI model.

By capturing encrypted TLS traffic and measuring timing, they can very accurately determine which streams corresponded to an LLM conversation about a pre-selected topic.

TLS is intact. So their ability to recover the conversation is limited to their ability to break TLS. But they can, with high confidence, sift out all the TLS traffic for the only conversations that reference the thing they care about. They don't have to worry about spending resources breaking TLS on traffic that is unrelated. Neat #security research from #Microsoft.

#cybersecurity #infosec #LLM

Cloudflare outage brings down major websites Including Twitter, ChatGPT, and Spotify

Cloudflare experienced a six-hour global outage on November 18, 2025, affecting hundreds of thousands of websites and critical services worldwide (including ChatGPT, Claude AI, Spotify, and McDonald's systems) after an oversized configuration file in its Bot Management system crashed traffic routing software across its network. The company reports that the incident was an internal technical failure and not a cyberattack.

****
#cybersecurity #infosec #incident #ransomware
https://beyondmachines.net/event_details/cloudflare-outage-brings-down-major-websites-including-twitter-chatgpt-and-spotify-k-a-7-k-9/gD2P6Ple2L

My dad just called to ask for his computer's admin password. He fell for yet another fraudulent #Paypal charge #scam and gave the scammer access to his computer. The scammer was stopped by the fact that I've revoked Dad's admin rights for just this reason.
He has fallen repeatedly for this scam and others like it. We keep telling him it's a scam. We keep telling him to call us before calling any number he gets in an email. He keeps falling for it. It's infuriating.
#infosec #elderAbuse
1/2

@boblord I have been using DNS-over-HTTPS (DoH) for a few years. I believe it’s the most available and highest compatible method for modern browsers.

@da_667 is a lot smarter than me and I believe he’s against DoH and other encrypted DNS like DNS-over-TLS (DoT) because they prevent network troubleshooting.

This link gives some updated information.

#DNS #infosec

https://controld.com/blog/dns-over-tls-vs-dns-over-https/

Prekey Pogo: Investigating Security and Privacy Issues
in WhatsApp’s Handshake Mechanism

https://arxiv.org/pdf/2504.07323

#InfoSec

As LLM’s take over the world, a reminder that you can still buy hand crafted, small batch collections of words.

Stand out from the crowd this holiday season with a Mike Sheward InfoSec book - written the old fashioned way - by hand, and fueled by an undying rage that can only exsist in someone who uses JIRA.

Available wherever you buy books and also Walmart for some reason.

Learn more at https://infosecdiaries.com.

#infosec #books #cybersecurity #dfir #pentesting #blueteam #redteam

Alt...

a collection of Mike Sheward Books under a festive fern

Chrome now wants to store and autofill your driver’s license and other ID info.

From a cybersecurity perspective, that is a hard no from me. Info-stealer malware already targets browser autofill, and you cannot rotate a driver’s license number like a password. Putting high value IDs in the most targeted consumer app on the planet is a bad trade for a little convenience.

I wrote up why this feature is such a risky idea and what I recommend instead:

🔗 https://www.kylereddoch.me/blog/chromes-new-drivers-license-autofill-is-a-terrible-idea/

#Infosec #Privacy #Chrome #Cybersecurity

They say "no sensitive information" was compromised, after a data breach involving real names, email addresses, phone numbers, and physical addresses.
That's some serious bullshit right there.
That is, in fact, "sensitive information," you idiots.
#infosec #privacy #DoorDash #breach
DoorDash confirms data breach impacting users’ phone numbers and physical addresses | TechCrunch
https://techcrunch.com/2025/11/17/doordash-confirms-data-breach-impacting-users-phone-numbers-and-physical-addresses/

Anyone know of a good curated list of JA3 fingerprints of known shitty bots? (Think: Alibaba, Tencent, AI slop, etc)

The only two I could find are:

f79b6bad2ad0641e1921aef10262856b
5cc600468c246704e1699c12f51eb3ab

#infosec #websecurity #noai

My experiment using a #VPN all the time ends in five days. My annual subscription to the VPN I was using, #Blokada Plus, expires this week, and I am electing to not renew and go back to a VPN-free existence.
As to why, you need only look at my posts over the past year with the #VPN hashtag. TLDR: Too many sites break if you use a VPN, it's a huge pain in the ass, and the privacy benefit virtually evaporates if you have to regularly turn off the VPN to make sites work.
1/2
#infosec #privacy

I'm not thrilled, as some are, that #Flock images have been ruled public records.
As the article says, that means anybody can #FOIA Flock records ABOUT ANYONE.
So we're going from "the police can use Flock to spy on you" to "ANYONE can use Flock to spy on you."
The article says this will make people reconsider whether we want these cameras operating. (1) I doubt that'll come to anything, and (2) what about in the meantime?
This is quite dangerous.
#privacy #infosec
Ref: https://www.404media.co/judge-rules-flock-surveillance-images-are-public-records-that-can-be-requested-by-anyone/

I have to admit, I see the domain hackerone dot com and in my head it rhymes with macaroni dot com.
#hackerone #hacker #infosec

How much do you tinker with the privacy settings in messaging apps?

#privacy #security #infosec #messagingapps #e2ee #signal #poll #polls

RE: https://infosec.exchange/@halifaxbsides/115543592924709027

Even if you haven’t gone please consider filling out our survey so we can improve and serve the community better!

#infosec #Halifax #novascotia #Canada #BsidesHalifax

#reminder BADBOX firmware backdoors: a global risk lurking in some Android #xiaomi devices. A warning about supply-chain threats and clever fraud schemes that misuse devices as proxies. Stay vigilant and verify certifications. 🔒📱💡 https://gbhackers.com/badbox-firmware-backdoors/ #Cybersecurity #Android #FirmwareBackdoors #Infosec #StaySafe

@GossiTheDog

Yeah, my mom almost got duped by one of these full-screen phishing sites.

It even somehow disabled the Esc key! I told her to try a bunch of keyboard shortcuts to escape from it. Command+W (it's a Mac) finally worked.

Memorizing that shortcut should NOT have been necessary!!!

#Browser full-screen APIs should still show a bit of browser chrome at the top of the screen so you know you're looking at, and have a way to escape from, a full-screen web page.

#cybersecurity #infosec

"Your experience is important to us." Specifically, it's important to us that you allow us to ruin your experience.
Get the fuck out of here with that bullshit.
#privacy #infosec #AdBlocker #MLive #AdTech #TechIsShitDispatch

Alt...

A screenshot showing an article on mlive.com, but you can't see the article because it's blocked by a big pop-up preventing you from accessing the page unless you disable your ad blocker.

Container escape vulnerabilities discovered in runC container runtime

Three high-severity vulnerabilities (CVE-2025-31133, CVE-2025-52565, CVE-2025-52881, all CVSS 8.2) in runC container runtime enable attackers to escape container isolation and gain root access on host systems through mount race conditions and procfs manipulation, affecting Docker, Kubernetes, and major cloud platforms.

**If you're running Docker, Kubernetes, or any containerized environments, plan an update it to pull the latest runC to version 1.2.8, 1.3.3, or 1.4.0-rc.3 or later. There is a possible exploit that lets attackers escape containers and take full control of your host systems with root privileges. It's not trivial, but why wait for hackers to find a way in. In the meantime, scan your Dockerfiles and use only Dockerfiles from trusted sources.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/container-escape-vulnerabilities-discovered-in-runc-container-runtime-s-3-7-f-p/gD2P6Ple2L

Sunday Trivia Question:

What is this object? 🤔

Describe it's cultural importance in the history of computing 😌🤷‍♂️

#InfoSec #Computing #History #RetroComputing

Alt...

A white ceramic teapot sits on a patterned table surface. The teapot is round with a curved handle and a spout. The lid is also white and curved, fitting snugly on top of the body of the teapot. T he table beneath has a light green background with a grid-like pattern of darker green and white squares. Parts of other objects, like a chair and bottles, are visible in the background, slightly out of focus. Provided by @altbot@fuzzies.wtf, generated privately and locally using Gemma3:27b 🌱 Energy used: 0.084 Wh

Yet another website ("Olo" online ordering app for restaurants) that refuses to work over a #VPN and lies about it.
(Text of the screenshot in the replies, since it's too long for alt text)
🧵1/7
#TechIsShitDispatch #infosec #privacy #Olo

Alt...

Screenshot of a web feedback form. Subject: "How you lost me as a customer" Message in the replies to this post, since it's too long to fit here in the alt text.

Final round of SeaGL talks in 30 min:

* GNU/Linux Loves All from Timmy James Barnett

* Let's create our own tech jobs together following open source principles from Jocelyn Graf

* No More Mystery Brownies: SBOMs, security errata, and the recipe for safer software from Brady Dibble

https://pretalx.seagl.org/2025/talk/

Join freely and anonymously - https://seagl.org/attend

#SeaGL #SeaGL2025 #FLOSSconf #FLOSSevent #Seattle #FediPact #Fediverse #FLOSSmusic #FLOSSbusiness #FLOSSjobs #InfoSec #SBOM

Mack Energy Corporation hit by ransomware attack

Mack Energy Corporation suffered a ransomware attack detected on July 9, 2025, claimed by the Cicada3301 group, which allegedly stole approximately 3.1 terabytes of sensitive data including full names and Social Security numbers. The breach affected at least 413 individuals in Texas but the total number of affected individuals is not disclosed.

****
#cybersecurity #infosec #incident #ransomware
https://beyondmachines.net/event_details/mack-energy-corporation-hit-by-ransomware-attack-i-w-m-f-o/gD2P6Ple2L

Gemini sait maintenant farfouiller dans les emails et les documents persos pour faire des recherches approfondies

https://www.01net.com/actualites/gemini-sait-maintenant-farfouiller-dans-les-emails-et-les-documents-persos-pour-faire-des-recherches-approfondies.html

Que pourrait-il mal se passer ?

#InfoSec

#Meta is earning a fortune on a deluge of fraudulent ads, documents show
https://www.reuters.com/investigations/meta-is-earning-fortune-deluge-fraudulent-ads-documents-show-2025-11-06/
#InfoSec

tfw you can't get the verification code sent by your health insurance company to your email because the IP address it's coming from is listed in Spamhaus AND the email they're sending violates their enforcing DMARC policy. *sigh*
#infosec #DMARC #Spamhaus #SysAdmin #EmailAdmin #healthInsurance

Another Windows update, another fire drill. This time, the October 2025 update is kicking some users into BitLocker recovery mode, and if you don’t know where your recovery key lives, you could lose everything. What’s wild is that BitLocker is actually doing its job. The update just forgot to tell it to chill during reboot. It’s another reminder that the line between “secure” and “unusable” is thinner than most realize.

TL;DR
⚠️ October update breaks BitLocker flow
🔐 Missing key = locked-out data
🧠 Recovery key sits in your MS account
💡 Enterprise fix requires IT rollout

https://www.forbes.com/sites/zakdoffman/2025/11/05/you-could-be-in-trouble-microsoft-confirms-new-windows-update-mistake/

#Windows11 #InfoSec #CyberSecurity #Microsoft #security #privacy #cloud

Is the above #LinkedIn conversation legit or is it #phishing?
#infosec

Is this private #LinkedIn conversation legit, or has my contact's LinkedIn account been compromised? Vote in the poll in the reply!
#phishing #infosec

Alt...

LinkedIn private messaging conversation: HIM: Hi,Jonathan I hope everything is going well with you! I have a friend named [elided], and I’ve already given her a brief introduction about you. She is very eager to have the opportunity to connect with you. If it’s convenient, please share your phone number with me, and I’ll pass it on to her. Thank you very much! ME: Hi [elided]. Thanks for reaching out. Can you be a bit more specific about why Kalina wants to connect? HIM: She's building her network and making more friends You can send me your cell phone number, and I'll have her text you

Regardez ce qu’on m’a offert :3.

#SécuritéInformatique #Infosec

Alt...

Un carnet à mots de passe sur la couverture duquel se trouve une gravure de méduse.

#Eleven11 : Le « fantôme #DDoS » vieux de quatre ans
https://www.undernews.fr/hacking-hacktivisme/eleven11-le-fantome-ddos-vieux-de-quatre-ans.html
#InfoSec

Source : https://www.netscout.com/blog/asert/161-days-eleven11

GCVE Vulnerability Format (Modified CVE Record Format) updated.

#gcve #cve #vulnerability #cybersecurity #infosec

🔗 https://gcve.eu/bcp/gcve-bcp-05/
🔗 Discussions https://discourse.ossbase.org/t/gcve-bcp-05-drafting-best-practices-for-the-container-format-modified-cve-record-format/121/27

If you're requiring everybody at the company to do training so you can show your auditors that everybody did the training, then you're missing the point.
The point of training is to equip people to do the right thing. If the training doesn't accomplish that, then making sure all the boxes are checked is worthless.
What problem is the training trying to solve? Is the training necessary and sufficient to solve it? If you're not answering these questions, you're doing it wrong.
#infosec #compliance

Post-heist reports reveal the password for the Louvre's video surveillance was 'Louvre,' and suddenly the dumpster-tier opsec of videogame NPCs seems a lot less absurd

https://www.pcgamer.com/software/security/post-heist-reports-reveal-the-password-for-the-louvres-video-surveillance-was-louvre-and-suddenly-the-dumpster-tier-opsec-of-videogame-npcs-seems-a-lot-less-absurd/

#itsec #itsecurity #infosec

Someone asked me to hand-translate a publicly posted Chinese technical report about NSA shenanigans on the Chinese Center for Time-Keeping network. It took me a while, because it turns out translating technical corporatese from your third language is very hard when chronically sleep deprived, but it is done.

https://docs.google.com/document/d/1gk1fDLKrN3m5jOSk7QbpGL1SBcLvrm0FTN3H-5ZJZcY/edit?usp=sharing

#nsa #fiveeyes #opsec #infosec #threatintel

Quick question to the blue teamers out there:

What's your take on MITRE ATT&CK Tactics and Techniques? Do you find them useful? If yes, how and in what capacity do you use them? (To the extent that you can and want to share...)

If you could have tactics and techniques extracted from publicly available reports/articles, would that be useful? If yes, why?

(And imagine extracted not just by direct technique referencing, but also indirectly extracted through textual descriptions.)

#Cybersecurity #Infosec #Threatintel

Un fabricant arrête à distance un aspirateur connecté après la désactivation par son possesseur de la fonctionnalité de collecte des données,
L'ingénieur l'a réactivé à l'aide de scripts Python personnalisés

https://embarque.developpez.com/actu/377391/Un-fabricant-arrete-a-distance-un-aspirateur-connecte-apres-la-desactivation-par-son-possesseur-de-la-fonctionnalite-de-collecte-des-donnees-L-ingenieur-l-a-reactive-a-l-aide-de-scripts-Python-personnalises/

#InfoSec

Etonnant non ?
Ou pas...

And this, kids, is why we never ever set up easy-to-guess passwords. Even in testing, even temporarily. Just pwgen it, every time.

https://www.unionesarda.it/en/world/louvre-robbery-security-flaws-the-obviously-password-was-quot-louvrequot-ft1kkp6c

> accessing the museum's video surveillance server required typing the all-too-obvious word: LOUVRE

#InfoSec

I got this banner at the #BlueShieldOfCA website this evening.
The website is asking me to consent to share my "navigation and use activity" with third-party service providers without telling me who they are or exactly what data are shared with them.
These details also don't seem to be available in the website's privacy policy.
This is a shitty, useless consent banner which purports to be there to protect my privacy when in fact it's doing no such thing.
#privacy #infosec #CCPA

Alt...

"We use trusted partners to improve your experience We use third-party service providers to help us operate and manage this website. By clicking Continue, you agree to the collection by and disclosure to third parties of your navigation and use activity on this website. We also use cookies and other tracking technologies to enhance your experience through analyzing our website performance and traffic. By continuing to use our website or mobile application, you understand our use of cookies as described on the Privacy page found at the bottom of this webpage. You can change your cookie settings by selecting Cookie preferences. ["Continue" button]"

The #infosec professionals who tell us that humans are the weakest link in infosec are, themselves, human, so they are the weakest link in infosec and should therefore not be trusted to tell us about the weakest link in infosec.

Happy Halloween (+1)

😱😱😱

#Scammed #OldPeople #AgingParents #InfoSec

Alt...

Text message thread from ’Mom’ Mom› Kamloops BC •-AM I signed up for X now l want to delete it as a whole bunch of charges are now on my mobile phone, I thought it was free, Wrong! So how do I do this please. Me: You've likely been scammed. Just stop doing things and l'Il be over in a bit. Delivered

Crisis averted. She saw ‘Mobil’ (the gas station) on her credit card statement and panicked because she had just set up an X account, after being constantly badgered into it by her Google searches. 🙃

#Scammed #OldPeople #AgingParents #InfoSec

Several months ago, I found a #vulnerability from #MantisBT - Authentication bypass for some passwords due to PHP type juggling (CVE-2025-47776).

Any account that has a password that results in a hash that matches ^0+[Ee][0-9]+$ can be logged in with a password that matches that regex as well. For example, password comito5 can be used to log in to the affected accounts and thus gain unauthorised access.

The root cause of this bug is the incorrect use of == to match the password hash:

if( auth_process_plain_password( $p_test_password, $t_password, $t_login_method ) == $t_password )

The fix is to use === for the comparison.

This vulnerability has existed in MantisBT ever since hashed password support was added (read: decades). MantisBT 2.27.2 and later include a fix to this vulnerability. https://mantisbt.org/download.php

#CVE_2025_47776 #infosec #cybersecurity

Alt...

Root cause of CVE-2025-47776 vulnerability: Use of == instead of === to compare password hashes.

https://cybersecuritynews.com/phantomraven-attack-involves-126-malicious-npm-packages/

#NodeJS and especially the libary repository #NPM is really becoming the PHP security problem of 2025.

Another breach of libaries hosted on npm, this time 126 malicious npm packages that have collectively accumulated over 86000 downloads are affected

#infosec #cybersecurity #clownsecurity

Editing a draft of an internal #infosec policy spreadsheet. (I hate security-by-spreadsheet!)

I am seriously on a campaign to stomp out the use of the word comprehensive. It virtually never adds anything. It's rarely true. We routinely forego being "comprehensive" in order to be "efficient."

Like emdashes and 3-item bulleted lists, it's also a favourite output of LLMs.

Alt...

Screenshot showing Microsoft Excel's find and replace dialog. In the find box it says "comprehensive" and in the replace box it says nothing at all. There's a pop up that says "All done. We made 89 replacements." That is: we deleted 89 instances of the word comprehensive.

Looks like somebody broke into #atari's #Sendgrid account and used it to send a bunch of phishing emails.
No explanation given for how; perhaps @zackwhittaker can wheedle it out of them.
Since it says here that they've "secured" the account, my guess is a bad password (or infostealer) + no #2FA. The most obvious explanation is usually the correct one.
Though I suppose a cracked Lastpass vault is also a possibility.
#infosec #breach

Alt...

Email screenshot. From "Atari - Update <update@atari.com>". Subject "Official notice from Atari – Ignore recent phishing emails pretending to be us". Atari logo. Text: Earlier this week, an unauthorized party gained limited, temporary access to our third-party email service provider and used it to send phishing emails. These emails were not sent by anyone from Atari. We have already identified and resolved the issue, secured the account, and while our investigation is ongoing, upon initial review it appears that no personal information, customer data, or internal systems were accessed or compromised. If you received a suspicious or unexpected email from Atari between October 21 and October 30, please delete or ignore it. We sincerely apologize for any confusion or inconvenience this may have caused. Protecting our community’s trust and security is extremely important to us, and we are taking additional steps to further safeguard our systems going forward. If you have any questions or concerns, please feel free to reach out to us at https://atari.com/pages/contact.

Who would win? A quarter-trillion dollar industry or these four horsemen?

#INFOSEC

Alt...

Bob's Burgers scene with four Equistricles; four men dressed up as Equistranauts. They are labeled "Default / Hardcoded Creds", "SQLi", "Running as root / admin / SYSTEM", and "../".

New "Brash" Exploit Crashes #Chromium Browsers Instantly with a Single Malicious URL

https://thehackernews.com/2025/10/new-brash-exploit-crashes-chromium.html

#InfoSec

RedTiger, un nouvel infostealer sur #Discord
https://www.undernews.fr/malwares-virus-antivirus/redtiger-un-nouvel-infostealer-sur-discord.html
#InfoSec

#PhantomRaven Malware Found in 126 npm Packages Stealing #GitHub Tokens From Devs
https://thehackernews.com/2025/10/phantomraven-malware-found-in-126-npm.html
#InfoSec

#Infosec folks at CERN just released a new version of their cheatsheet for forensics investigations in #Linux:

https://gitlab.cern.ch/ComputerSecurity/public/forensics-cheatsheet/-/releases

Yesterday I deployed a change on www.bbc.co.uk/.com, account.bbc.com, our main media mediation service etc. which soft-disabled TLS 1.0 & 1.1.

Requests over TLS 1.0/1.1 on ^ result in an error page (inc link to a feedback form).

So far I've uncovered a load of internet junk inc. a fleet of old TVs in Asia which poll our weather pages for their local forecast but nothing's been reported broken yet.

Really wish the web had a deprecation strategy. This is a lot of work.

#WebDev #InfoSec #BBC

23 days later, I'm trying to download my monthly Discover statement, and I still have to override the user agent string in my browser and claim that I"m using an _older_ version of the browser than I'm actually using in order to get the #Discover website to let me log in.
🤦
#infosec #fail

Tout va bien !

Les États-Unis sont désormais leaders mondiaux en matière d'investissement dans les logiciels de surveillance,
Tandis que les fonds publics européens affluent vers l'industrie des logiciels espions

https://securite.developpez.com/actu/377152/Les-Etats-Unis-sont-desormais-leaders-mondiaux-en-matiere-d-investissement-dans-les-logiciels-de-surveillance-tandis-que-les-fonds-publics-europeens-affluent-vers-l-industrie-des-logiciels-espions/

#InfoSec

Please for the love of fuck, do not under any circumstances give a surveillance app access to your address book/contacts. You are snitching out all of our personal information that we trusted you with.

Why am I reminded of this once again? Because I went on FB for one of the few groups that's only there and noticed the People You May Know had a suggestion for someone I went on two dates with a couple years ago. There is no other way they could've made that connection unless she granted access to their app.

I think from now on, I'm only going to give date matches my Signal username. If they don't or won't use Signal, we're probably not a match anyway. Or maybe I'll just get an anonymous virtual SIM for things like that.

#security #privacy #infosec

[Source] The Day My Smart Vacuum Turned Against Me

https://codetiger.github.io/blog/the-day-my-smart-vacuum-turned-against-me/

#InfoSec

En français 🇫🇷 ici : https://www.numerama.com/cyberguerre/2103247-le-jour-ou-mon-aspirateur-intelligent-sest-retourne-contre-moi-un-developpeur-raconte-comment-un-produit-bon-marche-a-cartographie-son-domicile.html

Qui aurait pu prédire ?

Les lunettes Ray-Ban Meta déjà transformées en outil d'espionnage

https://www.generation-nt.com/actualites/meta-lunettes-ray-ban-gen-2-display-piratage-led-vie-privee-2064958

#InfoSec

I would like to believe that if the US federal government weren't completely fucked up right now then OpenAI and the other AI parasites with a nexus in the US would have been criminally charged by now with violating the #CFAA by actively circumventing the crawling protections added recently to websites specifically to block them.
Alas, the government is too busy engaging in vindictive prosecution of #Trump's enemies who aren't actively bribing him.
#infosec #AI
Ref: https://darmstadt.social/@claudius/115436859378534835

What kind of person emails someone to say "I can put your static site in an IFRAME", declare it a security vulnerability, and when told "it's a personal website..." demand a bug bounty and a mention on the front page?

Edit - even better, the "description of vulnerability" is a bunch of stuff copy-pasted from the OWASP TOP10.

#infosec

Why websites shouldn't indiscriminately block VPN users

I convinced a state senator that government websites indiscriminately blocking VPN users is bad. Here's the case I made, which you can use yourself to keep fighting the good fight.

https://blog.kamens.us/2025/10/25/why-websites-shouldnt-indiscriminately-block-vpn-users/
#VPN #infosec #UserExperience #UX #MassachusettsRMV #WillBrownsberger

hop je suis en congés donc c'est pile poil le moment pour aborder un sujet professionnel ! ( ne cherchez pas, c'est une logique imparable).

at $dayjob, on réfléchi a regarder éventuellement a se fzire certifier iso27001 (mais on a un peu peur de la norme).

du coup, ceci est une request for comment (oui, une rfc) sur la norme iso27001,

• est ce que c'est toujours d'actualité ou il y a des certifications plus récentes (et plus agile™).
• est ce qu' ebios c'est dans la norme ou j'y comprends rien et c'est autre chose ?
• avez vous déjà fait une certification de ce type (retour très apprécié)
• connaisez vous des organismes qui accompagne ce genre de certification ?

Microsoft releases emergency patches for actively exploited critical WSUS Deserialization flaw

Microsoft released emergency patches for CVE-2025-59287, a critical remote code execution vulnerability in Windows Server Update Services that has been actively exploited in the wild since October 24, 2025. The flaw was originally patched in October 2025 update, but the original patch proved insufficient. The flaw is potentially wormable across enterprise networks and affects all Windows Server versions with the WSUS Server Role enabled.

**If you have Windows servers with WSUS enabled, prioritize patching with the Microsoft's October 23, 2025 out-of-band security update for CVE-2025-59287 and reboot - this vulnerability is actively exploited in the wild. Even if you already installed October's regular patches, you must apply this emergency update since the initial fix was incomplete.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/microsoft-releases-emergency-patches-for-actively-exploited-critical-wsus-deserialization-flaw-6-z-d-p-u/gD2P6Ple2L

I'm going to put this out there to all the #infosec people who want to disagree: I still prefer a password plus USB-connected #2FA token to the #passkey system, and I wish websites would stop trying to push me to what is effectively a single point of failure.

#security #passwords

rate my Subdomain on my Domain

https://i.hate.you

#CyberSecurity #InfoSec #domains #subdomain #programming #ProgramerHumour #Privacy

Apparently tons of people registered accounts on tons of platforms with i@hate.you

Not knowing that .you would come to exist in 2025.

Lmfao

#CyberSecurity #InfoSec #domains #subdomain #programming #ProgramerHumour #Privacy

Qui aurait pu prédire ?

« Un cauchemar pour la vie privée » : #ChatGPT #Atlas est accusé de collecter des données sensibles

https://www.01net.com/actualites/cauchemar-vie-privee-chatgpt-atlas-collecter-donnees-privees.html

#InfoSec

SpaceX disables 2,500 Starlink terminals allegedly used by Asian scam centers
https://arstechnica.com/tech-policy/2025/10/starlink-blocks-2500-dishes-allegedly-used-by-myanmars-notorious-scam-centers/
#InfoSec

Le site officiel de Xubuntu piraté pour distribuer un malware Windows
https://www.generation-nt.com/actualites/xubuntu-piratage-malware-windows-cryptomonnaie-2064616
#InfoSec #gnu #Linux

Ceci expliquant celà !

#Amazon aurait remplacé 40 % de ses effectifs DevOps #AWS par l'#IA quelques jours avant la panne majeure qui a mis hors service un large pan d'Internet

https://intelligence-artificielle.developpez.com/actu/377006/Amazon-aurait-remplace-40-pourcent-de-ses-effectifs-DevOps-AWS-par-l-IA-quelques-jours-avant-la-panne-majeure-qui-a-mis-hors-service-un-large-pan-d-Internet-et-paralyse-des-institutions-financieres/

#InfoSec

@GossiTheDog @campuscodi critics question why the basic flaws being exploited — buffer overflows, command injections, SQL injections — remain prevalent in mission-critical codebases maintained by companies whose core business is cybersecurity.
#infosec #firewall #f5 Citrix NetScaler, Ivanti, Fortinet, Palo Alto Networks, Cisco, SonicWall, and Juniper.

131 Chrome Extensions Caught Hijacking WhatsApp Web for Massive Spam Campaign
https://thehackernews.com/2025/10/131-chrome-extensions-caught-hijacking.html
#InfoSec #Hijack

Deux failles importantes de sécurité découvertes dans 7-Zip
https://next.ink/brief_article/deux-failles-importantes-de-securite-decouvertes-dans-7-zip/
#InfoSec

The DOJ just seized $15B from a “pig butchering” 🐷 scam so large it reads like fiction. But the worst part isn’t the money — it’s that much of it ran on forced labor. People are trafficked into compounds, running fake romances to scam others online. What’s striking is the scale: well-educated professionals lost life savings to criminals who themselves were victims. It’s a grim feedback loop of exploitation, loneliness, and tech-enabled deceit.

⚠️ $15B seized from crypto scam
💔 Forced labor behind the fraud
🔐 Victims on both sides of the screen
🌍 FBI: “Human suffering” at global scale

https://arstechnica.com/tech-policy/2025/10/feds-seize-15-billion-from-alleged-forced-labor-scam-built-on-human-suffering/
#Cybercrime #HumanTrafficking #OnlineSafety #Fraud #security #privacy #cloud #infosec #cybersecurity #RomanceScam #PigButchering

ipgrep is a #linux CLI tool that doesn't search by regex, but by IP-CIDR:

https://github.com/ossobv/ipgrep

It can come in handy when you're debugging route tables, firewalls, extracting IPs or networks from text files...

Example:

```
$ ipgrep -m within 127.0.1.0/24 /etc/hosts
127.0.1.1 wortel.kiwi wortel
```

Written in #rust #rustlang . My #infosec #cybersecurity peers might appreciate it.

Alt...

The image shows a prompt of ipcalc piped to ipgrep. ipcalc outputs IP network information, in this case 192.168.32.0/19 among others. ipgrep searches for 192.168.43.21 and finds 192.168.32.0/19. The match is colorized, as with regular grep. And 1 line of context is shown above and below the match.

***infosec specialists are needed in the resistance ***

The world needs tech security specialists to run workshops at public libraries for all ages & abilities to remove spyware, AI, reduce surveillance, understand the issues, & for more advanced, move to Linux, degooglefy, etc.

(Some) Libraries will pay for these workshops. There may be grants too.
If you have these skills, please consider offering them.

#libraries #library #tech #infosec #privacy #security #activism #antifa #resistance

Suivi réseau : comparer des scans #Nmap avec l’outil #ndiff
https://www.it-connect.fr/ndiff-comparer-des-scans-nmap/
#InfoSec

If you use F5 anything, run, do not walk: https://my.f5.com/manage/s/article/K000156572

#f5 #infosec

F5 piratée (et pas qu’un peu) par un État-nation : des mises à jour à installer d’urgence !
https://next.ink/204777/f5-piratee-et-pas-quun-peu-par-un-etat-nation-des-mises-a-jour-a-installer-durgence/
#InfoSec

#memes #InfoSec #cybersecurity

Alt...

This is a meme about old-school computer security. The top of the image features text that reads, "IT security in 1990s". Below this text is a photo of a beige and clear plastic storage box filled with 3.5-inch floppy disks. The box has a small lock on the front with a key in it, which is highlighted by a red circle. The bottom half of the image is a screenshot of a tweet from a user named Bear (@BearJFK). The tweet says, "Laugh all you want, but the information on those floppies can't be hacked from half a world away." The joke contrasts the simple, physical security of the past with the modern threat of remote digital hacking.

imagine explaining to a future historian that the collapse of US national security began because someone couldn’t resist illegally storing 187,000 AI-generated robot nudes on a DOE server.

not espionage. not sabotage. just vibes 💀 #AI #infosec

I knew that HTTPS Everywhere was basically obsolete due to browsers adopting that setting natively.

What I didn’t know was that the original domain that shipped HTTPS Everywhere rulesets, had been:

• abandoned by the maintainers,
• since obtained by someone else
• made to redirect to a known malware site

https://lists.debian.org/debian-lts-announce/2025/10/msg00011.html

#HTTPSEverywhere
#MalwareEverywhere
#Infosec

Pixnapping: a new Class of Attacks that allows a malicious Android App to stealthily leak Information displayed by other Android Apps or arbitrary Websites. Sucessfull demos on Google and Samsung phones #Infosec #Hacking #Android https://www.pixnapping.com/

Alt...

Android logo and banner

Why am I not surprised? If you missed this:

"Researchers found a stunning variety of data—including thousands of T-Mobile users’ calls and texts and even US military communications—sent by satellites unencrypted."

Wired: Satellites Are Leaking the World’s Secrets: Calls, Texts, Military and Corporate Data https://www.wired.com/story/satellites-are-leaking-the-worlds-secrets-calls-texts-military-and-corporate-data/ @WIRED @agreenberg @mattburgess #cybersecurity #Infosec #privacy

2 ans après sa découverte, la campagne de Cyberspionnage par clés USB infectées (potentiellement distribuées lors de salons professionnels) menée par le groupe de Hackers chinois Mustang Panda continue de hanter l'industrie maritime #Infosec #Malwares https://www.clubic.com/actualite-582661-les-goodies-gratuits-deguises-en-cles-usb-sont-bien-devenus-le-cauchemar-du-monde-maritime.html

Most of you reading this probably won't be surprised by this, but it's worth spreading the word (along with recommendations to mitigate risks) ....

🗨️ "Law enforcement officials may have deployed a secretive cellphone surveillance technology last weekend at Portland’s Immigration and Customs Enforcement (ICE) facility."

https://san.com/cc/exclusive-fake-cellphone-tower-likely-surveilled-protesters-at-portland-ice-facility/

#Portland #PDX #PortlandOR #PortlandOregon #Oregon #ICE #privacy #infosec #Stringray

GitHub continues war against own users.

Next: Remove support for standard 2FA/TOPT protocol, and introduce weekly expiry for <s>passwords</s> API tokens.

https://github.com/orgs/community/discussions/174505

https://github.com/orgs/community/discussions/174506

Context:
https://github.blog/security/supply-chain-security/our-plan-for-a-more-secure-npm-supply-chain/

#github #SupplyChain #npm #infosec

Nuts.

"Nearly one in five high schoolers in the US — 19 percent — say that they or a friend have used AI to have a romantic relationship,"

"Over a third of the teenagers said it was easier to talk to AI than to their parents. Those parents, by contrast, feel left in the dark: two thirds of them said that they have no idea how their kids are using AI."

Futurism: Research: An Astonishing Proportion of High Schoolers Have Had a “Romantic Relationship” With an AI https://futurism.com/artificial-intelligence/high-schoolers-romantic-relationship-with-ai @Futurism

Center for Democracy and Technology survey, from October 8: Hand in Hand: Schools’ Embrace of AI Connected to Increased Risks to Students https://cdt.org/insights/hand-in-hand-schools-embrace-of-ai-connected-to-increased-risks-to-students/ #AI #cybersecurity #infosec

@mttaggart

I don't know if this is explicitly a problem per se, but it is wild how useless the #cybersecurity, #infosec, and #threatintel hashtags have become. All I see is the most insipid LinkedIn-level clickbait. It's a shame that one of our best discovery methods in Fedi has been coopted by engagement farmers.

Understanding the Efficacy of Phishing Training in Practice

"Combined with the bulk of empirical evidence from other studies involving
real-world, controlled experiments, our results suggests that organizations should not expect large anti-phishing benefits from either annual security awareness training or embedded phishing as commonly deployed today."

In addition, the overall cost on third-party organisations doing incident response should not exclude the impact of false-positive reports, pre-notifications of phishing campaigns, or even worse, attackers abusing such awareness campaigns.

#cybersecurity #infosec

🔗 https://people.cs.uchicago.edu/~grantho/papers/oakland2025_phishing-training.pdf

RE: https://infosec.exchange/@UYBHYS/115342659808677542

Glad to present at #UYBHYS with @cedric our work on GCVE and Vulnerability Lookup, facilitating vulnerability management and publishing through a fully open-source stack.

🔗 Online version https://vulnerability.circl.lu/
🔗 github.com/vulnerability-lookup
🔗 https://gcve.eu/

#vulnerability #vulnerabilitymanagement #cybersecurity #infosec #cve #gcve

@gcve @circl

Hack in Days of Future Past boosted

Unlock Your Brain » 🌐 2025-10-09
@UYBHYS@infosec.exchange

#UYBHYS [Samedi 8/11 11h15] TALK de Cédric Bonhomme (@cedric) et Alexandre Dulaunoy (@adulau) du @circl :

Advancing Vulnerability Tracking and Disclosure Through an open and distributed platform

https://www.unlockyourbrain.bzh/conferences

#UYBHYS25

Alt...

Bannière UYBHYS avec les photos des intervenants, le titre du talk et les sponsors de la conférence

In the hope that this might reach someone who might some day be in a position to decide whether to allow #VPN traffic to their app…
Please understand that this does not just impact your app.
Most devices run background apps that use the network frequently, including privacy-critical apps like Signal.
When you make someone turn off their VPN to use your app, the background traffic for all those _other_ apps also stops using the VPN.
Don't be an #infosec asshole. Stop blocking VPN traffic.

I wish companies would involve people who actually understand the fundamentals of #infosec and #UX design when building functionality like this, instead of just letting loose clueless engineers who look at the problem, say to themselves, "Six digits good. Ten letters BETTER!" and build stupid shit.

When you log into #Bluesky, it emails a security code you need to enter.
Here's a recent code I was sent: FPTQS-MPJJG
This is dumb.
6-digit codes are the gold standard for two critical reasons: (1) the range of a million possible codes is more than enough for adequate security; (2) most people can briefly memorize a 6-digit code almost instantaneously for long enough to enter it into another app.
10-letter codes are harder to use and add no appreciable security.
#infosec #UX

Electronics giant Avnet reports data breach affecting EMEA operations

Electronics distributor Avnet confirmd a data breach involving externally hosted cloud storage where threat actors stole approximately 1.3TB of compressed data (7-12TB raw) containing PII and operational details. The company claims the data isn't easily readable without proprietary tools but that's contradicted by threat actors publishing plaintext samples on dark web leak sites.

****
#cybersecurity #infosec #incident #databreach
https://beyondmachines.net/event_details/electronics-giant-avnet-reports-data-breach-affecting-emea-operations-i-v-y-j-f/gD2P6Ple2L

Les autorités des USA en charge de l'immigration envisagent de créer une équipe de surveillance des réseaux sociaux,
Une initiative similaire au projet de surveillance de masse dénommé ChatControl en UE
https://securite.developpez.com/actu/376483/Les-autorites-des-USA-en-charge-de-l-immigration-envisagent-de-creer-une-equipe-de-surveillance-des-reseaux-sociaux-une-initiative-similaire-au-projet-de-surveillance-de-masse-denomme-ChatControl-en-UE/
#InfoSec #InfoTech

🆕 openSUSE Leap 16 is out, featuring major upgrades:
– Built on SUSE Linux Enterprise 16 for seamless migration & enterprise-level QA 🔧
– 24 months free support, with updates planned till 2032 🛡️
– New web-based Agama installer supports remote setups 🌐
– SELinux now default for stronger security 🔒
– Wayland-first, 64-bit only, Y2038-ready 💻

🔗 https://news.itsfoss.com/opensuse-leap-16-release/

#TechNews #Linux #OpenSUSE #FOSS #OpenSource #CyberSecurity #Wayland #SELinux #InfoSec #SysAdmin #DevOps #Privacy #Cloud #Software

https://github.com/macports/macports-ports/pull/28592

GitHub Continuous Integration checks passed OK!

Alas, the agent.patch that iamGavinJ had created, doesn't apply cleanly, in large part because ssh-agent.c has been reworked significantly with this release.

Subsequently, I closed this previous Pull Request: https://github.com/macports/macports-ports/pull/28592 not because I didn't want to restore that functionality to launchd, but because it will require more effort than I can give such things at this time.

But, check out these improvements to ssh-agent from the OpenSSH 10.1 release notes:

"ssh-agent(1)](https://man.openbsd.org/ssh-agent.1), sshd(8): move agent listener sockets from /tmp to
under ~/.ssh/agent for both ssh-agent(1) and forwarded sockets
in sshd(8).

This ensures processes that have restricted filesystem access
that includes /tmp do not ambiently have the ability to use keys
in an agent.

Moving the default directory has the consequence that the OS will
no longer clean up stale agent sockets, so ssh-agent now gains
this ability.

To support $HOME on NFS, the socket path includes a truncated
hash of the hostname. ssh-agent will, by default, only clean up
sockets from the same hostname.

ssh-agent(1) gains some new flags: -U suppresses the automatic
cleanup of stale sockets when it starts. -u forces a cleanup
without keeping a running agent, -uu forces a cleanup that ignores
the hostname. -T makes ssh-agent put the socket back in /tmp."

Anyway, I updated this as well:

https://trac.macports.org/ticket/72482

I should probably actually close this ticket now that I think of it (fingers crossed that adding that to the PR is sufficient, since I forgot to add that note to the commit message as is typically preferred: https://trac.macports.org/ticket/73084).

#OpenSSH #MacPorts #SecureShell #macOS #encryption #security #infosec

#Discord reconnait une fuite de données personnelles et de documents internes
https://next.ink/203013/discord-reconnait-une-fuite-de-donnees-personnelles-et-de-documents-internes/
#InfoSec

Broadcom has stopped delivering automated updates to #VMware Fusion and Workstation. All updates have to be downloaded and installed manually from the Broadcom Support Portal (as a side note: This portal is one of the worst corporate "support" websites I've seen in the last decade).

This is terrible. It will lead to tens of thousands of VMware installations remaining vulnerable to trivially exploitable flaws, for example, local privilege escalation via CVE-2025-41244 https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36149

BTW, Please note that to fix CVE-2025-41244 you must now manually download the correct VMware Tools package from the support portal, unpack the zip, mount the ISO image, and then execute the setup.exe from the mounted ISO image. There is currently no VMware releases that include the fixed VMware Tools, so if you create any new VMs you MUST install the update manually to each new VM. Did I already mention this is terrible?

#enshittification #infosec #cybersecurity

Alt...

VMWare Tools vulnerable to CVE-2025-41244 installed.

We're seeing requests to www.bbc.com return to normal-looking levels from Afghanistan - since about midday UTC today (1st Oct 2025).

#Afghanistan #Censorship #WebDev #InfoSec #Taliban

Alt...

Graph of average (mean) requests per second to www.bbc.com from Afghanistan which goes from essentially zero all day today (beginning at midnight) to a regular-ish looking number of requests per second from about midday (UTC)

I find it mind-boggling that any sales rep at any company would think that an unsolicited #LinkedIn connection request like this would accomplish anything other than to seem creepy and repel the recipient.
I mean, I reject connection requests from sales reps in general, but "I tried to call but was unable to reach you"? Seriously? This is just gross.
I don't want your calls. I don't want to connect with you on LinkedIn. Just leave me the fuck alone.
#infosec #ThreatSpike

Alt...

Screenshot of LinkedIn connection request from "Nathan Taylor", "Security Representative, ThreatSpike". It reads as follows: "I tried to call but was unable to reach you. I was curious as to how often you run penetration tests? Here at ThreatSpike we offer a fixed-price, subscription-based Pen Testing & Red Teaming service. It’s unlimited, human-led (not automated), and eliminates the need for lengthy scoping calls."

New term: “camera snitch” (noun): that one person in a routine Teams meeting that turns the camera on, passive-aggressively forcing everyone else to turn their cameras on (to avoid looking suspicious).
#WFH
#InformationSecurity
#InfoSec

Pleasantly surprised to find out that our commercial web CDN partner for www.bbc.com & www.bbc.co.uk has enabled Post-Quantum Crypto.

So if you're using a modern web browser (Chromium & Firefox both support it) & are outside the UK, you'll automatically be using a quantum computer-resistant TLS key exchange mechanism (ML-KEM AKA Kyber) and (as far as we know) your traffic cannot be intercepted, stored & latterly decrypted when viable quantum computers come along.

#TLS #PQC #InfoSec #Privacy