Let's see. When I was younger I liked telephones. A lot. I still do. That included exploring the PSTN and causing general mischief. I have a Western Electric 1D2 payphone in my bedroom. Among other hobbies... I'm an amateur radio operator, Linux user, open source supporter and electronics meddler. I admire any human who has the patience to work in infosec.
I can't really stomach the wallowing echo chamber of Twitter, so maybe this will be better.
FCC will require phone carriers to authenticate calls by June 2021
"The FCC announced today all carriers and phone companies must adopt the STIR/SHAKEN protocol by June 30th, 2021. "
Looks like I should look into what this protocol is all about....
Defensive Security Podcast Episode 248
covid (US) (data sets)
want to do some multivariate statistics on a large dataset with possibly life changing results?
the new york times is trying to create the most accurate dataset possible without breaking hippa
and they have provided access to it
links to their github repo is here
The FBI is promoting a home-workout app for people stuck indoors during the coronavirus outbreak. It also tracks your location and which WiFi networks you're using. https://www.businessinsider.com/fbi-home-workout-fittest-app-tracks-location-data-privacy-2020-3
If you had asked me which direction I saw 2020 going, 1000 times out of 1000 I would not have guessed Britney Spears calling for wealth redistribution and a general strike.
Critical RCE vulnerabilities in Windows 10 tied to bugs in Adobe Type Manager Library (atmfd.dll). No patch yet. https://gizmodo.com/microsoft-says-critical-vulnerability-in-windows-is-alr-1842464387/amp
The UK government had the brilliant idea to send out a legitimate SMS about #COVID19 with a link to a website. How many phishing attempts do you think this will generate? https://www.theverge.com/2020/3/24/21192131/uk-goverment-coronavirus-alert-sms-message-emergency-system-mobile-carriers
I just joined Twitch so I can participate in a free Security+ course being done by @marcusjcarey on Tuesdays and Thursdays. Unemployed people who want to change career paths should get on this. It's going to be awesome and he's going to have a bunch of hands-on stuff that can help you learn how to be a security analyst. https://www.pscp.tv/w/1mnGeQYYREoGX#
For those who didn't know, I started my own company called EliteSec. Here's the latest blog post I wrote up about actions to take if you find the majority of your organization working from home. Enjoy!
Defensive Security Podcast Episode 247
I've written a brief post on affordable mobile radios for communication in the event of a (worse) emergency in the US. Here’s my take as a radio enthusiast. I made a pastebin of it because I didn't feel like doing a long thread. A lot of it applies to other countries, too. Hope it helps someone. #COVID19 https://pastebin.com/368DKnUh
Hey infosec people and hackers. If you have any interest in attending a virtual con on Sunday (9AM-6PM Central US Time.) there's Pancakes con. There are two tracks you can sign up for. https://tisiphone.net/2020/03/15/pancakescon-2020-quarantine-edition/
This really, really fast rundown of how people are tracked in China since the COVID19 outbreak is remarkable. Not just the level of detail, but the degree of polish on the apps, the scanning and monitoring infrastructure for physical locations, and the location gathering from a telecom. Just astonishing.
photos are up from DNA Lounge's 25-year celebration of Hackers: https://www.dnalounge.com/gallery/2020/02-28/
Ex-investigative journalist, current infosec student. Lock picking, Linux, OSINT, ham radio and more. I also like whiskey and tequila. Eat your cereal with a fork and do your homework in the dark. She/her
A Mastodon instance for info/cyber security-minded people.