Just a reminder, you can support infosec.exchange through liberapay: https://liberapay.com/Infosec.exchange/
Hey everyone, I’m an android developer looking to get into red teaming. Previously I’ve done web development and Linux system administration but I always seem to get bored and look for new challenges, so I’m hoping I’ll fit in around here.
I like to self host my software (even email), work on personal coding projects, and lift weights.
One of my daughters decided to create a “new superhero”. Fediverse, meet #NerdBat
While it's on IBM #QRadar https://www.ibm.com/support/knowledgecenter/en/SS42VS_DSM/com.ibm.dsm.doc/r_qradar_logsource_usecase_mappings.html they provide a useful and simple matrix mapping out log source types with the MITRE ATT&CK Framework.
I have in mind, hopefully end of this year, to refine this matrix and specifically point out some modules (ie that is open source/CE edition)
"Penetration Testing Active Directory
Phase II: Privilege Escalation & Reconnaissance"
Since the data breach, Imperva has taken the following steps to improve its security posture:
- Applying tighter security access controls.
- Increasing audits of snapshot access.
- Decommissioning inactive compute instances.
- Rotating credentials and improving credential management processes.
- Putting all internal compute instances behind a virtual private network.
- Increasing the frequency of infrastructure scanning.
Week in review: Active Directory security, Patch Tuesday forecast, stopping lateral phishing attacks https://www.helpnetsecurity.com/2019/11/10/week-in-review-active-directory-security-patch-tuesday-forecast-stopping-lateral-phishing-attacks/ #cybersecurity
7+ Great #RaspberryPi Projects You Can Make Today
@Deepsealioness Hi I'm Freddy. Been on Mastodon for a while now, happy to see fellow tweeps here now. :))
Let's build a better space y'all.
My holiday playlist for your listening enjoyment: https://open.spotify.com/user/uu996x52zhivy4dl4gxfarwrb/playlist/3pvPd26T9UEKj9vHw2aHvG?si=qCpTrqwTQ02Yo7dWSlJVsA
#Apple Mail on macOS leaves parts of #encrypted #emails in #plaintext
Apple has known since July, but a fix is still not available.
I'm not sure why I'm saying all this.
I think it's because all the really good stuff in Twitter (@-replies, usable clients) was actually designed and built by users, not Twitter. Twitter, the company, didn't embrace those ideas until very late.
Mastodon and other fediverse remind me of that time, when good ideas could come from anywhere. It's the bottom-up experience that's been missing from the web for years.
A curated list of tools and resources for security incident response, aimed to help security analysts and DFIR teams.