MalwareBazaar | Malware sample exchange

MalwareBazaar is a project from abuse.ch with the goal of sharing malware samples with the infosec community, AV vendors and threat intelligence providers.

bazaar.abuse.ch/

"Modding has been a huge part of Amnesia. For instance, over the years The Dark Descent has accumulated over a thousand mods and addons on ModDB. This flood of user content has been amazing to see and we are extremely grateful for the whole community surrounding it all.

It is time we gave something back!"

Amnesia is now open source! – Frictional Games

frictionalgames.com/2020-09-am

@khm
If I didn't already have a great job, I would join you.

Still hiring... systems administrators of most linux flavors wanted. You'll work on supercomputers, kubernetes, petascale archives, data science workflows...

pnnl.jobs/richland-wa/it-engin

@siliconshecky
This current Administration would certainly try if they weren't busy with other malfeasance.

I think I know why the elderly like to tell about their experiences (as someone who is transitioning into that role).

It's because there's a lot of shit that we've forgotten over the years, and it's by talking it through that we remember what happened and our experiences.

Sometimes it's nothing more than just an info dump. It's non-actionable. But sometimes it's also to let folks know what happened at the time in the hopes that nobody has to experience that again. (cont)

Not that I wish this (Firefox is my secondary browser on all platforms), but the mismanagement of Mozilla is truly shocking.

Show thread

At this rate, I see Mozilla effectively dead by 2022.

Firefox usage is down 85% despite Mozilla's top exec pay going up 400%

calpaterson.com/mozilla.html

Russia wants to ban the use of secure protocols such as TLS 1.3, DoH, DoT, ESNI | ZDNet

Amendment to IT law would make it illegal to use encryption protocols that fully hide the traffic's destination.

zdnet.com/article/russia-wants

Writing this also made me decide to volunteer to become a poll worker. You can sign up here:

eac.gov/help-america-vote

Show thread

I couldn't agree more.

"Note: apparently some cryptocurrency enthusiasts are parading this article around to peddle their garbage. Cryptocurrency is the digitally woke techbro’s ponzi scheme, and is a massive waste of electricity and developer effort. Anyone who tells you anything positive about anything which is even remotely connected to cryptocurrency almost certainly has ulterior motives and you should steer clear. So hopefully that settles that. And cryptocurrency is a P2P - 1/2

~Open Source Security Tool of the Day~

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as some cryptographic flaws.

github.com/drwetter/testssl.sh

~Open Source Security Tool of the Day~

Whalescan is a vulnerability scanner for Windows containers, which performs several benchmark checks, as well as checking for CVEs/vulnerable packages on the container. It also checks the config and Docker files for misconfigurations. This tool can be used as part of a Windows container review on local copies of the containers, and on the host itself to enhance security.

github.com/nccgroup/whalescan

uspol 

@craigmaloney
It's now really more about setting up the SCOTUS to protect the current Administration and its enablers from eventual prosecution for the crimes committed over the past few years.

"Shield is an active defense knowledge base MITRE is developing to capture and organize what we are learning about active defense and adversary engagement. Derived from over 10 years of adversary engagement experience, it spans the range from high level, CISO ready considerations of opportunities and objectives, to practitioner friendly discussions of the TTPs available to defenders."

shield.mitre.org/

Show more

Scott Mortimer's choices:

Infosec Exchange

A Mastodon instance for info/cyber security-minded people.