When you forget that you put tor on a VM and then look at your logs to find a bunch of blocked tor DNS hits.

Spending paid time off getting over paid time off guilt.

Not fruitful.

Robert boosted

Does anyone have any recommendations for some good beginner-mid level digital forensics training? I am having trouble finding courses or courseware in between SANS and bigger courses and some self directed or Udemy courses.

Robert boosted

Does anyone have any experience with the librem.one/ suite? It is interesting coming from Purism. Priced for privacy maybe?

Does anyone have any experience with either Kolab or KolabNow? I'm looking at my private e-mail options.

Robert boosted
Robert boosted

Link of the Day



Per process sandboxing, with some friendly default rules for common desktop applications. I was not aware of this and have started playing with it myself, and it seems like a pretty nice layer to isolate and cordon off processes.

Link of the Day


I think I owe a hat tip to @marcusjcarey on Twitter for this, but this is something that is tremendously useful for those long investigative sessions.

I'm looking for an overnight SOC analyst for our managed SOC in Portland Oregon. I'm targeting more junior/mid-level at this time, so if you've got a strong background in IT, awareness of, and thirst for, security good-guying and data analytics, and hate the daylight, send yourself my way and let's talk.

(Last toot: it's also just really useful in daily life.)

Hey everyone.

If you're making a video when you're entering stuff into a bash shell, please don't spend time futzing around with fixing typos.

If you do, please consider using ^txet^text^ or !!:gs/txet/text/ to fix it without hunting through the previous line.

Robert boosted

makes the internet fun again, we need more places like this online. Places to have adventures and explore.

Link of the Day

What's one of the most contentious, hardest pieces of corporate security? Updates! But also freaking passwords. No matter how (commonly) long your password policy, nothing is usually in the way of people just using "Companyname2018!" which falls to a dictionary attack immediately.

Password blacklisting for active directory:


(I haven't had time to evaluate the current solutions yet, but this is an awfully good layer conceptually.)

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.