Alex Humphrey @entreprelife@infosec.exchange
Christian. Husband. Cyber Security is my jam.
Twitter: @entreprelife
your books, you do give them away, right?
give people you care about books you care about, as often as you can.
Did you miss the Layer 8: Social Engineering Con?
All Videos:
- So You Wanna Be a Social Engineer?
- Social Engineering Your Way to an Infosec Career
- Social Engineering CTF Winners Panel
- A Proven Methodology for Open-Source Intelligence Gathering and Social Engineering
- Make Vishing Suck Less
- Cultivating a 'Renaissance Approach' for the Social Engineer
Just had to block the first spam account on https://infosec.exchange. I suspect Mastodon is going to quickly need to implement defensive tools to combat automated spam account registrations, as has had to be done on other sites, like blogs and forums. My wordpress instance for defensivesscurity.org, for example, has about 2k-3k attempted spam account registrations per day. Given the nature and reach of Mastodon, I suspect spammers will focus their efforts here soon
Thanks everyone! So far it looks like Tootdon, Amoraq, and Mastalab are all worth checking out. I'll give em a shot and see which one suits my fancy!
Wow, FileZilla’s bundled installer includes a malware downloader and the dev defends it horribly.
If using FileZilla, uninstall and find something else. Even if this issue is fixed, the morally ambiguous and defensive response is very concerning.
Which app do you use to access Mastodon for your iPhone? Don't want to try a dozen apps if there's already a known good one out there.
That was a long week.
@tinker I usually type this in a document at this occasion:
THIS DEVICE HAS BEEN LEFT UNATTENDED IN A POTENTIALLY HOSTILE ENVIRONMENT AND MAY BE COMPROMISED
Gitea bins were possibly compromised!!!!!!
https://github.com/go-gitea/gitea/issues/4167
H/T @chuck
c/ @tinker @craigmaloney @zigg @viciousviscosity @maloki @kaniini
A lot of folks want an easy button into #InfoSec: a college course, a cert, a website to teach them. Unfortunately, easy buttons don't exist. Thinking cyber security and understanding the nuances of it takes time and a lot of work (mornings, nights, weekends, etc.). It's worth the work (and is a lot of fun), but it's never particularly easy.
I wonder how much of #github success could be attributed to the mascot with a cute cat head.
Dallas is cooking. Getting over 100°’s F (38°’s C). Sweltering heat.
This calls for Hefeweisen.
Well, our phone companies have been handing our live location data to irresponsible data aggregaters. https://krebsonsecurity.com/2018/05/tracking-firm-locationsmart-leaked-location-data-for-customers-of-all-major-u-s-mobile-carriers-in-real-time-via-its-web-site/
Great article and point by @jerry. To summarize, we really only think about the end nodes of a data breach, whereas most breaches are caused by human error much earlier in the chain. Security is holistic or nothing at all. https://infosec.engineering/human-error-as-a-cause-of-data-breaches/
