Scott Mortimer @ScottMortimer@infosec.exchange

Oh, I am not a happy boy....

'Hell is coming': week-long heatwave begins across Europe

Temperatures could hit 40C from Spain to Switzerland, with authorities urging children and older people to stay indoors

https://www.theguardian.com/world/2019/jun/24/hell-is-coming-week-long-heatwave-begins-across-europe

Holy crap, this is a poorly written article! Why is so much of the information security journalism online of such low quality?
-
Confirmed: Nasa Has Been Hacked
https://news.ycombinator.com/item?id=20264774
#hackernews #tech

Raspberry PI 4 Released - Complete specs and pricing - nixCraft

Raspberry Pi 4 released. It is a comprehensive upgrade to provide a PC-like performance with 4 core CPU+4GB ram running on forthcoming Debian Linux 10.

https://www.cyberciti.biz/linux-news/raspberry-pi-4-released-complete-specs-and-pricing/

~Open Source Security Tool of the Day~

Easy files and payloads delivery over DNS

https://github.com/no0be/DNSlivery

Awesome YARA

A curated list of awesome YARA rules, tools, and resources. Inspired by awesome-python and awesome-php.

https://github.com/InQuest/awesome-yara?mc_cid=6ee2fe8559&mc_eid=0e7d497022

~Open Source Security Tool of the Day~

SpiderFoot is a reconnaissance tool that automatically queries over 100 public data sources (OSINT) to gather intelligence on IP addresses, domain names, e-mail addresses, names and more. You simply specify the target you want to investigate, pick which modules to enable and then SpiderFoot will collect data to build up an understanding of all the entities and how they relate to each other.

https://www.spiderfoot.net

It is proven! I am scottmortimer on Keybase: https://keybase.io/scottmortimer/sigchain#86698e70d0b24dd3d4f83d761b364428fc5bd00a915ab01cc9d953093692bd740f

@lx

Have you tried Fedilab?

https://fedilab.app

~Open Source Security Tool of the Day~

netsniff-ng is a free Linux networking toolkit, a Swiss army knife for your daily Linux network plumbing if you will.

Its gain of performance is reached by zero-copy mechanisms, so that on packet reception and transmission the kernel does not need to copy packets from kernel space to user space and vice versa.

Our toolkit can be used for network development and analysis, debugging, auditing or network reconnaissance.

http://netsniff-ng.org

#irony

~Open Source Security Tool of the Day~

mitmproxy is your swiss-army knife for debugging, testing, privacy measurements, and penetration testing. It can be used to intercept, inspect, modify and replay web traffic such as HTTP/1, HTTP/2, WebSockets, or any other SSL/TLS-protected protocols.

https://mitmproxy.org

Freaked out by hyperbolic "Security" media reports of the great SACK DoS Apocalypse?

Keep Calm and Ignore the Clickbait

But if you can't, simply:

Disable SACK processing (/proc/sys/net/ipv4/tcp_sack set to 0).

~Open Source Security Tool of the Day~

Firejail is a SUID program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces and seccomp-bpf. It allows a process and all its descendants to have their own private view of the globally shared kernel resources, such as the network stack, process table, mount table.

https://firejail.wordpress.com