Pinned toot

Anyone here working with containers on AWS ECS? I'm looking at ecsworkshop.com/introduction/3 but butting heads with mu trying to abstract things away...

I just published Unifying Ingress Authenticationsβ€Šβ€”β€ŠLessons Learnt on Linux link.medium.com/FvIczGcjgZ

Me and a few friends are starting up a new Infosec conference in my home base of Waterloo, Ontario. Details are on Twitter but I'm re-posting here for those who may be interested. Come have a look!

----

We are very excited to announce that we will be holding a and conference in @Catalyst137kw on 01.10.2019!!

Call for papers and registration will open up soon.

Follow us for all the details!

The number of ads and sponsored posts targeted at infosec posts that push a "be a hero!" narrative is on the rise again

If your org needs heroes, it has failed mightily on some pretty basic shit. This isn't a comic book, we need consistent competence not heroics.

That + PyCon sprints where you can contribute to open source. Lots to get involved with!

Show thread

Anyone have recommended readings for running C2 infrastructure? I'm really curious about how communication is being handled

Got a chance to tell a story on with Jack Rhysider.

Ep 36: Jeremy from Marketing

"A company hires a penetration tester to pose as a new hire, Jeremy from Marketing, to see how much he can hack into in his first week on the job. It doesn’t go as planned."

You can listen to it here: darknetdiaries.com/episode/36/

Lots of malware hides under bogus extensions. Here's how to find files with graphics extensions that are really executable files:

find / -regex ".*\.\(jpg\|gif\|png\|jpeg\)" -type f -exec file -p '{}' \; | grep ELF | cut -d":" -f1

Creates a server in a unit test. Forgets to close it. Creates a server on the same port in the next test. Spends the next five minutes trying to track down the rouge process that’s hijacking his port. πŸ€¦β€β™‚οΈ

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.