If your password manager, banking or payment platform doesn't use 2FA, find alternatives.

Show thread

List of websites and whether or not they support Two-Factor Authentication

2fa.directory/

"Developers and Open Source authors now have a massive amount of services offering free tiers, but it can be hard to find them all to make informed decisions.

This is a list of software (SaaS, PaaS, IaaS, etc.) and other offerings that have free tiers for developers."

free-for.dev/

Onboard video of landing on Mars! Thanks to all the scientists and engineers who made Perseverance possible. May it give us all years of service.

youtube.com/watch?v=4czjS9h4Fp

Instance admin just lost their job, might need help 

Mstdn.social is one of the largest and nicest instances on the Fediverse, run by an enthusiastic admin called @stux

Unfortunately Stux has today found out that they are fired from their day job 😞

However, by happy coincidence, Stux had just set up a hosting company. If you need web hosting, domain names etc please consider using Stuxhost so that Stux can continue working:

stuxhost.com

dafthack/CloudPentestCheatsheets

This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.

github.com/dafthack/CloudPente

~Open Source Security Tool of the Day~

Tracee: Linux Runtime Security and Forensics using eBPF

Tracee is a Runtime Security and forensics tool for Linux. It is using Linux eBPF technology to trace your system and applications at runtime, and analyze collected events to detect suspicious behavioral patterns.

github.com/aquasecurity/tracee

@jerry
Only read about it so far. I have been thinking to start playing with Falco.

"The Stanford Internet Observatory has confirmed that Agora, a Shanghai-based provider of real-time engagement software, supplies back-end infrastructure to the Clubhouse App (see Appendix). This relationship had previously been widely suspected but not publicly confirmed."

cyber.fsi.stanford.edu/io/news

A curated collection of publicly available resources on how technology and tech-savvy organizations around the world practice Site Reliability Engineering (SRE)

github.com/upgundecha/howtheys

Online pcap file analyzer
Allow read pcap file and analyze IPv4/IPv6, HTTP, Telnet, FTP, DNS, SSDP, WPA protocols, build map of network structure and nodes activity graph, sniff and analyze network traffic and other pcap data.

Analyse pcap files to view HTTP headers and data, extract transferred binaries, files, office documents, pictures.

apackets.com/

Honeypot Or Not?

Enter an IP to check whether it is a honeypot or a real control system.

honeyscore.shodan.io/

As promised, here's the #Easy_Peasy migration from #LastPass to Bitwarden (which you can actually self-host by the way).

And with that, you can smile and wave, wishing a very big "Fuck You!", To #LogMeIn.

#tallship #Vger #KeepassDX #KeepassXC



.
https://lbry.tv/@mrrandomgenerator#b/how-to-easily-migrate-from-lastpass-to#5

there is a hidden pyramid of power at work on mastodon: the regular users are kept subjugated by the mods, the mods obey the instance admins, the admins are at the mercy of the devs, who in turn bow to eugen; but eugen is a mere figurehead at the mercy of the trolls, and the trolls themselves live in fear of hans from stuttgart. the stuttgartians are controlled by the e-girls they simp for, and the e-girls, finally, work for isis

Show older

Scott Mortimer's choices:

Infosec Exchange

A Mastodon instance for info/cyber security-minded people.