infosex.exchange <3
You are probably looking for the infosec.exchange Mastodon instance
This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.
Discoverability and Archiving
Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.
Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.
Gluttony Section for Search Engines
That "EDR 0-day" post on reddit is quite entertaining!
@codecolorist This hits hard after having spent many hours debugging shell escapes in cmdexec payloads... PowerShell is a harsh mistress, but it'd be even more gruesome if they had to do the same thing with cmd.exe :)
@albinowax Still the best one I could find for this task ;)
@raptor @slashdot Don't forget though that he can live this way of life in large part because of his accomplishments (that also came with substantial amount of money)
@mttaggart The stories title says that "[attacker] don't care about your endpoint security" which is simply not true (a lie, if you like). Stating (not suggesting) that EDR will not be effective not effective on other hosts when disabled on the pivot point is also a lie.
I absolutely agree with *your* comment, but this is just bad journalism transforming expert opinion into clickbait bullshit.
@mttaggart I've read the story, but many visitors don't. Of course if you've ever had to bypass an EDR you'll get the gist, but if you are an average reader (this is The Register, not some hacker zine) these falsehoods added by the journalist will mislead you.
@mttaggart As much as I like to bash endpoint security the title is a gross oversimplification of the problem: EDR is very much in the way while you 1. gain initial access 2. elevate your privileges 3. load a malicious kernel driver. And even after this you pwn'd 1 machine, and EDR is active on most lateral movement targets (I'd be also very interested in how "abuse this [local] kernel-level access to move laterally within the network" could be implemented in practice...).
Hi, I'm your favorite security vendor, welcome to...
Next Page