avuko

@avuko@infosec.exchange

Everybody wants to be a warrior,
nobody wants to be a nurse.
Move slow and make things.
STIX or it didn't happen.
he/him :donor:

#ThreatIntel #BlueTeam #InfoSec #CTI #DFIR #OSCP #OSCE #GCFA #ISO8601 #ActuallyAutistic#SecularBuddhist #ENTJ-A #SolarPunk #Historian #Dutch #PublicServant

Header image: statues of tyrannicides Harmodius and Aristogeiton, photo by Miguel Hermoso Cuesta
Avatar image: screenshot of the braille Unicode for “As” (⠠⠵) which looks like a glider from the Game of Life.

auto-delete >7 days

This profile is from a federated server and may be incomplete. Browse more on the original instance.

codinghorror, to random

Men, please read this article and really take it to heart. And I mean me too. https://medium.com/

stevej, to random

I'm starting to think the computers will become self-aware before the people will.

teriradichel, to random

Although I mostly write about cybersecurity, the best advice I can give is to surround yourself with people who love and care about you. Forget the rest. You may not change the world but you can be happy with yourself and the people with whom you choose to spend your days.

GossiTheDog, to random
@GossiTheDog@cyberplace.social avatar

Enjoying this fully patched Ivanti Pulse Connect box (yes, the kernel has dirty in it)

Linux version 2.6.32-00366-gsd3b182-dirty - December 2009

curl 7.19.7 2009-11-04 (14 years)
openssl 1.0.2n-fips 2017-12-07 (6 years)
perl 5.6.1 2001-04-09 (23 years)
psql 9.6.14 2019-06-20 (5 years)
cabextract 0.5 2001-08-20 (22 years)
ssh 5.3p1 2009-10-01 (14 years)
unzip 6.00 2009-04-29 (15 years)

BleepingComputer, to random

Fortinet is warning that a new critical remote code execution vulnerability in FortiOS SSL VPN is potentially being exploited in attacks.

https://www.bleepingcomputer.com/news/security/new-fortinet-rce-flaw-in-ssl-vpn-likely-exploited-in-attacks/

jbn, to random

✨ New Timesketch release! A notable feature we added this time is connectors to different LLM services. Out of the box we have support for Ollama (for open models) and VertexAI from Google. We continue building the foundation for Assisted Investigations.

https://timesketch.org/changelog/#version-20240207

siem, to random

A short tutorial how to ingest STIX data into MISP - I ran into some oddities, and this might be of help to others too

https://blog.melinesieber.ch/posts/misp-building-bridges/

BleepingComputer, to random

A Chinese cyber-espionage group breached the Dutch Ministry of Defence last year and deployed malware on compromised devices, according to the Military Intelligence and Security Service (MIVD) of the Netherlands.

https://www.bleepingcomputer.com/news/security/chinese-hackers-infect-dutch-armed-forces-network-with-malware/

BabblingGeek, to random

WFH is distributed BCDR. This continuity tip brought to you by CA weather.

stux, to Amazon Dutch
@stux@mstdn.social avatar

Yikes

Onrust over gedeeltelijke verhuizing .nl-domeinen naar het Amerikaanse Amazon

https://nos.nl/l/2507035

ZLabe, to random
@ZLabe@fediscience.org avatar

100 years of January sea surface temperature anomalies - 2024 begins with widespread warmth across the world's oceans

Animation of global maps showing sea surface temperature anomalies for each January over the last 100 years through 2024. Blue shading is shown for colder anomalies, and red shading is shown for warmer anomalies. There is large spatial variability, but a long-term warming trend found in nearly all regions.

GossiTheDog, to random
@GossiTheDog@cyberplace.social avatar

vendors: you should implement Zero Trust and Assume Compromise

me: right, so you mean I shouldn't trust you and assume you're compromised, right?

vendors: NOT LIKE THAT

da_667, to random

found a new rack for my ivanti gear

nf3xn, to random
@nf3xn@mastodon.social avatar

deleted_by_author

    •
    malanalysis,

    @nf3xn
    I heard the PR statements "We found no evidence of any cybersecurity event having occurred." in my head when I read your toot.

    adulau, to infosec

    What happened to pastebin.com ? It has been down for the past 12 hours.

    :blobcatpeekaboo:​

    KenWalkerQB, to random
    @KenWalkerQB@mstdn.ca avatar

    US Supreme Court in Colorado 14th amendment appeal, court file:
    https://www.supremecourt.gov/docket/docketfiles/html/public/23-719.html

    The historian brief that Lawrence O'Donnell says you should read if you read only one supreme court brief in your life is here:
    https://www.supremecourt.gov/DocketPDF/23/23-719/298999/20240129110006501_23-719%20bsac%20American%20Historians%20Final.pdf

    lauren, to random
    @lauren@mastodon.laurenweinstein.org avatar

    If your work involves sitting in front of a screen all day, and you can effectively complete your tasks from a screen at home, you should be permitted to do so. This is the 21st century, not the 18th.

    ChrisPirillo, to random
    @ChrisPirillo@mastodon.social avatar

    roses are red
    pockets have lint

    BleepingComputer, to random

    Researchers found roughly 45,000 Jenkins instances exposed online that are vulnerable to CVE-2023-23897, a critical remote code execution (RCE) flaw for which multiple public proof-of-concept (PoC) exploits are in circulation.

    https://www.bleepingcomputer.com/news/security/45k-jenkins-servers-exposed-to-rce-attacks-using-public-exploits/

    SirTapTap, to Cats
    @SirTapTap@mastodon.social avatar

    This is the ideal resting position

    You may not like it, but this is what peak relaxation looks like

    k3ym0, to Cybersecurity

    Don't use Exchange On-Prem - It's riddled with vulnerabilities, they said.

    Use Office 365 - It's way more secure, they said.

    Meanwhile, MSFT leaving test OAuth accounts active, with:
    ✅ admin privileges
    ✅ weak password
    ✅ no MFA

    (insert jokerclapping.gif)

    https://arstechnica.com/security/2024/01/in-major-gaffe-hacked-microsoft-test-account-was-assigned-admin-privileges/

    JulieB, to random
    @JulieB@deacon.social avatar

    This. Oh my, THIS.

    brianklaas, to random
    @brianklaas@journa.host avatar

    Starting to feel real that my new book FLUKE—which completely changed my worldview as I wrote it—will be out in a few days in the US (and Feb. 1st in the UK). You can pre-order it now from wherever you buy books! Here’s a cool video teaser:

    video/mp4

    howelloneill, to random

    When I need to translate the new threat actor names to the old actor names to the other firm’s actor’s names to

    otter, to infosec

    More or less every company has guidance that users shouldn't click links in emails to prevent phishing and other email based attacks. So why do all email clients enable clickable links? There doesn't even seem to be an option to disable such links from incoming emails. 🤔

    otter,

    @avuko Yes, that's another topic for rant: company advisories against clicking links, immediately followed by monthly newsletter or request to confirm some personal data with link to http\shady.email.marketing.startup or http\we.host.our.forms.online that you must use to completing a task.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • megavids
  • everett
  • Durango
  • mdbf
  • magazineikmin
  • InstantRegret
  • rosin
  • modclub
  • Youngstown
  • slotface
  • thenastyranch
  • cubers
  • kavyap
  • DreamBathrooms
  • JUstTest
  • khanakhh
  • GTA5RPClips
  • osvaldo12
  • ngwrru68w68
  • normalnudes
  • cisconetworking
  • Leos
  • ethstaker
  • tester
  • tacticalgear
  • provamag3
  • anitta
  • lostlight
  • All magazines
    •