infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

@wdormann signed, Dwayne Elizondo Mountain Dew Herbert Camacho
this post | permalink
[RSS] CVE-2024-28989: Weak Encryption Key Management in Solar Winds Web Help Desk

https://www.netspi.com/blog/technical-blog/adversary-simulation/cve-2024-28989-weak-encryption-key-management-solar-winds-web-help-desk/qq
this post | permalink
This is the fix commit for CVE-2025-24813, looks pretty straightforward:

https://github.com/apache/tomcat/commit/0a668e0c27f2b7ca0cc7c6eea32253b9b5ecb29c

Given Tomcat's downstream supply chain I'd be surprised if this didn't end up in KEV...
this post | permalink
[oss-security] CVE-2025-24813: Apache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT

https://seclists.org/oss-sec/2025/q1/197

"If all of the following were true, a malicious user was able to perform remote code execution:

- writes enabled for the default servlet (disabled by default)
- support for partial PUT (enabled by default)

- application was using Tomcat's file based session persistence with the default storage location - application included a library that may be leveraged in a deserialization attack"
this post | permalink
[RSS] Exploiting Neverwinter Nights

https://www.synacktiv.com/en/publications/exploiting-neverwinter-nights
this post | permalink
@cR0w mandatory hymn: https://www.youtube.com/watch?v=9IG3zqvUqJY
this post | permalink
Ecosia and Qwant join forces to develop European search index

https://betterweb.qwant.com/en/2024/11/08/ecosia-and-qwant-join-forces-to-develop-european-search-index/

#adtech
this post | permalink
@G33KatWork is Scooter a joke to you?
this post | permalink
@kravietz By "controversional facts" you mean *lies*?
this post | permalink
(De)Merit Badges

https://tested-store.com/collections/demerit-badges

I need something like these for the next #failnight!
this post | permalink
Next Page