Nonya_Bidniss, 1 hour ago to infosec

Any #infosec folks recommend the best #cyber contractor hiring in vicinity of Ft. Eisenhower? (Ft. Gordon). A friend is looking for an established contractor with good benefits hiring people at GS-13 equivalent level to staff CYBERCOM, TRADOC or other major commands. #USArmy

chiefgyk3d, 2 hours ago to infosec

Live now on Twitch with I got a surprise in the mail | Fallout 4 | Cybersecurity and Gaming on Linux. Join in: https://twitch.tv/chiefgyk3d #TechTalk #Infosec #Linux #Cybersecurity #Streamer

percepticon, 3 hours ago to Cybersecurity

Australia Faces Unprecedented Cyber Threats Amid Support for Ukraine https://thecyberexpress.com/cyber-army-russia-reborn-cyberattack-australia/?utm_source=dlvr.it&utm_medium=mastodon #cybersecurity #infosec

TehPenguin, 4 hours ago to random

I've been helping to investigate a few LLVM and Rust bugs recently, and I keep running into pet peeves with how these bugs are reported, so I'm going to put together some #RulesForBugFiling

I don't want to discourage anyone from filing a bug, please do! But... be aware with how you represent the issue that you're seeing.

I also know that there are folks on here who are vastly more knowledgeable than I am, so feel free to suggest corrections, perhaps by filing some sort of report...

osma, 4 hours ago to infosec

Just as we got a conviction in the #Vastaamo case, now #Helsinki primary education IT has been breached and 120k students', parents' and teachers' info has been stolen.

Details are sparse, but parts of what has been revealed sound like a #Office365 #breach to me. Not confirmed though.

"Possibly the largest data breach affecting [Finland's] municipal sector"

#infosec

https://yle.fi/a/74-20088448

mysk, 6 hours ago to privacy

iOS 17.5 fixes the marketplace URI bug that we showed it could result in tracking users across websites:

CVE-2024-27852

#privacy #iOS #Apple #DMA #EU #infosecurity #InfoSec

https://support.apple.com/en-us/HT214101

percepticon, 8 hours ago to Cybersecurity

Swiss federal agencies use Russian computer programs - RSI https://insightnews.media/swiss-federal-agencies-use-russian-computer-programs-rsi/?utm_source=dlvr.it&utm_medium=mastodon #cybersecurity #infosec

pootriarch, 8 hours ago to infosec

i have been reworking some security bits and a friend got swept up in my sand traps. he's on iOS, isn't a techie, doesn't think he's using a VPN or using special security/privacy settings — but his traffic is coming from CDN addresses (akamai, cloudflare). something's going on that i didn't know about. can anyone point me to learning links?
#infosec

percepticon, 10 hours ago to Cybersecurity

Russian hackers as Kremlin’s cyberwarfare sandworms - Le Figaro https://insightnews.media/russian-hackers-as-kremlins-cyberwarfare-sandworms-le-figaro/?utm_source=dlvr.it&utm_medium=mastodon #cybersecurity #infosec

neurovagrant, 10 hours ago to Cybersecurity

Whole lot of IDN Homoglyph Attack registrations via GoDaddy and hosted on Amazon the past few days. Examples from yesterday and today:

xn--fcbook-pta36b[.]com (fácębook[.]com)

xn--xnt-rmal15isb[.]com (xƭínïtƴ[.]com)

xn--xnt-vmag15isb[.]com (xƭînïtƴ[.]com)

xn--goole-b3b[.]com (gooǵle[.]com)

#cybersecurity #infosec #threatintel

nixCraft, 12 hours ago to debian

DNSCrypt-proxy is an open-source and free software designed to encrypt DNS traffic, thus protecting it from eavesdropping and manipulation. Let us see how to install DNSCrypt-proxy on a #Debian #Linux 11/12 with Adblocker or Malware blocker https://www.cyberciti.biz/faq/installing-dnscrypt-proxy-on-debian-linux/ #infosec #security

johnleonard, 13 hours ago to infosec

MoD hack: IT contractor concealed major hack for months

SSCL was reportedly awarded a contract worth over £500,000 in April, despite the breach occurring weeks earlier

https://www.computing.co.uk/news/4207119/mod-hack-contractor-concealed-major-hack-months

#infosec #technews #sscl #soprasteria #mod #uk

Freyja, 17 hours ago to infosec French

Solarwinds: Bonjour on vous vend une super solution de gestion d'accès

Also Solarwindws: ha oui on a hardcodé des credentials comme ça on est certains d'y avoir accès sans votre autorisation

Hacker: thanks.

#infosec

https://securityonline.info/hard-coded-credentials-cve-2024-23473-rce-cve-2024-28075-flaws-patched-in-solarwinds-arm/

chiefgyk3d, 1 day ago to Twitch

Today is Mother’s Day so I took my grandmother out for lunch and having dinner with my aunt. I may be on Twitch later this evening than usual.

#twitch #mothersday #cybersecurity #infosec #gaming #gamingonlinux

percepticon, 1 day ago to Cybersecurity

It's Possible to Hack 'Tetris' From Inside the Game Itself https://www.wired.com/story/hack-tetris-from-inside-game-high-score/?utm_source=dlvr.it&utm_medium=mastodon #cybersecurity #infosec

percepticon, 1 day ago to Cybersecurity

Bundeswehr: Webex für externe Kommunikation gesperrt https://www.heise.de/news/Bundeswehr-setzt-Webex-Nutzung-fuer-externe-Kommunikation-aus-9711962.html?wt_mc=rss.red.ho.top-news.atom.beitrag.beitrag&utm_source=dlvr.it&utm_medium=mastodon #cybersecurity #infosec

mttaggart, 1 day ago to rust

Late-night #BlueTeam tool release!

Introducing entropyscan-rs, a #RustLang entropy scanner for analyzing files and directories during incident response. Used carefully, this can quickly identify likely malware when not all stages of an attack have been discovered, such as during a web server compromise without adequate logging. Enjoy!

github.com/mttaggart/entropyscan-rs

#CyberSecurity #InfoSec

paul, 1 day ago to infosec

North Korean hackers crack DMARC to spoof emails from trusted sources

North Korean state-sponsored threat actors are abusing misconfigurations in DMARC to send convincing phishing emails and gather vital intelligence from Western targets~impersonating journalists, officials have warned.

#infosec #hacking #security

https://www.techradar.com/pro/security/north-korean-hackers-crack-dmarc-to-spoof-emails-from-trusted-sources

percepticon, 1 day ago to Cybersecurity

A (Strange) Interview the Russian-Military-Linked Hackers Targeting US Water Utilities https://www.wired.com/story/cyber-army-of-russia-interview/?utm_source=dlvr.it&utm_medium=mastodon #cybersecurity #infosec

percepticon, 2 days ago to Cybersecurity

APT42 Hackers Pose as Journalists to Harvest Credentials and Access Cloud Data https://thehackernews.com/2024/05/apt42-hackers-pose-as-journalists-to.html?utm_source=dlvr.it&utm_medium=mastodon #cybersecurity #infosec

percepticon, 2 days ago to Cybersecurity

US, UK authorities unmask Russian national as LockBit administrator https://cyberscoop.com/us-uk-authorities-unmask-russian-national-as-lockbit-administrator/?utm_source=dlvr.it&utm_medium=mastodon #cybersecurity #infosec

percepticon, 2 days ago to Cybersecurity

New attack leaks VPN traffic using rogue DHCP servers https://www.bleepingcomputer.com/news/security/new-tunnelvision-attack-leaks-vpn-traffic-using-rogue-dhcp-servers/?utm_source=dlvr.it&utm_medium=mastodon #cybersecurity #infosec

percepticon, 2 days ago to Cybersecurity

UK confirms Ministry of Defence payroll data exposed in data breach https://www.bleepingcomputer.com/news/security/uk-confirms-ministry-of-defence-payroll-data-exposed-in-data-breach/?utm_source=dlvr.it&utm_medium=mastodon #cybersecurity #infosec

percepticon, 3 days ago to Cybersecurity

Microsoft developed an ‘air-gapped’ AI for spies that’s isolated from the internet https://qz.com/microsoft-offline-ai-service-chatgpt-gpt4-us-spies-1851462266?utm_source=dlvr.it&utm_medium=mastodon #cybersecurity #infosec

andre, 3 days ago to sysadmin

#AskInfoSec I'm trying to wrap my head around security aspects of IPv6 protocol.

From what I've learned that now my networking devices have a public IP address (unlike with IPv4 which would have to be port translated at the router).

In order to talk to a service I still will need a port next to the IP address.

Does that mean that every device in the network should have a firewall? Or can I still have one at the router level handle everything?

My fear is that a router could be easily bypassed.

#SysAdmin #InfoSec