Remote follow

caspa @caspa@infosec.exchange

Security Researcher, #noob, ROMAD, #rtfm

22 Toots

20 Following

9 Followers

Toots Toots and replies Media

**caspa** · May 08, 2017, 19:02

caspa boosted

**Nolan (toot.cafe admin)** @nolan@admins.town · May 08, 2017, 19:02

#MastoAdmins If you're using Nginx and haven't updated your config in a few weeks, you should check out the latest recommended config: https://github.com/tootsuite/documentation/blob/master/Running-Mastodon/Production-guide.md#nginx Lots of new stuff in there!

- Immutable caching (faster reloads)
- HTTP2 (faster everything)
- Default CSP (scores A+ on Mozilla Observatory)
- Gzip compression
- Better SSL settings
- Probably some more stuff I forgot!

**caspa** · May 08, 2017, 18:16

caspa boosted

**sten0 ✅** @sten0_SE@securitymastod.one · May 08, 2017, 18:16

If abusing Google search operators is sometimes called "dorking" can abusing Twitter's sometimes be called "twerking" ? 🤔

**caspa** · May 06, 2017, 19:30

caspa boosted

**High Quality Person** @animeirl@social.homunyan.com · May 06, 2017, 19:30

mastodon v1.3.3 no longer does a DDoS to refresh feeds!

**caspa** · May 05, 2017, 19:35

caspa boosted

**The Tor Project** @torproject@mastodon.social · May 05, 2017, 19:35

We're looking for a new Comms Director! 😀 Know anyone who is qualified and wants to help tell the world about Tor? 🤓 Please help us spread the word. 👍

https://www.torproject.org/about/jobs-comm-director.html.en

**caspa** · May 08, 2017, 00:50

caspa boosted

**James Wright 🔑** @james@mastodon.jamesmwright.com · May 08, 2017, 00:50

Dell issues firmware updates for CVE-2017-5689, the Intel AMT #vulnerability. Go push those patches! #infosec 🔐

https://www.theregister.co.uk/2017/05/07/dell_patches_amtvulnerable_systems https://mastodon.jamesmwright.com/media/93hkEfBMRCVdY3hwcQ0

**caspa** · Apr 12, 2017, 04:22

caspa boosted

**Jessica Lovebones** @jess@cute.group · Apr 12, 2017, 04:22

For those of you interested in sending toots from command line. https://github.com/glynnbird/toot

**caspa** · May 04, 2017, 23:00

caspa boosted

**Astarte** @kwanre@mastodon.social · May 04, 2017, 23:00

@sten0_SE there was yet another issue why this particular type of phishing technique was so effective: users are primed (especially Android users) to automatically grant any permission to any app regardless of whatever it might request. It's basically as automatic as clicking through an EULA.

**caspa** · May 05, 2017, 22:28

caspa boosted

**☤Hermes۞_۟۞凸λgistus☿** @hermeslispegistus@quitter.no · May 05, 2017, 22:28

No, seriously, It's really cute how these out of order mastodon toots show up in my feed all at once at midnight each day.

**caspa** · May 05, 2017, 17:32

caspa boosted

**sten0 ✅** @sten0_SE@securitymastod.one · May 05, 2017, 17:32

#OSINT

Facebook phone number enumeration script 👌

https://github.com/averagesecurityguy/pocs/blob/master/fb_phone_enum.py

**caspa** · Apr 25, 2017, 16:28

caspa boosted

**Brandon Johnson** @brandon@mastodon.xyz · Apr 25, 2017, 16:28

@aemarc He was hacking into the mainframe.

**caspa** · Apr 15, 2017, 18:44

caspa boosted

**forteller** @forteller@octodon.social · Apr 15, 2017, 18:44

"It's not safe to run an internet facing Windows box right now," a hacker who used to work in the US Department of Defense said to Motherboard.

I'm thinking this could be a good time to introduce your friends to #Linux.

I wrote a bit on why over on Reddit: https://www.reddit.com/r/linux/comments/65gnkm/this_could_be_a_good_time_to_talk_to_your_friends/

#ShadowBrokers

**caspa** · Apr 15, 2017, 16:31

caspa boosted

**Matt** @redpond3@securitymastod.one · Apr 15, 2017, 16:31

Even though #Microsoft has patched most of the #Shadowbrokers exploits, it is going to be years until the patches get pushed to enterprise systems. This is especially true for the older 2003 Servers still running.

Businesses are reluctant to #patch old systems for fear of breaking them or the hosted software.

**caspa** · Apr 25, 2017, 09:35

caspa boosted

**Shishi0_** @shishi0_@securitymastod.one · Apr 25, 2017, 09:35

"If you're a hacker, hack back." : Excellent read from flexidie about their FlexiSpy/Vervata hack : https://pastebin.com/raw/Y1yf8kq0

**caspa** · Apr 12, 2017, 19:55

caspa boosted

**Bird** @BirdMachine@mastodon.social · Apr 12, 2017, 19:55

I wish motivation came as nicely packaged as caffeine

**caspa** · Apr 13, 2017, 13:18

caspa boosted

**Sargoth** @sargoth@mastodon.social · Apr 13, 2017, 13:18

Mastodon
where you will learn French, Japanese and at least three programming languages through osmosis

**caspa** · Apr 13, 2017, 18:19

caspa boosted

**Bird** @BirdMachine@mastodon.social · Apr 13, 2017, 18:19

@tallpanicgrass

99 bugs in the code, 99 bugs in the code! Take one down, patch it out, 126 bugs in the code!
- Ancient Developer Chant

**caspa** · Apr 05, 2017, 00:27

caspa boosted

**malwareunicorn** @malwareunicorn@mastodon.social · Apr 05, 2017, 00:27

There is an underground #infosec battle going on between tweeting and tooting
https://mastodon.social/media/sIgoC0PF29v_MG9b2DY

**caspa** · Apr 18, 2017, 16:30

caspa boosted

**noid ✅** @Noid@mastodon.social · Apr 18, 2017, 16:30

Are you a fan of the Red Team Field Manual (RTFM)? Check out the new Blue Team Field Manual (http://a.co/0nEjco2). All that stuff you normally have to go look up? Yeah, it's in there.

**caspa** · Apr 12, 2017, 16:27

caspa boosted

**stacksmasher** @stacksmasher@mastodon.technology · Apr 12, 2017, 16:27

Where my tooters at?

**caspa** · Apr 11, 2017, 16:38

caspa boosted

**bat 🦇** @mzbat · Apr 11, 2017, 16:38

n00b question, do I need to follow people or can I just use the federated timeline to show me everyone here? what makes sense?