Manuel D'Orso @cirku17@infosec.exchange
- Keybase
- cirku17
Ⓐ INTJ • Infosec analyst • Metaveillance practitioner • Crypto-anarchism enthusiast • Fellow at Cyber Saiyan
Italy
Joined May 2019
Manuel D'Orso
boosted
Open Reference Architecture for Security and Privacy
https://security-and-privacy-reference-architecture.readthedocs.io/en/latest/
The Githubification of InfoSec by John Lambert https://link.medium.com/eT0PehE0f2
Manuel D'Orso
boosted
Blog post: Your xkcd passwords are pwned - https://www.unix-ninja.com/p/your_xkcd_passwords_are_pwned
Reading: 12 min
Published: 12/04/2019
Manuel D'Orso
boosted
#Mozilla removes #Avast and #AVG extensions from add-on portal. They were harvesting user #data and browsing histories
They are still available on the #Chrome Web Store
Extensions are:
Avast Online Security
Avast SafePrice
AVG Online Security
AVG SafePrice
https://www.zdnet.com/article/mozilla-removes-avast-and-avg-extensions-from-add-on-portal-over-snooping-claims/
Manuel D'Orso
boosted
Blog post by FortyNorth Security: The Security of DevSecOps - Terraform Code - https://fortynorthsecurity.com/blog/devsecops-terraform/
Reading: 4 min
Published: 12/04/2019
Manuel D'Orso
boosted
Critical networks in US, 15 other nations, completely owned, possibly by Iran
Mixcloud Investigating Alleged Data Breach Impacting 21 Million Users https://www.vice.com/en_us/article/7x5g4q/mixcloud-investigating-data-breach-allegedly-impacting-21-million-users?utm_campaign=sharebutton via @VICE
You can join the effort to expose Twitter bots http://theconversation.com/you-can-join-the-effort-to-expose-twitter-bots-124377?utm_source=twitter&utm_medium=twitterbutton via @ConversationUS@twitter.activitypub.actor cc @evaristegal0is@twitter.activitypub.actor
Eric Goldstrom - Interactive Threat Defense: Incident Response, Threat Intel, and Red Team (oh my!)
https://youtu.be/c0f2GvJY8Rk
Security Headers da F ad A: Finale A+! https://youtu.be/IAvA3cjPN7I di @rev3rsesecurity
EU states vote on ePrivacy reform: We were promised more privacy. Instead, we are getting a surveillance toolkit. - Access Now https://www.accessnow.org/eu-states-vote-on-eprivacy-reform-we-were-promised-more-privacy-instead-we-are-getting-a-surveillance-toolkit/
ATT&CKing Threat Management by Andy Piazza https://link.medium.com/RGna9mfeS1
JIRA workflow for Detection Engineering teams by @ateixei https://link.medium.com/VnJoep7iP1
MITRE ATT&CKcon 2.0: Prioritizing Data Sources for Minimum Viable Detection; Keith McCammon, Red Canary #attck #cyber https://www.slideshare.net/attackcon2018/mitre-attckcon-20-prioritizing-data-sources-for-minimum-viable-detection-keith-mccammon-red-canary-193703088 via @SlideShare
RT @konklone@twitter.com
Twitter now, finally, lets you enable multi-factor authentication without requiring that SMS codes be an option! #victories
If you feel even remotely at risk of account takeover, use an authenticator app and/or a security key, and disable SMS as an account option.
DEF CON 27 Conference - Bruce Schneier - Information Security in the Public Interest https://youtu.be/G0WRV7gosRA
Shout-out to @KeybaseIO@twitter.com that managed to create great #cryptography software with chat, file sharing, git, stellar wallet and identity manager.
#pgp $xlm
ATT&CK T1501: Understanding systemd service persistence
https://redcanary.com/blog/attck-t1501-understanding-systemd-service-persistence/
Good and not Evil: the Advent of Ethos Licensing https://heathermeeker.com/2019/11/09/good-and-not-evil-the-advent-of-ethos-licensing/ via @HeatherMeeker4@twitter.com
- Keybase
- cirku17
Ⓐ INTJ • Infosec analyst • Metaveillance practitioner • Crypto-anarchism enthusiast • Fellow at Cyber Saiyan
Italy
Joined May 2019
