home.social

#sectoot — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #sectoot, aggregated by home.social.

  1. Patience cant be a virtue in #infosec “hurry the f**k up” should be a virtue
    #sectoot

  2. Patience cant be a virtue in #infosec “hurry the f**k up” should be a virtue
    #sectoot

  3. Patience cant be a virtue in #infosec “hurry the f**k up” should be a virtue
    #sectoot

  4. Patience cant be a virtue in #infosec “hurry the f**k up” should be a virtue
    #sectoot

  5. Patience cant be a virtue in #infosec “hurry the f**k up” should be a virtue
    #sectoot

  6. Great #keynote #BHUSA2023 by @Azeria

    Key takeaways:

    • Chatgpt was hastily released despite knowing its risks.
    • #Google was rightly delaying its model’s release but then came #openai
    • #AI usecases and capabilities are exploding
    • AI Risks are serious
    • Phishing will expand to phishing AI agents.
    • What we need as industry?
    • Forensic AI tooling to analyze AI actions
    • AI wont replace sec pros. It has introduced many risks related to LLMs that we need #infosec pros to understand and analyse.
    • Have #IAM solutions for AI agents and for internal and business data used by LLMs
    • Tech evolving without security isnt new to us, similarly we know how to study new systems and is a chance for security pros to identify new opportunities and foster new solutions
    • AI village at #defcon #bhusa has 100+ talks.

    #blackhat #BlackHat2023 #sectoot #infosec

  7. Good Morning, story so far on the next log4j level #vulnerability #CVE20234863 #CVE20235129
    #0day #Chrome #iOS

    • libwebp library is vulnerable to heap overflow and can lead to RCE.
    • Apple assigned #CVE202341064 and #CVE202341061. Also actively exploited by #blastpass
    • #Google assigned #CVE20235129 for Chrome 0day and also exploited
    • Millions of apps and software use this library. See list sofar in 🧵
    • #CVE20235129 was rejected by NVD earlier due to all this confusion of several vendors assigning CVEs affecting their products
    • This will lead to vulnerability scanners not being able to correctly identify if your assets are affected with libwebp. #infosec #sectoot
  8. Cant believe #infosec is filled with a lot of toxicity these days.
    If the environment was pwned via eternal blue, that env was doomed already. No amount of dfir tooling or MSSP could have helped.
    Any good faith pentest company would have raised alarm bells after point 3 and stopped the pentest. Good for you if client allowed it but it wasnt needed IMO.
    Bragging about it does not do any good to do defenders.
    #sectoot

  9. This is great to spot those #ssrf. It allows you to identify processes making #IMDSv1 calls with cool #eBPF magic
    Super handy for instances that cant move to #IMDSv2
    github.com/aws/aws-imds-packet
    #aws
    #sectoot

  10. #ios16.3 #0day #ZeroDay
    #CVE202323529
    #CVE_2023_23529
    #sectoot
    “Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.”
    Affects: Ventura, Big Sur, Monterey Iphone 8, iPad air 3rd gen, iPad 5th gen or later

    Credit: Anonymous researcher
    Recognition: Citizen labs
    🤔

  11. Anyone feel like we should collectively forbid use of wordings like this in any #databreach notification within the industry?
    “There is no evidence that any unencrypted credit card data was accessed……”
    Almost sounds like we did not look or dont have logs to say if it was accessed…
    #infosec #sectoot

  12. Remember when people say always take approval for #pentesting

    This is what happens when you dont.

    While this #alberta MLA may have been acting in good faith and for public good, He clearly failed on lesson 101 of being a security researcher.

    He was being investigated for hacking in to Covid19 vaccine portal.

    edmonton.ctvnews.ca/mla-dang-o

    #bugbounty #canada #sectoot #infosec

  13. #nighthawk sample nh_dll2.dll that was taken down by #virustotal earlier for some copyright claims, seems to have reappeared.

    I really dont like that it was taken down in first place. #Redteam really should anticipate this just like #blueteam have to.

    #threatintel #ioc #sectoot

    virustotal.com/gui/file/9a5791

  14. Enhancing our automated #phishing triage workflow, I am planning to unsubscribe the end users automatically by having #SOAR click the unsubscribe link, if the email is triaged as marketing/graymail.

    Thinking here is if end users report emails as suspicious they do not want this marketing email. What do you think?

    Some may say, arnt you worried by being phished by unsubscribe link - so far I have only every seen 2 emails like that in several years in #infosec
    tags: #sectoot #phish

  15. So lets assume you are the #dfir #soc #infosec team/person who decided to stay for whatever reason at #twiter rn. 
What would you monitor for #insiderthreat ? 

    No judgement on you, just interested on knowing how this monitiring would work in real world.
    #tabletop #incidentresponse #detectionengineering #detection #sectoot #infosec #twittermigration

  16. As we gear up to #welcome another #twittermigration wave, here is a #weekend reminder for new #mastodon infosec #tweeps
    1) We have a #wiki to get you started: wiki.infosec.exchange
    2) Setup #mfa : in #ios mastodon app or web app, just go to Account settings⚙️ >> continue>> 3 line on top right>> Under Account >> Two Factor auth.
    3) There is a team that works hard to maintain this instance for us, so consider donating:
    liberapay.com/Infosec.exchange
    4) #boost 🔃to expand reach, ⭐️ to like/fav it.
    5) Use these hashtags for #infosec content while posting and then follow the hashtags:
    #sectoot #threatintel #iocs
    6) Use content warning as needed and alt text for images
    Above all, share your best #pooptoots 🤜🏻
    :heart_cybre:

  17. CW: Sharing IOCs on Mastodon

    @pixelnull agreed. Use #iocs #threatintel #sectoot and then go follow these tags to stay updated.

  18. Good Morning, story so far on the next log4j level #vulnerability #CVE20234863 #CVE20235129
    #0day #Chrome #iOS

    • libwebp library is vulnerable to heap overflow and can lead to RCE.
    • Apple assigned #CVE202341064 and #CVE202341061. Also actively exploited by #blastpass
    • #Google assigned #CVE20235129 for Chrome 0day and also exploited
    • Millions of apps and software use this library. See list sofar in 🧵
    • #CVE20235129 was rejected by NVD earlier due to all this confusion of several vendors assigning CVEs affecting their products
    • This will lead to vulnerability scanners not being able to correctly identify if your assets are affected with libwebp. #infosec #sectoot
  19. Good Morning, story so far on the next log4j level #vulnerability #CVE20234863 #CVE20235129
    #0day #Chrome #iOS

    • libwebp library is vulnerable to heap overflow and can lead to RCE.
    • Apple assigned #CVE202341064 and #CVE202341061. Also actively exploited by #blastpass
    • #Google assigned #CVE20235129 for Chrome 0day and also exploited
    • Millions of apps and software use this library. See list sofar in 🧵
    • #CVE20235129 was rejected by NVD earlier due to all this confusion of several vendors assigning CVEs affecting their products
    • This will lead to vulnerability scanners not being able to correctly identify if your assets are affected with libwebp. #infosec #sectoot
  20. Good Morning, story so far on the next log4j level #vulnerability #CVE20234863 #CVE20235129
    #0day #Chrome #iOS

    • libwebp library is vulnerable to heap overflow and can lead to RCE.
    • Apple assigned #CVE202341064 and #CVE202341061. Also actively exploited by #blastpass
    • #Google assigned #CVE20235129 for Chrome 0day and also exploited
    • Millions of apps and software use this library. See list sofar in 🧵
    • #CVE20235129 was rejected by NVD earlier due to all this confusion of several vendors assigning CVEs affecting their products
    • This will lead to vulnerability scanners not being able to correctly identify if your assets are affected with libwebp. #infosec #sectoot
  21. Good Morning, story so far on the next log4j level #vulnerability #CVE20234863 #CVE20235129
    #0day #Chrome #iOS

    • libwebp library is vulnerable to heap overflow and can lead to RCE.
    • Apple assigned #CVE202341064 and #CVE202341061. Also actively exploited by #blastpass
    • #Google assigned #CVE20235129 for Chrome 0day and also exploited
    • Millions of apps and software use this library. See list sofar in 🧵
    • #CVE20235129 was rejected by NVD earlier due to all this confusion of several vendors assigning CVEs affecting their products
    • This will lead to vulnerability scanners not being able to correctly identify if your assets are affected with libwebp. #infosec #sectoot
  22. This is great to spot those #ssrf. It allows you to identify processes making #IMDSv1 calls with cool #eBPF magic
    Super handy for instances that cant move to #IMDSv2
    github.com/aws/aws-imds-packet
    #aws
    #sectoot

  23. This is great to spot those #ssrf. It allows you to identify processes making #IMDSv1 calls with cool #eBPF magic
    Super handy for instances that cant move to #IMDSv2
    github.com/aws/aws-imds-packet
    #aws
    #sectoot

  24. This is great to spot those #ssrf. It allows you to identify processes making #IMDSv1 calls with cool #eBPF magic
    Super handy for instances that cant move to #IMDSv2
    github.com/aws/aws-imds-packet
    #aws
    #sectoot