Show newer

Last month Gab was hacked. I examined the ~65gb of the hacked data. Here's a broad overview of what I found.

Inside Gab, the Online Safe Space for Far-Right Extremists theintercept.com/2021/03/15/ga

~Open Source Security Tool of the Day~

eBPFSnitch is a Linux Application Level Firewall based on eBPF and NFQUEUE. It is inspired by OpenSnitch, and Douane, but utilizing modern kernel abstractions, without a kernel module.

github.com/harporoeder/ebpfsni

When you setup Kubernetes to host your personal blog

Google Pixel phones first to meet the Common Criteria's MDF protection profile on Android 11

Google Pixel devices with Android 11 are now certified for Common Criteria's stringent MDF protection profile for strong enterprise security.

xda-developers.com/googles-pix

@ScottMortimer Bitwarden keeps going from strength to strength. What a fantastic service they offer. Seriously, they could double the cost of their annual plan and I’d still think it was great value.

Gonna have to give this s try

Bitwarden Send

A trusted way to securely share information directly with anyone

bitwarden.com/products/send/

It's always a joke I think 3 people will laugh at that does well

And the irony is that I ended up getting the single-dose J&J vaccine…

Nice! The Obsidian Android mobile app is now available in private beta. Installed in on my android tablet and phone. Looking forward to exploring the mobile app in the coming days.

zylstra.org/blog/2021/03/15942

#obsidian

Today I decided to take some freetime and install Nessus Essentials. The world's best vulnerability scanner can be used in a capacity limited to 16 IPs.

kifarunix.com/install-and-setu

Everything you wanted to know about Exchange Zero Days, but were afraid to ask.

Microsoft Exchange Zero Day's - Mitigations and Detections. - Blue Team Blog

blueteamblog.com/microsoft-exc

I run Kali Linux on WSL2 and it's great!

5 Linux Distros Your Should Try in Windows Subsystem for Linux

Want to run Linux on Windows? These five Linux distros are available from the Microsoft Store for Windows Subsystem for Linux

makeuseof.com/linux-distros-fo

After almost a year of development, I am happy to announce #FediDB will be launching to the public this weekend!

Building ActivityPub applications will be much easier with FediDB.

Special thanks to @NGIZero for funding development of this project!

#activityPub #federation #developerTools

~Open Source Security Tool of the Day~

Arkime (formerly Moloch) is a large scale, open source, indexed packet capture and search system.Arkime augments your current security infrastructure to store and index network traffic in standard PCAP format, providing fast, indexed access. An intuitive and simple web interface is provided for PCAP browsing, searching, and exporting.

github.com/arkime/arkime

Rookie coding mistake prior to Gab hack came from site’s CTO

Site executive introduces, then removes, insecure code, then hides the evidence.

arstechnica.com/gadgets/2021/0

Never before has a single drawing so accurately defined how I feel about work.

Just to reiterate in relation to Gab getting hacked, I’m not aware of any vulnerabilities in Mastodon at the moment and based on what I have seen in their code modifications the vulnerabilities they have are the ones they themselves introduced (along with never porting security patches from us)

Hahahaha..."a social network that champions free speech, individual liberty and the free flow of information online”...yep, the information is flowing freely. 😀

Hack of Gab Social Network

threatpost.com/hacktivists-gab

Quick Poll: What should I use for my new personal knowledge management system?

Show older

Scott Mortimer's choices:

Infosec Exchange

A Mastodon instance for info/cyber security-minded people.