It was super fun to interview @jerry for this week's episode of the Infosec Sidekick Podcast!
I had wanted to do this a while back; when the heat of the twitter migration was taking place, but I almost feel like now was a better time.
With the dust somewhat settled, @jerry and I talk about Information Sharing, Community Building, and how Mastadon plays a role in that.
I genuinely appreciate this conversation and hope it can provide you some value and entertainment throughout your week.
You will be sure to find gems in this episode, such as the unlikely comparison to twitter vs mastadon as Monsters Inc. Power Generation (don't ask, just listen lol)
Edit: Thank you all for boosting and answering.
I would love to make the Open Space format better known in the cybersecurity context. I think it is a valuable addition to existing formats such as traditional conferences or #BSides
If you would like to learn more about Open Space see my follow up posts
If you participated in Open Space events (in any domain) please share your experience.
Apparently spiderfoot got bought out and I don't know how much longer the github project will be in a working state. Found two alternatives I want to try, but been thinking about writing potentially my own.
One of the issues I've found with sf is the sheer number of modules that frankly aren't really efficient and/or cost money for the api. Started looking at a bunch of apis for some specific things I like to use osint for and going to try to figure out which ones are both effective and efficient. Will be a fun project I think to also hone in my research skills, but I anticipate it will take a while to design and build since I want to do this one right and properly.
Jack Posobiec (White supremacist that believes in conspiracies such as the white genocide conspiracy)
Jim Jordan (One of the main players to planning Jan 6th)
Matt Gaetz (A pedophile and operated a sex ring, but never was charged (fuck you justice department))
Steve Bannon (The fraudster that scammed trump supporters for a fake company to build Trump's wall)
-Vivek Ramaswamy (New face, but is young and likable. Dropped out of presidential nominee bid, but probably got a promise of a cushy job position in Trump's administration, from looks of things)
JD Vance (Didn't originally like Trump, but changed his opinion in 2018 and started spewing out many points from The Heritage, The Family Leader, etc)
Tommy Tuberville (One of the senators that helped to overturn the presidential election in 2020 and closely allied with Trump)
Kristi Noem (Governor of South Dakota, that is a terrible governor and well... I don't want to go into too much right now)
All seem to possibly be conspiring to overthrow the government. Articles are here:
This is all going off of this screenshot, which is a direct threat and should be taken seriously. I quickly put together this and uploaded what I could grab.
Because these posts scroll away, I have posted something on DataBreaches.net about the discrepancies between what Raptor Technologies has told school districts and WIRED and what we know about the incident -- and what we don't know yet:
Adobe Magneto: una pericolosa minaccia RCE per i siti di e-commerce
Gli specialisti di Sicurezza Informatica hanno avvertito che gli #hacker stanno già sfruttando una nuova #vulnerabilità in #Magento (CVE-2024-20720) e l'utilizzatore per implementare una #backdoor persistente sui siti di e-commerce.
Attacco agli ATM riuscito! Un Tasso del 99% di Efficacia Spaventa tutte le Banche Europee
Nello spazio #digitale si sta diffondendo attivamente un nuovo tipo di #malware#ATM. Il suo tasso di successo, secondo i suoi autori, raggiunge il 99%.
Questo #software dannoso, chiamato “EU ATM Malware”, è in grado di #hackerare quasi tutti gli sportelli #bancomat in #Europa e circa il 60% degli sportelli bancomat in tutto il mondo, il che rappresenta una #minaccia significativa per la sicurezza bancaria globale..
🛡️ Researchers uncover details of 3 vulnerabilities in #Azure HDInsight's Apache Hadoop, Kafka, and Spark services that could have allowed attackers root access and system disruption.
Ever wondered why cyber attacks seem unstoppable? It's the identity blind spots! Check out how Silverfort's platform fills this crucial gap, ensuring rapid detection and containment of compromised accounts.
In every instance that I’ve discovered shadow IT in an environment, I’ve eventually found someone in IT who knew about it and/or implicitly/explicitly enabled it. I hate to think it, and I understand there are always reasons but…
The call is coming from inside the house.
That means Shadow IT isn’t really in the shadows, and the solution has to start inside IT itself.
Navigating the complexities of cyber threats requires more than just out-of-the-box settings. Learn how intent-based configurations can lead to more resilient cybersecurity frameworks.⤵️