Showing posts with tag: #cybersecurity

7 hours ago

Splunk security advisory 15 January 2025: Regular Expression Denial of Service (ReDoS) in Splunk Supporting Add-on for Active Directory (SA-ldapsearch)
CVE-2025-0367 (6.5 medium) In versions 3.1.0 and lower of the Splunk Supporting Add-on for Active Directory, also known as “SA-ldapsearch”, a vulnerable regular expression pattern could lead to a Regular Expression Denial of Service (ReDoS) attack.

No mention of exploitation

#splunk #vulnerability #CVE_2025_0367 #cve #infosec #cybersecurity

Tags: #splunk #vulnerability #cve_2025_0367 #cve #infosec #cybersecurity

Likes: 0

Replies: 0

Boosts: 0

11 hours ago

Woman fell for a "deepfake Brad Pitt" (head smack icon)

"A French woman named Anne told the "Seven to Eight" program on the TF1 channel that she had believed she was in a romantic relationship with Hollywood star Brad Pitt, leading her to divorce her husband and transfer 830,000 euros ($850,000) to a deepfake AI scammer posing as Pitt."

https://www.metacurity.com/us-feds-deleted-chinese-implanted-plugx-malware-from-thousands-of-systems/

#cybersecurity #ai #deepfakes #bradpitt #llm

Tags: #cybersecurity #ai #deepfakes #bradpitt #llm

Likes: 0

Replies: 1

Boosts: 0

1 day ago

Oops

The Intercept: Government Sites Across the U.S. Are Awash in Hardcore Porn

The Intercept found dozens of government websites exploited by spammers to redirect to porn. Here’s how this hack happened.

https://theintercept.com/2025/01/14/government-websites-porn-spam-hack/

#hacking #cybersecurity

Tags: #hacking #cybersecurity

Likes: 0

Replies: 0

Boosts: 0

1 day ago

This is why we must always validate all user input
#cybersecurity #awareness

Tags: #cybersecurity #awareness

Likes: 0

Replies: 0

Boosts: 3

1 week ago

"InfoCert has had millions of its customers’ personal data stolen and put up for sale.

A leading European certification authority and provider of digital identity services such as Italy’s SPID (Public Digital Identity System), InfoCert posted a public notice on its website detailing the data breach on December 27. However, the notice has since been taken down."

https://www.biometricupdate.com/202501/italian-digital-identity-provider-suffers-data-breach-5-5m-customers-affected

Archived InfoCert notice: https://web.archive.org/web/20241230095100/https://promo.infocert.it/comunicazione-infocert-28-12-24/?infocert_id=2254&infocert_campaign=COMUNICAZIONE-INFOCERT-281224-_-IT

The data has been up for sale since December 27, and as of a check a few minutes ago, the data is still up for sale.

#databreach #InfoCert #cybersecurity #identity

Tags: #databreach #infocert #cybersecurity #identity

Likes: 0

Replies: 0

Boosts: 1

1 week ago

Giant privacy breach (stuff they shouldn't be tracking, anyway, IMHO). https://www.404media.co/hackers-claim-massive-breach-of-location-data-giant-threaten-to-leak-data/
#privacy #cybersecurity #locationdata

Tags: #privacy #cybersecurity #locationdata

Likes: 0

Replies: 0

Boosts: 0

3 months ago

The naked truth of #cybersecurity

Tags: #cybersecurity

Likes: 0

Replies: 0

Boosts: 0

4 months ago

Every hacker should read this phrack article on repeat until they understand it.

https://phrack.org/issues/71/17.html#article

#phrack #finance #markets #crypto #stocks #infosec #cybersecurity

Tags: #phrack #finance #markets #crypto #stocks #infosec #cybersecurity

Likes: 0

Replies: 0

Boosts: 0

8 months ago

One of my favorite things to do is write books, specifically, books about Information Security. I've written a mixture of fiction and non-fiction titles over the years, that use a variety of techniques to teach folks about the industry.

You can find them wherever books are sold, and also Walmart for some reason!

Check out https://www.infosecdiaries.com/ to learn more about all of them.

#infosec #infosecreads #DFIR #BlueTeam #pentesting #DigitalForensics #cybersecurity

Tags: #infosec #infosecreads #dfir #blueteam #pentesting #digitalforensics #cybersecurity

Likes: 0

Replies: 0

Boosts: 0

1 year ago

Hey folx, realized I still owe an #introduction. So (mario voice) here we go:

My handle means "serious business." I'm always hopeful. I'm rarely optimistic.

What I'm working on:
* Studying #cybersecurity as someone without a computer science background
* Self-hosting more of the tools I use, particularly as a means of -
* Opting out of surveillance capitalism tech platforms (you know the ones)

I'm a big fan of these things and you can expect me to toot about them:
* solidarity, mutual aid, organized labor, cooperative economics, and community defense
* #privacy and privacy self-defense tools like Signal, Tor, Cwtch, and GPG / PGP
* #FOSS, especially the more accessible #linux distros like Debian
* #solarpunk and #lunarpunk as incongruent and complementary ideals

Here's some things that are a meaningful part of my life, that you probably won't see me toot about: parenting, weightlifting, software product management, firearms, PC gaming, LARP, business, finance, positive nihilism, MApoli, CambMA

Here's what I think I can offer you:
* I've worked for all different kinds of organizations, ranging from big tech, little tech, governments, to DAOs
* for better or for worse, I know a lot about #cryptocurrency, particularly #ethereum, #bitcoin, and #monero
* I've been a software product manager for a while now, which means I help teams ship software that does what users need - mostly through prioritization, facilitation, and communication
If there's anything in my background that would be useful to you, please reach out. I'm happy to share.

One last thing - a message to fascists, TERFs, dominionists, abusers, and every other variety of petty authoritarian desperate for an excuse to control others: fuck you, y'all gonna lose

Tags: #introduction #cybersecurity #privacy #foss #linux #solarpunk #lunarpunk #cryptocurrency #ethereum #bitcoin #monero

Likes: 0

Replies: 0

Boosts: 0