infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

@catsalad
"- Why do you put six sugars in your coffee?
- Because the cafeteria doesn't offer little packets of methamphetamine"
this post | permalink
1:30 in and I'm already like Whooooo... :D

https://www.youtube.com/watch?v=I1mhJjxtJx4
this post | permalink
@singe I'd love to see some official, vendor-agnostic detection guidance instead of "buy our cloud offering"...
this post | permalink
"There is always a way, but we do not provide one." lol

#ghidra

https://github.com/NationalSecurityAgency/ghidra/discussions/5362#discussioncomment-5968992
this post | permalink
Promoting exploits with logos and websites may be overkill, but let me remind you of this show put together for the release of a RAT:

https://youtu.be/oHxNEvklKqE?si=59JzajcBQYRP7xrX&t=1491

#bo2k #cdc #defcon
this post | permalink
@gsuberland Also, do you know https://github.com/DarkCoderSc/SubSeven ? :)
this post | permalink
@gsuberland Yesterday I asked in the office who's heard about Back Orifice. One hand (out of ~10).
this post | permalink
@dcoderlt This is at least a good opportunity to think abut who is benefiting from the bloodbath in the Middle East...
this post | permalink
@stilescrisis @raptor CCs are literally written on the card, visible to anyone who looks at my hand while I pay. Why should I keep it secret? (Not sure if this is part of the actual thought process but I think this is an interesting angle)
this post | permalink
Two relatives of mine got scammed/phished recently. Nothing serious happened fortunately. Some interesting observations:

- People see URL's as opaque blocks. They have 0 clue where they point to since they have 0 clue about how to read them.
- "Check the domain" doesn't help (even assuming the knowledge of what part of an URL string is a domain) if you have no information about what domains are "normal" (whatever that means).
- Regular people don't see giving out CC's or other sensitive information as a critical task. One of the victims told me they gave out their CC while doing two other things - I'd drop everything to focus such a task, while for them it's just another boring physical copy-paste.

Based on this most of are awareness advise is shit.

#phishing #scam
this post | permalink
Next Page