Pinned toot

Just a reminder, you can support infosec.exchange through liberapay: liberapay.com/Infosec.exchange

Thanks!

5th 18 hour day in a row. I don’t know how people do it.

Published “Security 101: Four eye principle” talking about reviewing everything you do, not only merge requests. timo-zimmermann.de/2019/10/sec

New post: Windows Registry Auditing including list of HKEY_* subkeys to audit based on MITRE ATT&CK and more hannahsuarez.github.io/2019/hk

RT @Sukant_Khurana@birdsite.link
This is the rejection letter for the work that just won the Nobel Prize.

Believe in yourself.

Everyone else will catch up eventually.

twitter.com/Sukant_Khurana/sta

I am working on starting a monthly infosec meetup in my community. Looking for suggestions and tips. Anyone?

does anyone know a good node.js package to fetch link previews? (opengraph/twitter cards metadata, title tags, etc)

Git and CLI should be taught way before any programming language is taught

-- APT41 compromised company behind TeamViewer - which enabled them to access *any* system with TeamViewer installed via @cglyer

twitter.com/cglyer/status/1182

pscp.tv/w/1vAGRWDadWgJl

- TL;DR - it doesn't take nation-state funding to create a hardware backdoor. How's your supply chain security looking now?
via @MalwareJake

- A year after Bloomberg's questionable spy chip story, a researcher has shown how those hardware implants aren't just possible, but potentially cheap: With $200 in gear, he hid a tiny chip in a Cisco firewall that gives him remote access. Would you spot it?
via @a_greenberg
-------------------------------------------------

wired.com/story/plant-spy-chip

Ever been traveling so much that you wake up in the morning and it takes a while to figure out exactly where you are?

Hey Fediverse, anyone know of a decent minimalist logo designer? I'm tired of playing roulette on Fiverr and would be willing to pay in and around $200 CAD for a decent design. DM me if you know someone decent with a portfolio I can review.

8 weeks on the basics of how the is understood to work on our planet. Really recommended to enroll and follow the lessons by
edx.org/course/climate-change-

Working on compiling a Ryuk/Grim Spider layer for the MITRE ATT&CK navigator, based on available OSINT, in case anyone wants to help out.

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.