#secconsulting — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #secconsulting, aggregated by home.social.
-
Reading about the recent SMTP and SSH vulnerabilities, I get the impression that open source projects, proprietary vendors and government agencies such as @certbund don't know how to talk to each other. They should at least have something like a red phone.
Please comment here if you have a constructive idea on how to improve the situation! #SECconsulting seems to assume that everyone uses #VINCE, a CMU service I had never heard of.
#SMTP:
https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/
https://www.postfix.org/smtp-smuggling.html