Jerry Bell :verified: boosted
About libssh and OpenSSH...

"Before you panic and yank the power cord on your server, know that libssh is not part of OpenSSH. Your Linux box almost certainly uses OpenSSH as the SSH daemon, and that daemon is not vulnerable to this particular problem."

https://hackaday.com/2018/10/16/libssh-vuln-you-dont-need-to-see-my-authentication/

#infosec
Jerry Bell :verified: boosted

Tea Party super PAC exposed data on 500k voters with s3 bucket

also strategy files and marketing assets

theregister.co.uk/2018/10/17/r

#InfoSec

Jerry Bell :verified: boosted
Jerry Bell :verified: boosted

*Everything Social is Political*

Anybody who says otherwise wants you to assume _their_ politics as the norm.

todd.grotenhuis.info/blog/1539

Jerry Bell :verified: boosted

Wrote this little tidbit because I spent far too long looking through complicated scripts for what should be a simple task.

nointerrupts.com/2018/10/18/up

Jerry Bell :verified: boosted

🚨Update apps with version <9.22.1 of plugin: https://github[.]com/blueimp/jQuery-File-Upload. This nasty Zero-day is actively exploited for at least 3 years to plant web shells and take over vulnerable web servers. 🚨
zdnet.com/article/zero-day-in-

Jerry Bell :verified: boosted
Jerry Bell :verified: boosted

I was sceptical of the value of Mastodon when I joined / lurked instances friends recommended. Then infosec.exchange came along and now I get it.

Jerry Bell :verified: boosted
Jerry Bell :verified: boosted

Hi Mastodon, I'm looking for examples of companies that because of the way they communicated on (social) media were hacked or got some free pentests from the community. For instance Bitfi.
Thanks for the help. Boosts appreciated!

Jerry Bell :verified: boosted

people - aside pentesting & hacking
I'm having the goal of secure software development at my company.
- Any best practices or guides out there I can follow? Your personal experience?

I can tell the Fediverse is getting larger/growing up by the number of ridiculous and petty comments that end up reported. It seems that people are programmed to be unkind

Day 14: Understand the Limitations of Security Awareness Training
infosec.engineering/?p=752

Jerry Bell :verified: boosted

Anyone in living in can tell me how is to live there as a Developer?

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.