X_Cli boosted
Parleur  

Pour les techniciens web et autres sysadmins et graphistes végans, #L214 recrute sur quatre postes !
l214.com/offres-demploi
#véganisme

0
X_Cli  

(CVE-2020-0601) - PoC

github.com/ollypwn/CVE-2020-06

"CVE-2020-0601, or commonly referred to as CurveBall, is a vulnerability in which the signature of certificates using elliptic curve cryptography (ECC) is not correctly verified...."

0
X_Cli boosted
JP Mens  

Creating a simple Python pip repository jpmens.net/2020/01/16/creating

0
X_Cli boosted
Fedilab  

Critical Firefox 0-Day Under Active Attacks – Update Your Browser Now!

thehackernews.com/2020/01/fire

0
X_Cli boosted
niconiconi  

We have computed the very first chosen-prefix collision for SHA-1. To put it in another way: all attacks that are practical on MD5 are now also practical on SHA-1.

We have reduced the cost of a collision attack from 2^64.7 to 2^61.2, and the cost of a chosen-prefix collision attack from 2^67.1 to 2^63.4.

Demo: The legacy branch of GnuPG (version 1.4) is vulnerable. We have created two PGP keys with different UserIDs and colliding certificates.

sha-mbles.github.io/

1+
X_Cli boosted
A random knight  

#JeRecrute
On cherche un·e Administrateur·ice Système dans le centre-ville de Marseille (centre-ville).

Connaissance et compétences requises:
- Unix / Linux
- DNS
- Mail
- Debian
- Python et/ou Ruby
- Nginx
- KVM
- etc.

C'est mieux si vous connaissez des outils de gestion de configuration comee SaltStack puppet ou ansible.

Cerise sur le gateau si vous vous y connaissez en CISCO

#JeChercheUnJob
Boost appréciés

0
X_Cli boosted
Fedilab  

If you started to use #Fedilab, you can have a look to its wiki: fedilab.app/wiki/features/

Also to its Peertube videos: peertube.fedilab.app/videos/lo

0
X_Cli boosted
Mike, First of His Name  

Holy shit, Samsung Smart TVs straight up send "snippets" of things that you watch back home to "to provide you with customized Smart TV experiences".

samsung.com/us/account/privacy

Search that page for the text: "Your Smart TV transfers video snippets or TV tuner information in order to determine the programs watched."

#infosec

1+
X_Cli  

A Leipzig, l’avenir des messageries sécurisées en question
lemonde.fr/pixels/article/2019

infosec.exchange/media/A_-IUmg

1
X_Cli boosted
X_Cli  

@bortzmeyer @jpmens

"As a side-note: we already deny RFC1918-addresses from DNS-over-HTTPS
responses so in that regard, using TRR will save you from these DNS attacks!"

groups.google.com/forum/m/#!to

So, I was wrong. DoH-to-Cloudflare-by-default is not an issue, as far as DNS rebinding is concerned. Sorry 😶😥

0
X_Cli  

twitter.com/byourseff/status/1

Can I Haz a DoS attack?

1
X_Cli  

"Protobuffers Are Wrong"

reasonablypolymorphic.com/blog

1
X_Cli boosted
Scott Mortimer  

For those using Medium to write blog posts: STOP

Here is a free and open alternative:
writefreely.org

1+
X_Cli  

"The Amazing Zilog Z80"

floooh.github.com/2016/06/15/t

0
X_Cli boosted
JP Mens  

What's Behind the Secure DNS Controversy and What Should You Do About It?

circleid.com/posts/20191212_wh

1
X_Cli  

Yo,
Toujours à la recherche d'un pur, en CDI, à Paris (Étoile). Besoin de reprendre en main l'UI des équipements de sécurité que l'on produit. Framework libre.

Également, toujours à la recherche d'un ingé sys/archi sys, en , au même endroit, pour mettre en œuvre de l', et le maintenir, et m'assister sur les aspects système de nos produits de .

Merci pour les boosts (😘) et encore plus pour les CVs (😍).

0
X_Cli boosted
Remsd1  

@amdg2 @dada

0
X_Cli  

Let's make a prediction: there will be a huge number of rebinding attacks on users who have activated DNS over because their information system rely on the local resolver to secure against this web browser .

0
X_Cli  

Myths programmers believe about .

software.rajivprab.com/2018/04

0
X_Cli  

infosec.exchange/@x_cli/103140

Ayant eu peu de retours, je précise quelques éléments sur le poste dev front :

- Framework JS libre ;

- La mission est de créer, refondre ou d'améliorer l'interface d'administration d'équipements (sondes réseau, et analyseurs), ainsi que la couche de présentation/visualisation de l'état du réseau.

On fera une session de mise à niveau sur le plan sécurité des interfaces web :)

0
Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.

Resources

Developers

What is Mastodon?

infosec.exchange

More…