infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

@cR0w https://www.reddit.com/r/netsec/comments/1mryiha/elastic_edr_0day_microsoftsigned_driver_can_be/

(note that I said entertaining, not informative or useful...)
this post | permalink
That "EDR 0-day" post on reddit is quite entertaining!
this post | permalink
@codecolorist This hits hard after having spent many hours debugging shell escapes in cmdexec payloads... PowerShell is a harsh mistress, but it'd be even more gruesome if they had to do the same thing with cmd.exe :)
this post | permalink
@albinowax Still the best one I could find for this task ;)
this post | permalink
[RSS] tar-fs Link Directory Traversal Vulnerability

https://github.com/google/security-research/security/advisories/GHSA-xrg4-qp5w-2c3w

CVE-2025-48387
this post | permalink
[RSS] SQLite - Integer Overflow in FTS5 Extension

https://github.com/google/security-research/security/advisories/GHSA-v2c8-vqqp-hv3g
this post | permalink
@raptor @slashdot Don't forget though that he can live this way of life in large part because of his accomplishments (that also came with substantial amount of money)
this post | permalink
@mttaggart The stories title says that "[attacker] don't care about your endpoint security" which is simply not true (a lie, if you like). Stating (not suggesting) that EDR will not be effective not effective on other hosts when disabled on the pivot point is also a lie.

I absolutely agree with *your* comment, but this is just bad journalism transforming expert opinion into clickbait bullshit.
this post | permalink
@mttaggart I've read the story, but many visitors don't. Of course if you've ever had to bypass an EDR you'll get the gist, but if you are an average reader (this is The Register, not some hacker zine) these falsehoods added by the journalist will mislead you.
this post | permalink
@mttaggart As much as I like to bash endpoint security the title is a gross oversimplification of the problem: EDR is very much in the way while you 1. gain initial access 2. elevate your privileges 3. load a malicious kernel driver. And even after this you pwn'd 1 machine, and EDR is active on most lateral movement targets (I'd be also very interested in how "abuse this [local] kernel-level access to move laterally within the network" could be implemented in practice...).
this post | permalink
Next Page