Raesene's blog has a lot of cool posts on kubernetes security
https://raesene.github.io/

ShadowHound: A SharpHound Alternative Using Native PowerShell
https://blog.fndsec.net/2024/11/25/shadowhound/

Unfurl v2025.02 released https://isc.sans.edu/diary/31716

Malware Source Servers: The Threat of Attackers Using Ephemeral Ports as Service Ports to Upload Dat https://isc.sans.edu/diary/31710

@miri

https://github.com/redcanaryco/atomic-red-team/wiki/

Sliver C2 Detected - 172[.]236[.]71[.]134:31337 - https://www.redpacketsecurity.com/sliver-c2-detected-172-236-71-134-port-31337/

#SliverC2 #OSINT #ThreatIntel

@nikahverse last on is cunning…

@nikahverse for mysql and derivatives I always liked '||1-- - which tended to bypass a lot of WAFs

Y’all: I have been wrestling with kbin on the fedia.io instance, but I want to take a step back and give some perspective. Kbin is new, it’s growing crazy fast, and it really wasn’t in a place to support the migration from Reddit. Despite that, @ernest has been working his tail off knocking down issues and helpings instance admins.

Reddit certainly seems to be tripling down on their position and I think kbin is shaping up to be a worthy alternative. If you like kbin (on whatever instance you use it on) and want to see it grow, may I ask that you throw some money Ernest’s way? (https://www.buymeacoffee.com/kbin)

I want to publicly thank Ernest for kbin and for his contributions to our growing fediverse community.

/back to whatever you were doing.

Something like Twitter lists on Mastodon? Does it exist? Will it be?

The point is having a separate tab of all the accounts you want to have their posts in one place, separate from home feed. Not having time to check all of my home feed, I use Twitter lists to stay updated on infosec news like attacks happening, new techniques evolving, etc.

Public archive of leaks and etc

Here it is: https://ddosecrets.com/wiki/Distributed_Denial_of_Secrets

I found leaks from Conti ransomware group, russia related documents (e.x: the dark side of Kremlin) and bunch more

You can even search through all the leaks:
https://search.ddosecrets.com/data/

Hope you'll enjoy it as much as I did.

#data #osint #leaks

Interviewer: Can you explain these gaps in your resume?

Me: Those are typographical indicators called spaces and line breaks that separate words and paragraphs.

"What's the password?"

"Yes."

"What?"

"That's right. 'What'."

I said, what's the password?

And I said 'yes'."

"'Yes' is the password?

"No. 'What'."

"What do you mean, 'what'?"

"That's the password."

"What?"

"That's the password."

"'That' is the password?"

"Yes."

"Okay. 'That'."

"That what?"

By u/Gomphos on reddit

#joke #funny

@nixCraft how does ":>file2" work?

Revenge is a dish best served cold :))

#joke #chatGPT #ai

Why Kerberos is so complicated?! And how the heck hackers figure this out? Very impressed by them LOL
Hopefully soon I'll figure it out 🤞

#windows #security

@itwasntme223 Right, that is true, thats why Im all for spreading the word around about all things security, the more people know, the more they will try to protect themselves even if it is inconvenient for them

@itwasntme223 I barely use chrome's incognito, I use ungoogled chromium

@moelassus thanks for letting me know

@itwasntme223 Yeah definitely 2FA is a must, what do you mean that its not an option? From what I see, its being adopted pretty well