Tootfinder

Opt-in global Mastodon full text search. Join the index!

No exact results. Similar results found.
@catsalad@infosec.exchange
2025-12-19 10:26:17

This tree ornament sure is hard to photograph

Long cylindrical ornament hanging up on a tree with light with following text written on the front: DANGER RADIATION ☢️ DROP & RUN Co 60 3540 Curies 7-1-63
@adulau@infosec.exchange
2026-02-07 08:07:19

Following a great question from CERT.PL about GCVE KEV assertion format and especially about the confidence level for an evidence of a vulnerability assertion.
We made a first table of confidence level for the evidence in the KEV record format.
#kev #gcve

| Confidence | Label | Meaning (confidence in this evidence item) | Typical exploitation evidence examples | |-----------:|------------------|---------------------------------------------|----------------------------------------| | 0.0 | None | No usable evidence or placeholder only | Empty claim; unresolved rumor with no traceability | | 0.1 | Extremely low | U…
@cjust@infosec.exchange
2026-01-09 20:59:12

Theme for 2026
#ThemeFor2026

The image is a digitally rendered composition with a somber, somewhat unsettling aesthetic. The central element is a rectangular panel or stone, likely the focus of the piece. The panel features the following text, arranged in a columnar format: "I AM UNABLE TO GENERATE A RESPONSE THAT MEETS OUR COMMUNITY GUIDELINES." The text is rendered in a warm, yellowish-gold color, contrasting with the dark background of the panel, suggesting some sort of light emanating from the words themselves. The ba…
@adulau@infosec.exchange
2025-12-06 16:10:40

We’ve updated the draft GCVE BCP-05 standard to introduce flexible record types, making it easier to extend, enrich, and structure security advisories.
Comments are more than welcome!
#gcve #cve #vulnerability

GCVE BCP-05 drafting - Best practices for the "container" format - modified CVE Record Format
Thanks @claudex . This is an excellent point and would also improve the ability to parse GCVE records reliably. Below is a proposal for a record_type field that would serve as a key within each GCVE record. Feel free to comment. @cedric I incorporated the idea concerning the sync of the comment (not sure if the most efficient way). Proposed update to BCP-05 (following the online workshop of 6th December in Belgium) The record_type field defines the semantic category of the content submitted by…

@adulau@infosec.exchange
2025-12-13 09:48:27

BRICKSTORM Backdoor
"The Cybersecurity and Infrastructure Security Agency (CISA) analyzed eight BRICKSTORM samples obtained from victim organizations. BRICKSTORM is a custom Executable and Linkable Format (ELF) Go-based backdoor. "
MISP standard and STIX files available at the following location:
🔗 cti-tra…

@adulau@infosec.exchange
2026-01-31 08:52:27

GCVE-BCP-08 - GCVE GNA Directory File
Following some good pre-discussion at #fosdem - a first draft of the directory file specification has been updated. The goal is clarify some of the fields. Feedback is more than welcome.
@…@…

GCVE-BCP-08 - GCVE GNA Directory File (draft)
Following various discussions and the meeting at FOSDEM, we will create the GCVE-BCP-08 describing the directory JSON format. GCVE-BCP-08 - GCVE GNA Directory File Status of This Document This document defines GCVE-BCP-08, which specifies the structure and semantics of the GCVE GNA Directory File. This file gcve.json enumerates known GCVE Numbering Authorities (GNAs) and associated metadata used by the GCVE ecosystem. Scope The GCVE GNA Directory File is a JSON document containing an array…