Tootfinder

Opt-in global Mastodon full text search. Join the index!

@jtk@infosec.exchange
2025-10-10 19:14:48

Defensive #infosec blog editor Lari Huttunen:
"[...] the Public Exposure blog has been temporarily taken offline. This action is in response to a legal challenge over the blog’s ownership initiated by its founding sponsor [...]"

Legal Challenges - Stay Tuned
by: Lari Huttunen

@floheinstein@chaos.social
2025-09-16 08:09:39

Why use a URL shortener when you can use a phishy URL extender?
#infosec

https://cheap-bitcoin.online/backdoor-loader/rat-controller/malware_patch.exe?cachecontrol=inject&cookievalue=steal&file=poison&id=fc3188fb&payload=%28function%28%29%7B+return+Math.floor%284.9%29%3B+%7D%29%28%29%3B&port=scan
@grumpybozo@toad.social
2025-11-11 17:57:49

How is this still happening?
We all knew that hard-coded credentials were BAD and WRONG 35ya.
#InfoSec infosec.exchange/@offseq/11552

Offensive Sequence (@offseq@infosec.exchange)
Attached: 1 image ⚠️ CRITICAL: CVE-2025-42890 in SAP SQL Anywhere Monitor 17.0 (Non-GUI) — hard-coded credentials let attackers bypass auth remotely for RCE & full system takeover. Audit & restrict access now. Await SAP patches. https://radar.offseq.com/threat/cve-2025-42890-cwe-798-use-of-hard-coded-credentia-91b98cfd #OffSeq #SAP #Infosec #CVE202542890

@grumpybozo@toad.social
2025-09-12 18:14:49

Oh #ShadowServer, now you're just being silly...
#InfoSec #Scanners

Snippet from a listing of a security log, showing a ShadowServer IPv4 address attempting to contact a (redacted) RFC1918 IPv4 address and being denied because the packet is supposedly protocol ID 41 (IPv6) Raw text, 3 lines: Sep 12 05:46:37 ‹security. info> shinyghost kernel: ipfw: 50000 Deny P:41 64.62.195.158 192.168. Sep 12 06:05:27 ‹security.info> shinyghost kernel: ipfw: 50000 Deny P:41 64.62.195.158 192.168. Sep 12 07:09:36 ‹security. info> shinyghost kernel: ipfw: 50000 Deny P:41 64.…
@kurtsh@mastodon.social
2025-09-10 03:51:15

JFC. The stupid... it burns.
Rly Portland School district?
#infosecfail #portland
From: @…

i am root (@null@puddle.town)
Portland Public School district’s response to an increase in hacked student Google accounts is to force-disable MFA, with the provided rationale being that MFA is making it harder to recover accounts. WTF. You’re doing it very wrong. Now I gotta email the district… again. #pps #infosec #fail

@TFG@social.linux.pizza
2025-10-06 05:08:04

So... vacation is over. First day at work since 2 weeks. Forgot my glasses at home. This will be an interesting day with a lot of fog.
#dfir #infosec #forensics
"why are all im…

@losttourist@social.chatty.monster
2025-09-30 08:56:22

#NIST have issued updated #password guidelines for businesses. Interestingly they now say that requiring special characters is no longer a recommendation, but longer passwords / passphrases (using spaces) is a better idea.
I say "interesting" because that's something I've been doing for many years, long before I discovered password managers to remember things for me.
#infosec

@grumpybozo@toad.social
2025-09-02 23:06:57

My sensor points for this manage their reactive blocking on Hotel California principles, so what was remarkable to me about today is the rate of entirely new sources of telltale sketchy behaviors. The whack-a-mole bot was wielding a dozen hammers at once.
#infosec

@TFG@social.linux.pizza
2025-10-06 11:33:54

The moment when you want to take a picture of an evidence for documentation and you don't know if the autofocus of the cam is not getting it or if it's the glasses you forgot at home this morning...
#dfir #forensics