Tootfinder

Opt-in global Mastodon full text search. Join the index!

@cjust@infosec.exchange
2025-07-15 22:39:21

Some of my best jokes just go to waste.
Also - these ones.
#Beyonce #Infosec101

MR 2 min -> A security incident you can use. Beyonce unreleased music stolen out of a producer's SUV in a parking garage. -> Dude on the 911 call is sad yet funny in his panic <- Is he asking them to . . . Ring The Alarm? <- Mentioning that the songs are . . . Irreplaceable?
@grumpybozo@toad.social
2025-06-18 17:42:44

Is this a parody?
I don’t do #InfoSec or other cons so I don’t have a strong sense of whether the “Open Space” concept is brilliant or uproariously absurd. I lean towards the latter because it just seems to me like a recipe for people standing around.

Open Security Conference (@OSCo@infosec.exchange)
Wait, what do you mean by "the Open Security Conference is an open space conference"? 🤔 This format might not be familiar with everyone, so we have you covered! Check out https://opensecurityconference.org/open-space/ to learn more. 💡 And in case you need buy-in from your employer, here's some additional inspiration. 😉 https://opensecurityconference.org/faq/#ive-had-great-experiences-attending-open-space-conferences-yet-my-employer-has-not---do-you-have-any-recommendations-to-convin…

@Xavier@infosec.exchange
2025-07-08 17:11:34

An #infosec drama, in two screenshots.

The image is a screenshot of a Twitter post by a user named Quackity, featuring a promotional tweet about a product called DABABEL. The tweet reads: "INTRODUCING DABABEL. THE UNIVERSAL REAL TIME TEXT AND VOICE TRANSLATION TOOL. SPEAK ANY LANGUAGE, WITH ANYBODY, ANYWHERE. AVAILABLE RIGHT NOW." Below the text, there is an image of two men sitting on stools, with one holding a smartphone. The man on the right is wearing a black t-shirt with the text "CAMPO REAL SOCCER" on it. The background is wh…
The image displays a mobile phone screen showing a subscription plan selection interface. The background is black, and the text is primarily white with some red and blue accents. At the top, the time is 7:04, and the battery is at 33%, with 5G connectivity indicated. The interface features several subscription plans: Pro Plan: Highlighted as "Popular," priced at $17.99 weekly, offering 10,000 credits, suitable for regular travelers and those who work, learn, and create across borders. …
@metacurity@infosec.exchange
2025-06-04 11:29:19

#Infosec2025: Good Cybersecurity Enabled Ukraine’s Surprise Attack on Russia, Says NCSC
infosecurity-magazine.com/news

#Infosec2025: Good Cybersecurity Enabled Ukraine’s Surprise Attack on Russia, Says NCSC
Effective cybersecurity played a key role Ukraine drone attack on Russian strategic bombers, a leading government security expert has claimed

@jtk@infosec.exchange
2025-05-28 23:32:46

One #infosec example of the very many NSF funding awards being revoked:
"Hudson County Community College (HCCC) was awarded a $599,811 National Science Foundation (NSF) grant for its program, “Nurturing Resilience: Empowering the Next Generation of Cybersecurity Professionals with a Focus on Women.” The program goals are to recruit and retain more women in the HCCC Cybersecurity Prog…

Hudson County Community College Receives $600,000 National Science Foundation Grant to Expand Its Nationally Acclaimed Cybersecurity Program
The explosive demand for Cybersecurity is outpacing the supply of computer science professionals who assess threats and prevent attacks. Educational institutions, healthcare organizations, government, businesses, and individuals are increasingly vulnerable to evolving hazards including phishing, spoofing, malware, ransomware, and viruses.

@grumpybozo@toad.social
2025-06-13 17:41:33

Not so much, really.
This is yet another case of an academic setting up a very special circumstance that doesn’t match the real world to create a “vulnerability” that is never going to be used in the real world.
Ever been in a proper data center? Was it quiet?
#InfoSec

happygeek :unverified: + :verified: = $0 (@happygeek@infosec.exchange)
By me @Forbes: Clever researcher + airgapped system + smartwatch = big trouble for your most confidential data. #kudos Mordechai Guri. #infosec https://www.forbes.com/sites/daveywinder/2025/06/13/how-hackers-use-a-smartwatch-to-steal-highly-confidential-data/

@Xavier@infosec.exchange
2025-06-23 15:18:22

Here's the #CFP for the 2025 #ICS #Cybersecurity Conference. The conference is Oct 27-30 at InterContinental Buckhead Atlanta.

2025 ICS Cybersecurity Conference: Call for Presentations
About the Conference - Know Your AudienceSecurityWeek’s ICS Cybersecurity Conference is the conference where ICS users, ICS vendors, system security p...

@frankel@mastodon.top
2025-06-09 16:28:01

Weaponizing Dependabot: Pwn Request at its finest
#infosec

Weaponizing Dependabot: Pwn Request at its finest
Learn how Dependabot can be co-opted to exploit some sensitive workflows, through the Confused Deputy Problem and branch name injections.

@floheinstein@chaos.social
2025-07-07 11:10:54

Save the Date:
‪RT Disobey_Fi€ disobeyfi.bsky.social€
Psst! Some dates may have been confirmed!
Those dates may be Feb 13-14 2026!
disobey.fi/2026/
#infosec #itsecurity #disobey

Magenta light beams illuminating a stage in front of that the text Disobey The Nordic Security Event 13th and 14th February 2026 Kaapelitehdas, Helsinki, Finland
@losttourist@social.chatty.monster
2025-07-04 08:06:56

A salutary reminder from work Slack: important backups (including recovery codes) should be stored in more than one location.
#Infosec #security #backups

@TFG@social.linux.pizza
2025-08-07 10:49:46

ActivitiesCache.db FTW!!!
#dfir #infosec #DigitalForensics

@SmartmanApps@dotnet.social
2025-08-05 01:10:30

#InfoSec

AI LLMs are now so clever that they can independently plan and execute cyberattacks without human intervention
Large language models (LLMs) have long been considered useful tools in areas like data analysis, content generation, and code assistance. However, a …

@grumpybozo@toad.social
2025-06-14 19:56:45

I have a trick for getting into a box that’s being clobbered by a crawler DDoS: set the ITerm2 profile to auto-restart and open a half-dozen duplicate sessions. Basically: put a bunch of my SYNs in the queues to compete with the bots.
Ugly as sin, but it ultimately works.
Also: fuck those guys. And fuck their ISPs for being so comatose that they don't notice.
#InfoSec

@grumpybozo@toad.social
2025-07-06 18:16:54

Just like one prevents losing money by having none.
But seriously, “just use Linux” is the territorial call of the not-so-bright teenage geek. It screams of solipsism and inexperience. I say this as someone who has never chosen Windows for anything.
The idea that the solution to #infosec is for organizations to dump Windows and run Linux instead is a childish fantasy.

Joel Pomales (@joelpomales@mastodon.social)
@08956495@infosec.exchange this is disingenuous considering that there are technical solutions to prevent this. Like, for example, using Linux instead of Windows.

@floheinstein@chaos.social
2025-06-30 12:48:23

Nonmention:
If you are victim to a ransomware attack and your data gets leaked on the darknet, you shouldn't write a press release that this happened "despite your high security standards", when everyone can see your standards in your password file PW.docx.
#infosec #ransomware

@grumpybozo@toad.social
2025-08-04 23:00:21

I just noticed the existence of mod_md for httpd. That's cool. I wonder if I can make it work.
I hate Certbot and am getting to hate acme.sh
#Sysadminnery #WebPoking #InfoSec

@TFG@social.linux.pizza
2025-06-26 09:26:38

#DigitalForensics department doing hot stuff in their rooms today!
#DFIR #forensics #InfoSec

thermometer showing 30°C inside the office room.