~Open Source Security Tool of the Day~

Whalescan is a vulnerability scanner for Windows containers, which performs several benchmark checks, as well as checking for CVEs/vulnerable packages on the container. It also checks the config and Docker files for misconfigurations. This tool can be used as part of a Windows container review on local copies of the containers, and on the host itself to enhance security.

github.com/nccgroup/whalescan

"Shield is an active defense knowledge base MITRE is developing to capture and organize what we are learning about active defense and adversary engagement. Derived from over 10 years of adversary engagement experience, it spans the range from high level, CISO ready considerations of opportunities and objectives, to practitioner friendly discussions of the TTPs available to defenders."

shield.mitre.org/

~Open Source Security Tool of the Day~

gVisor provides a virtualized environment in order to sandbox containers. The system interfaces normally implemented by the host kernel are moved into a distinct, per-sandbox application kernel in order to minimize the risk of an container escape exploit. 

gvisor.dev/

USPOL, RBG, Your Cynicism 

You cannot expect to do good without acting inside the system to triage, and working without the system to force change.

Both of these things matter.

Exercising your right to vote doesn't mean you are supporting the system, it means you are manipulating as best you can from within.

Do it.

Exercising your right to protest, and force change by holding politico's feet to the fire? Just as important.

At this point if you are of the belief that not voting is a good idea, you are either a manipulated fool, or a mouthpiece trying to disenfranchise others.

Get over your ego, and go do both.

I'm not asking you to even like it. But know how you are leveraged, and maximize your free will.

Product direction from Mozilla:

"...this decision allows us to sharpen our focus on experiences like Mozilla VPN, Firefox Monitor, and Firefox Private Network."

blog.mozilla.org/blog/2020/09/

VPN, VPN (through CloudFlare's) & EOM of haveibeenpowned?

Where is the Mozilla we used to love?

Recently, we removed Firefox Send because of security concerns and they took the service down. Today, they announced Send is dead.

We will also be removing Lockwise because Mozilla keeps killing projects after adoption, causing headaches for users.

blog.mozilla.org/blog/2020/09/

~Open Source Security Tool of the Day~

Endlessh: an SSH tarpit

Endlessh is an SSH tarpit that very slowly sends an endless, random SSH banner. It keeps SSH clients locked up for hours or even days at a time. The purpose is to put your real SSH server on another port and then let the script kiddies get stuck in this tarpit instead of bothering a real server.

github.com/skeeto/endlessh

Bellingcat’s Online Investigation Toolkit

Welcome to Bellingcat’s freely available online open source investigation toolkit. You can follow our work on via our website, Twitter and Facebook. The list includes satellite and mapping services, tools for verifying photos and videos, websites to archive web pages, and much more. The list is long, and may seem daunting.

docs.google.com/document/d/1Bf

😳

New Windows exploit lets you instantly become admin. Have you patched?

Zerologon lets anyone with a network toehold obtain domain-controller password.

arstechnica.com/information-te

Azure Seas....

"The team is speculating that the greater reliability may be connected to the fact that there were no humans on board, and that nitrogen rather than oxygen was pumped into the capsule."

Microsoft's underwater data centre resurfaces after two years

bbc.com/news/technology-541467

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics. These cheat sheets were created by various application security professionals who have expertise in specific topics.

cheatsheetseries.owasp.org/

Show more

Scott Mortimer's choices:

Infosec Exchange

A Mastodon instance for info/cyber security-minded people.