dist :verified:

Blue team, DFIR, Reverse engineering

dist :verified:dist@infosec.exchange
2024-03-25

@pancakescon @qualcomm Thanks for the CTF! It was fun! \o/

dist :verified: boosted:
2024-03-25

CTF is almost done but still anyone's game! Well done, teams, and thanks again @qualcomm !

Place Team Score 1 Cyber Alpackas 3100 2 All the Lazy Things 3025 S WatchltSmolder 2175 4 CleverTeamName 1725 5 StrongWind 1350
dist :verified:dist@infosec.exchange
2023-09-05

@foone AddBadMonsters or AddToughMonsters or AddEvilMonsters

dist :verified:dist@infosec.exchange
2023-09-05

@foone
class RoomNumberUpdateScript
class HouseTwoEvents (or SecondHouseEvents)
class uhh what

Who is Mr Spook and what Kontrls him?

dist :verified: boosted:
2023-08-08

UK Electoral Commission has been #breached for extended period. It's unclear how many people are affected, but estimates suggest tens of millions. electoralcommission.org.uk/pri

In Finland #penandpaper voting has been preferred, and still is. The cyber and other threats originating from electronic voting have been considered too high of a risk vs the existing well defined voting process. more here: blog.f-secure.com/podcast-evot

#evoting #cybersecurity #compromise

dist :verified:dist@infosec.exchange
2023-07-22

@jerry lol, sorry I did this. Impossible for anyone to send more now 😂

Infosec exchange Patreon is $1337 now
dist :verified:dist@infosec.exchange
2023-07-08

There’s still no evidence that @jerry ever sleeps, this only would also show otherwise.

dist :verified: boosted:
MastodonMastodon
2023-07-06

⚠️ We have just released important security fixes for the server software. Versions 4.1.3, 4.0.5, 3.5.9, as well as a new nightly are available now to make upgrading quick and painless. Please upgrade as soon as possible!

dist :verified:dist@infosec.exchange
2023-07-06

Mastodon is a free, open-source social network server based on ActivityPub. Starting in version 3.5.0 and prior to versions 3.5.9, 4.0.5, and 4.1.3, attackers using carefully crafted media files can cause Mastodon's media processing code to create arbitrary files at any location. This allows attackers to create and overwrite any file Mastodon has access to, allowing Denial of Service and arbitrary Remote Code Execution. Versions 3.5.9, 4.0.5, and 4.1.3 contain a patch for this issue.

dist :verified:dist@infosec.exchange
2023-07-06
dist :verified:dist@infosec.exchange
2022-11-23

How to ruin a sale: @NordVPN
-edition. See screenshot.

Well. It's not just Facebook.. There's also Twitter, Bing and Google ads/tracking on that page. So, uhh.. Maybe don't do that if you claim to be privacy focused?

dist :verified:dist@infosec.exchange
2022-11-12
dist :verified:dist@infosec.exchange
2022-11-09

@Viss @jerry COMPLETELY DIFFERENT. 😂

dist :verified:dist@infosec.exchange
2022-11-07

@talios If one knows how to validate emails, it’s best not to read the RFCs.

dist :verified:dist@infosec.exchange
2022-11-07

Oh btw fun fact, iOS around version 6 or so would sometimes decide that the number is too long and would shorten it, for example like this: ”1…5”

dist :verified:dist@infosec.exchange
2022-11-07
This is the way
dist :verified:dist@infosec.exchange
2022-11-07

@miked tried deleting half a million messages from gmail earlier.. it’s actually surprisingly difficult.

dist :verified:dist@infosec.exchange
2022-11-06

Someone says ”if you can use email, you already know how to use Mastodon”.. can we just not, ok? 😂

email app with way too much spam emails

Client Info

Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst