Skip to main content

Recherche

Éléments taggés infosec


 
C Y B E R friends:
What are your favorite resources for someone moving into the space (like into an incident response role)?

Please share!

#infosec #cybersecurity #security #incidentresponse

 
Hey #infosec I've some job interviews next week in the security industry, first time for me. Any good tips you might wanna share ? Reboost appreciated :)

 
Simple Python3-based Signal :signal: APK downloader:

https://gist.github.com/infosec-handbook/0a20feef893376a7c1bbd9ff4c0216e3

It downloads the latest version which is directly available on signal.org and offers an integrity check.

(Improvements welcome.)

#signal #messenger #apk #infosec #security #cybersecurity

 
Recap: XMPP – admin-in-the-middle.

https://infosec-handbook.eu/blog/xmpp-aitm/

XMPP admins can transparently:

– see and arbitrarily modify all of your contacts, MUC memberships/affiliations and vCard data
– monitor your activity and devices
– log and read your password in cleartext
– log and read cleartext messages and other file types
– impersonate your contacts
– delete messages
– …

In our opinion, the only way to privately and securely use XMPP is hosting your own server.

#xmpp #privacy #security #infosec

 
Mastodon :mastodon: security:

In August, Mastodon 2.4.4 was released which contains two fixes for security vulnerabilities.

Today, 39.5% of all Mastodon instances which show their version number are still running vulnerable Mastodon < 2.4.4.

We already checked this twice:

– 10/1/18: 42% vulnerable
– 8/23/18: 38.6% vulnerable

Either the remaining instances are all unmaintained or admins refuse to update.

#mastodon #security #vulnerability #infosec #security #cybersecurity

 
by the way, does the fediverse use something like #DoH/#DoT or #DNSCrypt? i'm currently using the latter, but it doesn't prevent sniffing, only spoofing
are tls handshakes too long to browse the internet comfortably without a dns cache or not?

#dns #security #infosec

 
Upcoming DNSSEC key rollover – how to check your Turris Omnia's knot resolver:

– connect to your Turris Omnia using SSH
– enter '# cat /etc/root.keys | grep "KeyTag:20326"'

If you see the key, no further action is required. All modern resolvers follow the process defined in RFC 5011 to update their root keys automatically.

See also:

https://www.icann.org/dns-resolvers-updating-latest-trust-anchor

#turris #omnia #knot #dnssec #key #rollover #dns #security #infosec #cybersecurity

 
So Alpine Linux has a pretty serious set of vulnerabilities because

- It doesn’t download packages over TLS, making them prone to MitM. Which on its own isn’t terrible but it also...

- Doesn’t check hashes before extracting to root (!)

- And uses custom gzip code which is vulnerable to arbitrary code execution (!!)

#Infosec

 
"Code PIN en garde à vue : décryptage d’un coup de bluff" - https://paris-luttes.info/code-pin-en-garde-a-vue-decryptage-10696

Ca existe pas un système de code pin "honeypot" ? Du type, si ce code pin est utilisé, le téléphone se déverrouille mais :
- efface des données sensibles
- ne montre que des données sans intéret

#infosec

Code PIN en garde à vue : décryptage d’un coup de bluff

Ces derniers temps, on entend partout qu’il est désormais obligatoire de donner son code pin en garde-à-vue. Démontage de cette rumeur que les flics ne se privent pas d’alimenter. Par le Groupe légal Paris.


 
With all my gripes with# Signal (centralized, non-federated, server-based, Electron-based desktop app), the fact that in my circle of contacts it's not longer the "pretty good solution we should be using" but the "pretty good solution we are using but looking for something better" is such a win.

I just wanted to stop for a second and appreciate that.

If we're talking about the need to move to something better than Signal, we are in a pretty decent place.

#infosec

 
No, PGP is not broken, not even with the Efail vulnerabilities - https://protonmail.com/blog/pgp-vulnerability-efail/

> Recently, news broke about potential vulnerabilities in PGP, dubbed Efail. However, despite reports to the contrary, PGP is not actually broken, as we will explain in this post.

#pgp #efail #infosec #security #mail
No, PGP is not broken, not even with the Efail vulnerabilities

 
#PGP and #GPG are so broken, the EFF is recommending that you immediately stop using them until after publication of the problem. #infosec #security #GoodLuck #WereAllDoomed

https://www.eff.org/deeplinks/2018/05/attention-pgp-users-new-vulnerabilities-require-you-take-action-now

Ominous: https://twitter.com/seecurity/status/995913231418961920

 
Security Flaw Impacts Electron-Based Apps - https://www.bleepingcomputer.com/news/security/security-flaw-impacts-electron-based-apps/

> Security researchers have found a security flaw in Electron, a software framework that has been used in the past half-decade for building a wealth of popular desktop applications.

#Security #infosec #Electron

 
Merci à tou.te.s pour les boost de mon pouet sur de bonnes sources d'#infosec mais j'ai eu qu'une réponse en fait. xD
Je suis preneur de toutes vos bonnes adresses (site, forum, youtube, skyblog...).
Plein de bisous

 
Hello mes pouéteurs préférés. Je cherche des bons sites / chaînes YouTube (ou peertube) / podcasts... pour l'#infosec en anglais, français ou espagnol. Des suggestions?

 
Seems like SSLLabs is planning to collect personal data from its users soon: https://twitter.com/vcsjones/status/985338700807770123
I wonder what they need this for to "provide the service".
#infosec #ssl #privacy

 
MyFitnetssPal got hacked.

https://www.digitaltrends.com/computing/under-armour-myfitnesspal-accounts-hacked/

#infosec #news #hacked

 
I'm no fan of Facebook, but the #infosec trend of blaming consumers for giving away information, or saying we should all live in a hole doesn't help. Mozilla's trying to mitigate FB's worst habits, so people can keep using it. It's an idea worth exploring, and one I'm happy to see.

https://www.pcmag.com/news/360079/mozilla-stops-facebook-tracking-with-a-firefox-add-on
Image/photo

 
Hop, publié aussi sur Medium => Déployer #CSP : une approche en 5 étapes https://medium.com/@Nico3333fr/d%C3%A9ployer-csp-une-approche-en-5-%C3%A9tapes-783b490dd9cb #infosec #ContentSecurityPolicy #Security

 
Since there seems to be a new influx of people, I thought I'd give another #introduction. I work in #infosec at a very large technology company helping to protect it, and it's customers, from cyber threats. I am quite passionate about systemically improving security, and try to help through a weekly podcast I founded and co-host (defensivesecurity.org) and a blog (infosec.engineering). I also manage the infosec.exchange Mastodon instance.
I hope you all have a great weekend!
#introductions

 
"if you are publishing research behind a paywall, I don't know what you are doing, but it isn't Science."

"If you don't publish everything necessary to reproduce, including hardware decisions and settings, it isn't Science."

#TR18 #troopers #infosec #academia

 
The most annoying thing about being in the #infosec industry are all those tiny blogs seeking for attention by finding new terms for existing threats and calling them “Super Threats” and why the world will end tomorrow, so people come and click.. 😒

 
#infosec trashpost
Cliquer pour ouvrir/fermer

 
#infosec trashpost
Cliquer pour ouvrir/fermer

 
Comment j'ai pu gagner un accès administrateur sur un serveur Windows 2012 grâce à Google https://crowd42.github.io/comment-jai-pu-gagner-acces-administrateur-serveur-windows-grace-google/ #infosec #pentest

Comment j'ai pu gagner un accès administrateur sur un serveur Windows 2012 grâce à Google | crowd42's blog

Comment j'ai pu gagner un accès administrateur sur un serveur Windows 2012 grâce à Google | crowd42's blog

 
Oops, the only advice that #ENISA sticks on their tract about passwords is not even a good one. Not that charset diversity is a bad thing, per se, but entropy is key, and 5 truly-randomly picked words from a full dictionary is very strong too. Why not put on the tract: "Passwords are obsolete. Use 2FA." #infosec #password

https://infosec.exchange/media/eGMj2tzSsPWBHrLFqpY
Image/photo

 
Several vulnerabilites in Intel's Management Engine:

https://thehackernews.com/2017/11/intel-chipset-flaws.html

#flaws #vulnerability #intel #cybersecurity #security #infosec
Intel Patches Critical Flaws in Its Processors that Left Millions of PCs Vulnerable

 
The blogosphere suddenly became aware of the existence of Intel ME "spying at you" to paraphrase some catchy titles. If some authors seem to discover that technology, the truth is it is here for almost 10 years!

So, in order for you to make your own educated opinion, I tried to summarize the facts concerning Intel ME and the current state of the community knowledge about that technology.

https://itsfoss.com/fact-intel-minix-case/

#InfoSec #Privacy
#Intel #IntelME #Minix
#Mythbuster https://itsfoss.com/fact-intel-minix-case/

 
To improve the security of my severs, I'm generating my own moduli file. Having a different one from others makes certain precomputed attacks more difficult.

"""
for i in 2048 3072 4096 6144 7680 8192 ; do ssh-keygen -G moduli-${i}.candidates -b $i; done

for i in 2048 3072 4096 6144 7680 8192 ; do ssh-keygen -T moduli-${i} -f moduli-${i}.candidates; done

cat moduli-???? > moduli; mv moduli /etc/moduli
"""

This will take a few days....

#openbsd #infosec #security #ssh

 
#InfoSec Des failles de sécurité majeures découvertes dans le protocole WPA2
| EN https://buff.ly/2ymRHoF
| FR https://buff.ly/2ysxzDZ

Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping

KRACK attack allows other nasties, including connection hijacking and malicious injection.

 
Disable Intel IME (management platform on the CPU)

http://blog.ptsecurity.com/2017/08/disabling-intel-me.html

#InfoSec

Disabling Intel ME 11 via undocumented mode

Our team of Positive Technologies researchers has delved deep into the internal architecture of Intel Management Engine (ME) 11, reveali...

 
Oh come on, i a tech-savvy group of people talking about cybersecurity, can we *PLEASE* stop using the words "hack", "hacked", and "hacker" to mean "compromise", "broken-into", "cybercriminal"?

It conflates government-paid professional malicious actors with a kid in a basement somewhere building a digital clock. Doesn't seem fair to the kid.

Pretty please?

#InfoSec

 
As for the guy having identified a vulnerability in AlphaBay's forums: he wanted to disclo but never heard from high-level admins. The guy suspects an exit scam (the founders left with all the Bitcoins they could get hold of after a wave of July-4 orders).

More to come then.

#infosec #darkweb

 

 
@aeris voici pourquoi (en partie) -> lis l'article pas que mes commentaires

mastodon.social: maliciarogue on mastodon.social (R ✅)


 
L'exemple me fait rire parce qu'il y a à peine 10 jours, j'ai passé un entretien (mise en situation) pour consultant senior gesrisques et crises IT, avec évolution en adjoint RSSI à 1 an. Le truc le plus important dans la mise en situation : développer en 15 min maximum la stratégie business d'une cahute vendant des glaces sur la plage corse.

Les consultants senior #infosec font ça à longueur de journée... Bref, pas de rancune mais j'en suis sortie très déçue par l'étroitesse d'esprit.

2/2

 
Je vois de nombreuses personnes parler de recherche de job en adminsys/infosec. Il y a de l'espoir que ça bouge, voici de la lecture : https://www.tripwire.com/state-of-security/risk-based-security-for-executives/connecting-security-to-the-business/there-is-no-cyber-talent-crunch-youre-just-hiring-wrong/

Le mec est génial :) Le truc qui m'a fait rire, c'est l'évaluation de la hauteur d'une clôture à mailles métallique comme évaluation des capacités en #infosec.

1/2 https://www.tripwire.com/state-of-security/risk-based-security-for-executives/connecting-security-to-the-business/there-is-no-cyber-talent-crunch-youre-just-hiring-wrong/

 
Awwwww :) papoter avec les collègues côté Internet of Dongs (#infosec sextoys connectés) et apprendre qu'un truc que j'avais déniché, beh les gars ne l'avaient pas vu #fière

 
Today's CVE announcement from sudo show just how dangerous procfs in and of itself is with regards to system security. https://www.sudo.ws/alerts/linux_tty.html #infosec #linux

Potential overwrite of arbitrary files on Linux

potential overwrite of arbitrary files

 
L'organisme à qui je reprochais une configuration TLS insuffisante vient de me répondre. UN PAVÉ. Pour me dire que s'ils utilisent RSA et 3DES c'est parce que Terena n'autorise pas mieux et que c'est Chrome qui vérifie n'importe quoi, et que le chiffrement de la connection n'est pas remis en compte. #infosec

Je sais pas si je dois rire ou pleurer...

C'est pas comme si leur portail s'était fait pourrir 1 mois après le contrôle...

 
Petit lot de présentations pour découvrir la partie hardware de vos machines, la fragilité des différents firmwares qui tournent dans les composants de celles-ci #infosec :

advanced-threat-research/firmware-security-training

Contribute to firmware-security-training development by creating an account on GitHub.