Tootfinder

@grumpybozo@toad.social
2025-07-06 18:16:54

Just like one prevents losing money by having none.
But seriously, “just use Linux” is the territorial call of the not-so-bright teenage geek. It screams of solipsism and inexperience. I say this as someone who has never chosen Windows for anything.
The idea that the solution to #infosec is for organizations to dump Windows and run Linux instead is a childish fantasy.

Joel Pomales (@joelpomales@mastodon.social)
@08956495@infosec.exchange this is disingenuous considering that there are technical solutions to prevent this. Like, for example, using Linux instead of Windows.

@jtk@infosec.exchange
2025-05-28 23:32:46

One #infosec example of the very many NSF funding awards being revoked:
"Hudson County Community College (HCCC) was awarded a $599,811 National Science Foundation (NSF) grant for its program, “Nurturing Resilience: Empowering the Next Generation of Cybersecurity Professionals with a Focus on Women.” The program goals are to recruit and retain more women in the HCCC Cybersecurity Prog…

Hudson County Community College Receives $600,000 National Science Foundation Grant to Expand Its Nationally Acclaimed Cybersecurity Program
The explosive demand for Cybersecurity is outpacing the supply of computer science professionals who assess threats and prevent attacks. Educational institutions, healthcare organizations, government, businesses, and individuals are increasingly vulnerable to evolving hazards including phishing, spoofing, malware, ransomware, and viruses.

@Xavier@infosec.exchange
2025-06-23 15:18:22

Here's the #CFP for the 2025 #ICS #Cybersecurity Conference. The conference is Oct 27-30 at InterContinental Buckhead Atlanta.

2025 ICS Cybersecurity Conference: Call for Presentations
About the Conference - Know Your AudienceSecurityWeek’s ICS Cybersecurity Conference is the conference where ICS users, ICS vendors, system security p...

@losttourist@social.chatty.monster
2025-07-04 08:06:56

A salutary reminder from work Slack: important backups (including recovery codes) should be stored in more than one location.
#Infosec #security #backups

@floheinstein@chaos.social
2025-06-30 12:48:23

Nonmention:
If you are victim to a ransomware attack and your data gets leaked on the darknet, you shouldn't write a press release that this happened "despite your high security standards", when everyone can see your standards in your password file PW.docx.
#infosec #ransomware

@grumpybozo@toad.social
2025-06-18 17:42:44

Is this a parody?
I don’t do #InfoSec or other cons so I don’t have a strong sense of whether the “Open Space” concept is brilliant or uproariously absurd. I lean towards the latter because it just seems to me like a recipe for people standing around.

Open Security Conference (@OSCo@infosec.exchange)
Wait, what do you mean by "the Open Security Conference is an open space conference"? 🤔 This format might not be familiar with everyone, so we have you covered! Check out https://opensecurityconference.org/open-space/ to learn more. 💡 And in case you need buy-in from your employer, here's some additional inspiration. 😉 https://opensecurityconference.org/faq/#ive-had-great-experiences-attending-open-space-conferences-yet-my-employer-has-not---do-you-have-any-recommendations-to-convin…

@grumpybozo@toad.social
2025-06-13 17:41:33

Not so much, really.
This is yet another case of an academic setting up a very special circumstance that doesn’t match the real world to create a “vulnerability” that is never going to be used in the real world.
Ever been in a proper data center? Was it quiet?
#InfoSec

happygeek :unverified: + :verified: = $0 (@happygeek@infosec.exchange)
By me @Forbes: Clever researcher + airgapped system + smartwatch = big trouble for your most confidential data. #kudos Mordechai Guri. #infosec https://www.forbes.com/sites/daveywinder/2025/06/13/how-hackers-use-a-smartwatch-to-steal-highly-confidential-data/

@frankel@mastodon.top
2025-06-09 16:28:01

Weaponizing Dependabot: Pwn Request at its finest
#infosec …

Weaponizing Dependabot: Pwn Request at its finest
Learn how Dependabot can be co-opted to exploit some sensitive workflows, through the Confused Deputy Problem and branch name injections.

@TFG@social.linux.pizza
2025-05-20 07:20:12

Had to unscrew 21 screws to open a laptop. TWENTY-ONE!
And only to then tear off the cable to the speaker which was hidden under the cover.
Guess what manufacturer :-)
#DigitalForensics #DFIR

@castarco@hachyderm.io
2025-05-01 07:54:12

Another tool for our arsenal of protections against adversarial bots:
#zipbomb #zipbombs #bots #crawlers #aislop #infosec

@unixorn@hachyderm.io
2025-04-19 13:05:02

OH on work slack while joking about how ridiculous infosec gatekeeping can be:
IF YOU’VE NEVER CHANGED YOUR BAUD RATE BY ADJUSTING DIP SWITCHES, I’M NOT INTERESTED IN YOUR CYBERSECURITY OPINIONS
#greyscale #infosec #sre #secops @… @… @…

@grumpybozo@toad.social
2025-06-14 19:56:45

I have a trick for getting into a box that’s being clobbered by a crawler DDoS: set the ITerm2 profile to auto-restart and open a half-dozen duplicate sessions. Basically: put a bunch of my SYNs in the queues to compete with the bots.
Ugly as sin, but it ultimately works.
Also: fuck those guys. And fuck their ISPs for being so comatose that they don't notice.
#InfoSec

@TFG@social.linux.pizza
2025-05-20 06:19:33

If your day begins with debugging the registry entries of one of your tools to make it run - you know it's gonna be a great day.
But hey... it was simple. Just delete every registry key of it.
#DigitalForensics #DFIR

@TFG@social.linux.pizza
2025-06-26 09:26:38

#DigitalForensics department doing hot stuff in their rooms today!
#DFIR #forensics #InfoSec

Tootfinder

Opt-in global Mastodon full text search. Join the index!