Hankoor boosted

~Open Source Security Tool of the Day~

Fully automated offensive security framework for reconnaissance and vulnerability scanning

j3ssie.github.io/Osmedeus/

Hankoor boosted

Are you looking for an individual monospace font for your development activities?
I don't know if this source is new to me alone...
But here is a great collection of monospace fonts:
app.programmingfonts.org

Hankoor boosted

Just a reminder, you can support infosec.exchange through liberapay: liberapay.com/Infosec.exchange

Thanks!

Release news 8.2:

- Public key signature based on SHA-1 ermoved by default.
- FIDO/U2F Support!
and others...

Ref.:
openssh.com/txt/release-8.2

I'will soon "migrate" to a new house in a village nearby.
Will try to expose a Hotspot, bc. many people can't afford fast internet.

Q to our -Community:

Any recommendation for Hw/Sw to have a reasonable secure and affordable solution?

- Outdoor-WiFi-Router?
(I've got a glass fiber 500 mbit/s for 140€/month 😭)
- Firewall-Hw?
(owning a nearly empty 19" rack - will most likely use pfSense)

(already owning an Ubiquiti Networks EdgeSwitch, 16-Port, 10G, ES-16-XG)

ICYMI (February 4, 2020):
Full disclosure:
0day vulnerability (backdoor) in firmware for HiSilicon-based DVRs, NVRs and IP cameras
habr.com/en/post/486856/

To all users or maintainers of the Telekom Router "Digitalisierungsbox (Premium)":

There is a huge security issue when having set a single port forward!
Forwarding of port 80 and 443 will lead to forwarding the ranges of 80-89 and 440-449!
Yes, including SMB!

Get the latest update:
telekom.de/hilfe/geraete-zubeh

Hankoor boosted

RT @shodanhq@twitter.activitypub.actor
10 years ago @achillean@twitter.activitypub.actor launched the Shodan website! To celebrate a decade of discovery and growth we're going to offer the membership for $1 (marked down from $49) for the next 24 hours (0:00 UTC to 24:00 UTC): shodan.io/store/member

Hello out there!
Without wanting to start a discussion about the sense of use, I have a question.
"In the past", comodo had free S/MIME certificates for private use.
Their ROOT CA was trusted across many operating systems.
Is there still a similar, free alternative for private use today? Ideally with certificates that are valid for 1 year and longer?

ICYMI:
"When security risks in web services are discovered by independent security researchers who understand the severity of the risk, they often lack the channels to them properly. As a result, security issues may be left unreported. security.txt defines a to help organizations define the process for security researchers to disclose security securely."
securitytxt.org/

Hankoor boosted

This is likely the most comprehensive article on security keys available. Secure Authentication is the security domain that I am most interested in and this piece lights me up like a Christmas tree

How to stay safe online and prevent phishing with FIDO2, WebAuthn and security keys. A look into YubiKeys, TOTP authenticator apps, passwordless and more.

paulstamatiou.com/getting-star

Infosec Exchange

A Mastodon instance for info/cyber security-minded people.