🚨 If you have one of the following HPE SAS SSDs models it's time to install a critical patch🚨

They have a firmware defect that causes SSD failure at 32,768 hours of operation and neither the SSD nor the data can be recovered.

More info here: support.hpe.com/hpsc/doc/publi

18th century blockchain! AKA how I feel when someone is suggesting to use blockchain to solve the problem.

Shall I? She is a coveted born again Christian, I think Mrs Elizabeth A. Johnson from Bahrain and I might be on the same wavelength...
The font is so gorgeous πŸ˜πŸ˜πŸ˜πŸ’©

In other news I bought myself a lifetime Shodan subscription for only $5. The deal is on.

Compared with Gmail, Microsoft Outlook does a poor job. This obvious mail was delivered in my inbox instead of in the spam folder and download of attachments isn't disabled either. Had to obfuscate the to addresses because of the crook violating πŸ€¦β€β™€οΈπŸ˜œ

Show thread

Must be said that Google does a real god job at anti protection. Disabling the download of a malicious attachment is how you can really protect users from falling victim.

Wanna learn how to break password managers' auto sign in feature with captcha? Watch this video. Credits to EC Council, they really master the art of unusable security.

Please fix this EC COUNCIL 😠 🀦

Austal, an Australian shipbuilder and global defence prime contractor, suffered a data breach. The attacker tried to extort the company.

Wanna learn more about cyber security? As I did some of the courses of last year's edition, I can really recommend this series organised by Helsinki University in collaboration with FSecure!

Personal data (name, email, gender, age, postal code) of 64000 visitors of 2014 edition stolen due to data breach at Paylogic, a ticketing service.

And then you wonder why so much security incidents happen. Incredible how many organizations don't even succeed in renewing their TLS certs on time. Automate it FFS.

Over the last few weeks more than 10 Indian government sites that let their certificate expire. Strikes me that this happens over and over again, and still they don't (want to) automate certificate renewal. This is beyond me.

Your SSL cert expired Indian Ministry of Home Affairs and no one can visit your site. Good thing that you implemented HSTS as it's preventing users from visiting your insecure site. Should we call this DoS by certificate expiration?

This is how you enter personal data nowadays, fake just everything. FFS, hasn't changed a thing in Belgium apparently. This particular company doesn't need any of these data for the service they offer.

Too often I still see sites leaking the presence (or absence) of a user in the system. This message I got after password reset is really funny. I guess they're trying to create an infinite password reset loop 😜

That's great. Please suspend the membership I don't have. In all seriousness, Microsoft (Outlook[.]live[.]com) is doing a real poor job here when such an obvious mail just arrives in my inbox. You can do better dudes.

Why do you present me a captcha everytime at login ECCOUNCIL? Not necessary to ask each time, and besides it's crap . It breaks my password manager's autofill unless i first check the box. Grrr..

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.