sten0 ✅ @sten0_SE@mastodon.social
Infosec | OSINT | Locksport | Crypto | Social Engineering | Abusing Systems |
Most everyone's mad here... https://sten0.ghost.io/
Schrödinger's Ops... production is in a constant superposition of states between "duct-taped together" and "everything's on fire"
KFC to start taking/storing facial image scans because how could that POSSIBLY go wrong?
"KFC ensures they will be secure" lmao ok, and I'm a Nigerian Prince who just needs to transfer some funds for an upcoming trip.
See enclosed a check for $5,000 USD. Please cash, take $500 for troubles, and wire the rest to my offshore acct.
F04 update: Riding vertibird, killing deathclaws with GAT-GAT-GAT (minigun) while listening to Johnny Cash's "Ghost Riders in the Sky" is so statisfying. Short Change Hero by the Heavy is great for glowing sea (thunder/lightning matches up).
This gives killing the first Witcher 3 boss (griffin, and many similar ones after) while listening to "puff the magic dragon" a run for it's money.
😂
'course, half the goddamn problem is that there are five fucking people on the call, and four of them are fucking redundant.
@abbenm @sten0_SE
Oh, absolutely.
Infosec is hard. Opsec is hard. Blueteaming on either is extra hard because redteaming is so easy. That's pretty widely accepted.
But, because of the stakes involved, it's not unreasonable to dogpile on minor mistakes.
Engineering nuclear power plants is hard, but that doesn't mean we give people a pass when one melts down. The engineers know this and are extra careful.
Re: #RealityWinner
If you didn't know about the "hidden" printer dots that get added I have a few others for you. The general idea is called "canary trapping" and takes many forms ranging from differeing stories, font spacing, scene markers (film industry), high-pitched frequencies beyond human hearing range (music industry) etc.
Reminder: don't actually delete your Yahoo account because they can reissue your email address to the next person who wants it: https://honeypot.net/purge-your-yahoo-account/
Also.. here's my playlist when Diamond City Radio gets old.
Everything from love and raiding to western/wanderer, heart break, happiness and back again. https://mastodon.social/media/aWiLfx30JuK1m3JGDMA
First time through Fallout 4.. Greetz from the wasteland!
Btw.. when I say "I'm going to make you suffer" well, I mean it...
https://mastodon.social/media/6K9sPtxW4dbKh1m0RBA
https://mastodon.social/media/D_TsD7cDTEWNhpezl4M
ICYMI: ~600 pg monster covering damn-near everything about VM/homelabs. Last day to get it for free... buy it anyway!
courtesy of @da_667 (same handle on tweeter)
List of products with SMBv1 as a requirement (per vendor).
🔥 🔥 🔥
https://blogs.technet.microsoft.com/filecab/2017/06/01/smb1-product-clearinghouse/
Good roadmap to learning exploitation.
"From 0x90 to 0x4c454554, a journey into exploitation"
http://www.myne-us.com/2010/08/from-0x90-to-0x4c454554-journey-into.html
Call your CS reps, ask about policy, and poke around. Sometimes you can add notes to account to help protect and for others it's just good to know how "secure" you are.
Also start poking at various password reset methods and take note of what information they give out (even partial cell/credit #'s, account name, email addy etc can be big).
Bypass security on any AT&T wireless by logging onto http://ufix.att.com
Start checking all those wifi's near you... https://securitymastod.one/media/yK_lNzkaRf-9hsO-GRM
Officially dc'ing from the cyber interweb matrix to go hiking/kayaking/camping and build fires all weekend.
Catch you on the flip side https://mastodon.social/media/aEoeDoXaYRxDbbMjTzM
Happy Friday.... it's almost over, then you can [maybe] feign not feeling genuinely insane for a few days. Any cool plans? I'm dc'ing from net and going as deep into nature as possible. https://mastodon.social/media/AjZluJEc7OT0K6X1yU0
Did you know? Clouds are formed from the evaporated tears of many thousands of network and systems admins https://mastodon.social/media/g3ikKTz9Hp6ID-BJrJE
😐 This dubious legislation for offensive security is unethical and dangerous for private sector networks. You can't "retrieve stolen files from hackers". The word they are looking for is "destroy". This bill would promote widespread information system disruptions that are difficult to contain. #infosec #riskmanagement
http://thehill.com/policy/cybersecurity/335107-rep-releases-draft-hacking-back-legislation
The #OpenVPN audits yield a mixed bag.
Low-medium vulns but nothing considered "high" - crypto solid.
Possible problems with implementation (par for course really).
https://threatpost.com/openvpn-audits-yield-mixed-bag/125694/
