Jerry Bell boosted
Jerry Bell boosted

Hey. Short
My name is Michael, and I like to talk about all sorts of technologies, especially security-related ones. I had been active here for a while, but a fresh start never hurts, I guess.

I am currently getting used to i3wm on Debian, work on my blog and wiki, and plan to complete some certs soon.

Some things I want to do soonish: hosting an IRC server and start coding web apps and bots in Python (Flask)

Happy to be here again.

@Ent I’m not loving the music, but that video is amazing.

Jerry Bell boosted

😳

New Windows exploit lets you instantly become admin. Have you patched?

Zerologon lets anyone with a network toehold obtain domain-controller password.

arstechnica.com/information-te

Jerry Bell boosted

Happy 1.6 billion seconds since Jan 1 1970 🥳

@JohnsNotHere I find they are good in the evening to serve as a end of the workday

Jerry Bell boosted

I loved Pantera and Metallica when i was in high school (ack - >30 years ago!) and had a chance to listen to Metallica and felt long dormant neural pathways firing again, but damn that is some slow and boring music.

Show thread

@ExperimentV I had not heard of them. Will give them a listen.

@TheGibson looks static-y. Or maybe I need to clean my screen

@ferds their music is REALLY good. The perfect blend of melody, speed, and non-whiny, belting vocals.

I hate that I love As I Lay Dying’s music. Others in that genre (ABR, Parkway Drive, I Prevail, etc) are just too slow for me lately.

Anyhow, can anyone recommend music that is like AILD, but with 100% less “lead singer attempting to murder his wife”?

@redstarfish @superruserr through a variety of means - nearly all of which are quite basic, including:
Brute forcing SSH passwords (ie reuse or weak passwords)
File upload vulnerabilities on web apps
Exposed database services with no authentication
Exposed services (smtp, web, et al) with vulnerabilities

Others are A bit more complex, such as Infecting admin workstation (usually Mac or Windows) to get login creds

@xorcat the best place is Twitter (@maliciouslink). In this case, it wouldn’t have helped much - i was working away while people were tweeting at me to say that IE was down.

Jerry Bell boosted

What if The Matrix was trying to teach us about set theory?

Sorry for the downtime, all. Namebargain (my domain registrar) transferred all their domains to Register.com (namebargain’s parent company). I knew that was happening, but I missed the minor detail that THEY WOULD NUKE THE DNS SERVER RECORDS.

Anyhow, back now.

Jerry Bell boosted

could someone please explain PreLoader.efi to me? from what i could find, it seems pointless. it's a bootloader signed with microsoft secureboot keys, but it will execute any binary the user adds to its hash database, which apparently doesn't require any kind of authentication. what prevents an attacker from e. g. modifying the kernel and then adding its hash?

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.