Get ready for TikTok scams.
Hey. Short #introduction
My name is Michael, and I like to talk about all sorts of technologies, especially security-related ones. I had been active here for a while, but a fresh start never hurts, I guess.
I am currently getting used to i3wm on Debian, work on my blog and wiki, and plan to complete some certs soon.
Some things I want to do soonish: hosting an IRC server and start coding web apps and bots in Python (Flask)
Happy to be here again.
@JohnsNotHere best of luck!
@Ent I’m not loving the music, but that video is amazing.
@Ent that’s pretty good. Thank you!
New Windows exploit lets you instantly become admin. Have you patched?
Zerologon lets anyone with a network toehold obtain domain-controller password.
@JohnsNotHere I find they are good in the evening to serve as a end of the workday
I loved Pantera and Metallica when i was in high school (ack - >30 years ago!) and had a chance to listen to Metallica and felt long dormant neural pathways firing again, but damn that is some slow and boring music.
@ExperimentV I had not heard of them. Will give them a listen.
@TheGibson looks static-y. Or maybe I need to clean my screen
@ferds their music is REALLY good. The perfect blend of melody, speed, and non-whiny, belting vocals.
@redstarfish @superruserr through a variety of means - nearly all of which are quite basic, including:
Brute forcing SSH passwords (ie reuse or weak passwords)
File upload vulnerabilities on web apps
Exposed database services with no authentication
Exposed services (smtp, web, et al) with vulnerabilities
Others are A bit more complex, such as Infecting admin workstation (usually Mac or Windows) to get login creds
could someone please explain PreLoader.efi to me? from what i could find, it seems pointless. it's a bootloader signed with microsoft secureboot keys, but it will execute any binary the user adds to its hash database, which apparently doesn't require any kind of authentication. what prevents an attacker from e. g. modifying the kernel and then adding its hash?
A Mastodon instance for info/cyber security-minded people.