Items tagged with: infosec
Además este libro me ha resultado un buen punto de partida para áreas de la seguridad en las que no tengo tanto callo. Me había quedado un poco atrás con moderneces como CI/CD, pipelines y similares. Ahora por lo menos ya tengo unas bases que me ayudarán a saber por dónde empezar. Un gran libro para quienes están empezando en el sector, y una buena lectura también para quienes ya peinamos canas en la barba a base de disgustos.
#booktodon #libros #infosec
In exciting news I appear to be part of one of the first data breaches of the fediverse era!
I got this email 20 minutes ago letting me know my data migration from mastodon.social was dumped in a breach.
I'm going to be honest, I've got some opinions on the fact that a public bucket is used to store archives, with just obfuscation to stop people from downloading them.
While a few apps such as Signal, iMessages, WhatsApp, and Threema encrypt the payload of their push notifications end-to-end, many other apps don't encrypt the payload. This includes most email apps and most apps in the social networking and shopping categories.
In my team we have openings for #developer focused on #offensive / #redteam development. You will help to make the research and education sector better (focused specially for #sweden) with your skills and write all #opensource tools.
Ask me any question about the position or team and culture.
Please boost for more reach
Getting frustrated with the lack of response from people I've been trying to reach out about this research project, but fuck it. My life already sucks, and it is just going to get worse.
I've been researching into something very interesting, and the rabbit hole starts at: https://www.choosewell2024.com/
Which is the beginning of what I see as a deliberate attempt at rigging the presidential elections and getting cult like legislations passed.
If you scroll down you will see the cornerstone partners which are the four organizations that are I believe basically well the cornerstones of this movement. Most notably right now are The Family Policy Alliance and also The Heritage Foundation.
The Family Policy Alliance being linked to The Family Leader and also Focus on the Family. The Family Leader is an evangelists' cult group that has been trying to basically get the USA government to adopt a more extreme evangelist structure and pass legislations that will make all our lives' hell. Focus on the Family have been pushing the propaganda focused on families and children.
The Family Policy Alliance is a group of Family Policy Councils in roughly 40 states. Some being more prominent than others such as Idaho, Iowa, Ohio, Massachusetts, Michigan, etc. Michigan is particularly interesting since the DeVos family, that made billions off of a Ponzi Scheme and have been involved with conservatives and The Family for decades. Also, it seems like the Alliance Defending Freedom is the legal arm.
The Heritage Foundation has a long history of "advising" the government, especially the President, on policies and how the government should be. This started with Reagan and their Wikipedia has a nice history in a nutshell: https://en.wikipedia.org/wiki/The_Heritage_Foundation
The Heritage is trying similar with Reagan, but way worse in a German-Nazi style take over called Project 2025: https://www.project2025.org/
When I say this is German-Nazi style, I'm not overexaggerating. Adolf Hitler failed his first coup attempt and while in prison he created his political plan and ideology which sure looks like what Project 2025 Playbook is.
Anyway, I have some more to share, but I'm exhausted and to be honest... history is repeating itself, and we aren't doing shit about it like last time.
Polish hackers figured out that a train manufacturer had programmed its trains to break down after certain dates, or if they were serviced at another company's workshop.
#InfoSec picks of the day:
➡️ @haveibeenpwned - Site which lets you check if you are victim of security breaches
➡️ @smashingsecurity - Award-winning humorous podcast about computer security
➡️ @gcluley - Computer security expert, blogger, co-host of Smashing Security podcast
➡️ @rysiek - IT expert, dev, good guy hacker
➡️ @adminmagazine - Technical journal for system administrators
➡️ @kalilinux - Linux distro for computer security tasks such as digital forensics, penetration testing etc
CVE-2023-49103 is a vulnerability in #ownCloud that exposes the PHP environment. In containerized deployments, this includes the ownCloud admin password, mail server credentials, and license key.
Patch before your ownCloud instance becomes an ownedCloud instance
Well, I'm kind of back to Mastodon. I took a long break from all social media and deleted every single one of my accounts... Mastodon, LinkedIn, Twitter/X, etc.
I guess I'm going to try it out again. I do miss the #InfoSec community and haven't been keeping up with the news and happenings as I should have been.
I hope to re-kindle some online friendships, so if you find me here, please say hello!
🔎 🕵️♂️ MALTEGO OSINT TUTORIAL FOR BEGINNERS:
Adding All 100% Free Transforms
This Will Be Fun! 😎 ⌨️ :terminal:
have no issue neither 2 actually become #cybercriminals in the name
of fucking $ is why that even do I work in #infosec for 24
years now still like when people call me a #hacker rather than
a #infosec because 4 me that is just a job not a way of thinking or a culture
This dumb password rule is from Movistar.
Min 7 and max 8 characters for password! Also to be different than the
username: the user name is automatically generated and is based on the
surname of the user with some characters replaced by digits 😀
Has been that way for more than 10 years.
Whoever has my passwords, can steal my identity and spend my money.
Whoever can read my email, can reset (almost) all my passwords.
Whoever controls my MX record, can receive my email.
Once again, DNS is the linchpin. At least I have DNSSEC to make poisoning attacks and other DNS lies harder.
*We currently have Eset/Nod32 but I'm evaluating Bitdefender as our contract renews soon. If anyone can share good/bad experience about these two I'd appreciate it. There seem to be a lot more buzzwords in AV than I remember and it's hard to see that one product is any better or worse than another.
- Give it away (suggestions by reply please) (0%, 0 votes)
- Give it someone you hate (50%, 1 vote)
- Bin it! (50%, 1 vote)
- Something else (suggest in comments) (0%, 0 votes)
FXBG Hackers - Fredericksburg, VA
1st Wednesday of Every Month!
(Note: not everyone RSVPs or clicks "Participate" in Mobilizon, so if it says no one is participating, it's lying. We have a couple hundred members with 20 to 30 folks that come out each month.)
White Hat, Black Hat, Gray Hat - N00b, 1337, Obso1337 Hacktivist, Corporate, Fed, Govt, Mil, Hobbyist - All are welcome.
- 7:00 - Soft start / Socializing
- 7:15 - Meeting begins
- Community News
- 7:30 - Firetalks
- 10-minute presentation
- 5-minute discussion
- Slides, media, and demos are encouraged but not required.
- We'll have a large display and a display laptop running Ubuntu available if need be; otherwise, bring your laptop or speak without slides.
- Note: No vendor pitches, no recruiter pitches.
- 8:45 - Who's Hiring / Who's Looking for Work
- Those that are hiring can give a quick announcement.
- Those who are looking for work can give a quick pitch.
- 9:00 - Formal End of Meetup
- 9:00+ - Socializing, Eating, Hanging Out, Hacking
- The brewery closes at 9:00, but the night owls typically migrate to another venue after the meetup.
Note on FireTalks: If it's your first time here - chill, relax, enjoy and hang out. Otherwise, hop up and give a fire talk. Fire talks are short talks around a topic generally related to hacking. Talks last roughly 10 minutes or less, with 5 minutes of discussion afterward. Be as formal or informal as you like. Slides, demos, and media are encouraged but not required. If you're unsure what to talk about or have worries about presenting, ask one of the organizers for help. We're here for you. We apply a very broad definition of hacking - taking something and utilizing it beyond its intended means.
Note: We do not advocate illegal activities. If you're discussing bypassing computer security, you have permission to do so or are utilizing your equipment in a lab environment.
CODE OF CONDUCT & RULES
- Don't hack the venue!
- Don't hack other attendees without consent.
- Don't talk about anything illegal.
- Don't harass other attendees.
- Follow venue rules.
- Treat venue staff well.
- Do participate. Do Have Fun.
- Don't hack the venue!
All are welcome regardless of race, age, experience, gender identity, sexual orientation, ethnicity, disability, national origin, religion, or creed.
The Paradox of Tolerance Addressed: We do NOT tolerate intolerance. You will be banned if you advocate ostracizing, oppressing, or hurting others.
My new keycaps came in and I put them on. I like it. Double shot pbt. The artisan keycap is for the key that changes the backlight. Blank one is technically a macro, but is by default for cortana/siri. Couldn't be bothered to change it.
Tor Project Needs Our Help
📉 Donations Down This Year
Tor: Not Only A Browser For Privacy Online:
It's Also An Essential Tool #Journalists / Vulnerable Populations Around The World Use To Access Internet / Bypass Censorship.
💡 ❤️ Tor is FREE. So worth it.
🔗 Tor Project Donation Page: https://donate.torproject.org
I'm hoping for someone to help with some PRs for the following metadata:
Chrome Remote Desktop
• At one stage “IRC Wars” was a thing. Initially a bunch of kids would try to convince one of the channel operators to give them operator status, too. If some of the channel OPs was foolish enough to grant the status the attacker would promptly DEOP the original channel OPs and kickban them. This would usually be combined with adding insults to the channel topic and making the channel invite only. Retaliatory attacks were also quite common. At some stage there were multiple IRC channels held by various “factions”, while the actual discussion occurred on backup channels. Some channels were held for years.
• The “IRC Wars” (d)evolved over time. One feature weaponized was the “netsplit” where the loss of network connectivity would effectively split the network in two separate functional sub-networks. The protocol would self-heal when the connectivity returned: This involved reintegrating the channels by merging any divergencies. One result of this merge operation was to merge any operators on channels. Thus, if you found a server that was “in split” for long enough time and had no local users on the victim channel, you could join the channel and would gain operator status as the “first user” on this “new” channel. When the network eventually joined (so called “netjoin”), you would be awarded operator status on the victim channel and could proceed with channel takeover.
• “Nick collision” was one aspect of the netjoin (the network healing after a split): If two users had the same nick name, this conflict would be resolved by disconnecting both users from the network in a so called “kill”. Thus you would just have to obtain the nick name of the target user on one of the servers on the other side of the split and wait for the network to heal. Some highly coveted nicknames were stolen using this method. It would also commonly be used to collide all original operators in a channel takeover.
• Many bots were written as both defensive and offensive weapons in IRC Wars. The defensive bots would attempt to hold OP status away from malicious parties while granting it to the rightful owners of the channel. These bots grew highly sophisticated and attempted to dodge attack such as nick collisions. Offensive bots would track the nicknames of the legitimate channel operators in an attempt to collide them.
• There were technical disagreements on how nick collisions should be handled. This, along with philosophical disagreement on whether there should be set rules defining what SysOps could or could not do, led to the EFnet network splitting in so called “Great Split” of 1996, resulting in creation of IRCnet.
• Phoenix IRCII script had a gaping security vulnerability in the message save feature that could be used to directly execute shell commands on the victim’s shell account. Needless to say this could be used to not only compromise the user but to also gain foothold on the actual (typically a brand of UNIX or BSD) server running the IRC client.
• At some point many users connected over modems. At the time isolation between control and data channels was poor or completely missing. If you could get the victim host to send special string towards the modem you could control it remotely. ICMP ECHO was particularly effective. ping -p 2D092B2B2B41544830 would send a “+++ATH0” towards the victim, and if the echo was responded, it would send back the same data through the modem. “+++” would enter the Hayes command mode. “AT” was a common prefix for “Hayes command set” commands, while “H0” meant “hang up”. Needless to say if the victim was a modem user and the system responded to ICMP ECHO the user would promptly have their modem hang up and connection would be lost.
• WinNuke (URG pointer mishandling in Windows TCP/IP stack) was used to disconnect IRC users. “Ping of death” (oversized ICMP ECHO with payload larger than 65535 bytes) was also used, as well as various other DoS bugs in network stack implementations, such as LAND attack. Eventually also flooding and primitive DDoS attacks were also used.
• I once found a #mIRC IRC client vulnerability that could be used to boot any mIRC user off the IRC network: The mIRC built-in IdentD had a bug where it would get confused if multiple concurrent connections were made towards it. If these connections would just sit there it would result in the whole mIRC network process to time out, disconnecting the user. I did demonstrate this vulnerability on #mirc channel – in hindsight this is something that I probably should not have done. I did learn a valuable lesson at least.
EU Governments Set To Approve End Of Secure Messaging
People Don't Have A Right To Basic Security... For Their Own Devices?
(don't think it won't spread)