Show more

@jerry Are you experiencing any issues with OAuth on infosec.exchange? I can't toot with Amaroq or sign in with other oauth clients like tootstream and I'm wondering if I'm doing something wrong.

Alrighty, #infosec folks -

Looking into the NHS worm issue, this looks to be Eternalblue - a derivative of the shadow brokers "lost in translation" dump from 14-APR.

This spreads via SMB [windows shares] on, usually, port 445, and is neutered by windows patch MS17-010.

If you have that patch installed, there is nothing to worry about.

This is a photo of a crashed kiosk advertising the menu and offers at a popular Norwegian pizza restaurant chain. It shows that the kiosk was running facial recognition and basic sentiment analysis on the people looking at it.

Based on the number of people who sent me this on Twitter, it’s clear that people care and are unhappy with corporate surveillance.

The worst bit? Compared to what Google and Facebook do daily and at scale, this is a toy.

mastodon.ar.al/media/OFTGkS78V

infosec.exchange/media/H67dAGn

Scans for Intel ME in April: 4
Scans for Intel ME in May so far: 123

About half of them are in a huge spike May 2nd/3rd which quickly leveled off. The April probes are from a few days before the public disclosure. Neat!

Number of times "apt autoremove" has worked flawlessly and made my life easier: 2

Number of times "apt autoremove" has shot me in the foot: literally every other time

So lets get a follow chain sorta thing going. If you are currently a active penetration tester, security analyst, red team member. Comment on this message. That way others can see it and follow you making it easy for them to get more infosecy content.

New Kali release. More info here:

kali.org/news/kali-linux-20171

Highlights:

Support for RTL8812AU Wireless Card Injection
Streamlined Support for CUDA GPU Cracking
Amazon AWS and Microsoft Azure Availability (GPU Support)
OpenVAS 9 Packaged in Kali Repositories

Any wedding can be a fairy tale wedding if you serve porridge and release three angry bears.

Anyone have any updates on the ransomware attack that hit Puerto Rico last month? Responsible parties, how they got infected, details on the investigation? I'm having trouble finding news sources that go into more detail than "it happened."

Spanish articles are fine, puedo leer español.

gaming: drake expressing disinterest
#gameing: drake motioning his approval

concept: a mastodon instance hosted in a hacked IoT smart dishwasher

Came across this video at work. Am I crazy, or is it paranoid FUD? They got a bunch of people in the comments wondering why IANA owns their phone's IP address. youtube.com/watch?v=CP1j04_X4O

#debian announcing a #mastodon package to make install new instance server easier ! <3 debian <3 mastodon

Infosec Exchange

A Mastodon instance for info/cyber security-minded people.