OK. Time to vent. I was checking out a MUD toolkit (Evennia, anyone know others?). I went to their demo instance. I am using TELNET. T.E.L.N.E.T! Typing a password in the clear, echoed back to my terminal over an unencrypted connection. And you want to tell me my password is not strong enough!? I'm dead.
This is a fascinating C2 vector. But I gotta admit: it's hard to take it seriously with this diagram. https://news.sophos.com/en-us/2020/02/25/cloud-snooper-attack-bypasses-firewall-security-measures/
Strange event on my house WiFi. A new station joins (associations goes up by 1. Someone opened a macbook air's lid) then all WiFi traffic goes to 0 (sev1 ticket: "daaaaad! The WiFi is broken!") Not sure what the deal is. OpenWRT is usually pretty robust, but this is not the first time I've seen this behaviour, but it's the first time I've captured it in the graph and gotten some data.
I just spent the day in Dundee, Scotland at #Securitay2019. If you are looking for the best #infosec talent coming out of UK universities, this is the con to go to. They’re such great kids, incredibly clever, and the conference is a great time. https://securi-tay.co.uk/
After the con I always pull out a box of cigars and we have “cigar-itay”.
I'm running a pi-hole in the house now to block ads and trackers. It's absurdly easy to setup and very effective. Plus the stats are so interesting to see all the ads blocked. The best thing is that because it works at the DNS level, it affects things like TVs, mobile apps, game consoles, and other embedded devices. https://pi-hole.net/
If you're in #infosec and you're in Europe, the Middle East, or Africa, there's a great award to recognise an outstanding contributor: the ISLA (Information Security Leadership Award). Nominations close in 2 weeks: https://www.abstractscorecard.com/cfp/submit/login.asp?EventKey=ZVLLTVYZ