Tootfinder

Before submitting one or more talks to @… 2026, I wrote a blog post based on my 2024 presentation: Bring Back RSS for Operational Security.
#rss #infosec

Bring Back RSS for Operational Security
Personal webpage of Alexandre Dulaunoy - from information security to open source and art

"Root Cause:
A dog named Kubernetes ate a YubiKey."
This a fun read.
"The legitimate maintainer has won €2.3 million in the EuroMillions and is researching goat farming in Portugal."
#infosec #incident

Incident Report: CVE-2024-YIKES
A series of unfortunate events.

New infosec AI guidance just dropped
#infosec #Shitpost #Shitposting

Yet another example of the endless, ever-descending spiral stairs to hell that is #infosec...
https://www.theguardian.com/science/2026/mar/…

Confidential health records from UK BioBank project exposed online
Exclusive: Guardian investigation finds data from flagship medical research leaked dozens of times

Have you ever tried to dictate someone a private IPv4 address in French 🇫🇷 ?
I'm now pretty certain that whoever said "Let's use 192.168... subnets for this" did that to annoy - or as a gigantic prank. And I salute you for it.
Hundred four twenty twelve, hundred sixty eight...
#infosec #sysadmin

(Via @… )
Why o why did I surrender to curiosity and peek? ... It seems that five years metaphorically lying down in a darkened room isn't long enough for the fundamental impossibility of #infosec to change or evolve.
"This pa…

The UK Cyber Security and Resilience Bill: A Practitioner's Guide to Legislative Reform, Compliance, and Organisational Readiness
The Cyber Security and Resilience (Network and Information Systems) Bill, introduced to Parliament in November 2025, represents the most significant reform of UK cyber security legislation in nearly a decade. This paper provides a comprehensive practitioner-oriented analysis of the Bill's provisions, their practical implications, and the steps organisations must take to achieve compliance. It examines the expanded regulatory scope covering managed service providers, data centres, and designated…

#infosec #cisa #oopsie

‘The Worst Leak That I’ve Witnessed’: U.S. Cybersecurity Agency Leaves Its Digital Keys Out in Public on GitHub
Passwords were stored as plain text in a public GitHub repository.

Every time I update my United credentials I get irritated by their #infosec incompetence.
The security questions require you to pick answers only from a dropdown menu. It barely even qualifies as checkbox security.
What other incompetence is hiding behind the scenes?

Hardening Firefox with Anthropic’s Red Team 
#infosec

Hardening Firefox with Anthropic’s Red Team  | The Mozilla Blog
For more than two decades, Firefox has been one of the most scrutinized and security-hardened codebases on the web. Open source means our code is visible,

I’ve had 3 requests from *different* supposed market survey entities who each claim to be working on behalf of an #InfoSec vendor seeking customer feedback.
They all got an explicit “FUCK OFF” response from me, and had their mail sent through our spam-learning gadgetry.
I’m not naming the vendor intentionally. Many people may recognize them as a spin-off from a very damaged brand. But …

#infosec

What wakes better in the morning than an ice cold shower or freshly brewed coffee ☕ / mate 🧉 ?
2390 unread messages in the inbox, all sent by someone called "Cron Daemon" 👹
#infosec #sysadmin

#infosec #ai #sre

AWS ME-CENTRAL in UAE apparently has been hit.
I'm waiting for attacks on the submarine cables now...
#iranwar #epicfury #infosec
(Map from the Equinix Blog

Omg not a triple barrier of magic!
#infosec #Monsterdon

Mikko Hyppönen is going after drones.
#InfoSec #Finland #drone #Ukraine

After fighting malware for decades, this cybersecurity veteran is now hacking drones | TechCrunch
Mikko Hyppönen is one of the most recognizable faces of the cybersecurity industry. After fighting computer viruses, worms, and malware, for more than 35 years, he tells TechCrunch why he is now working on systems to stop killer drones.

Looks like the problem is fixed and .de-Domains are coming back
#DNSSEC #denic #infosec #DNS