X_Cli @x_cli@infosec.exchange
- Real Name
- Florian Maury
- Occupation
- Network Guardian Angel
I am a RNG (Random Network-#infosec Guy): do not expect better toots than those produced by an infinite number of monkeys. #Antispeciesist
Joined Nov 2017
Coucou,
Je #recrute un #développeur expérimenté #JS ou #WASM, préférablement sur région parisienne, ou rennaise, mais on peut imaginer du full remote.
Recrutement pour nous, pas pour des missions. Refonte de la WebUI de nos appliances, passage en SPA. On est une boite de développement de solutions de sécurité.
Contraintes : CSP requis, sans unsafe-*... je préfère prévenir 😅
Poste à pourvoir ASAP :)
Merci pour les boosts ❤️
Prenez soin de vous !
CoViD-19, Lang: fr, Off-topic
X_Cli
boosted
Secure email service Tutanota is being blocked by AT&T in parts of the United States.
#Microsoft Addresses Active Attacks, Air-Gap Danger with 99 Patches | Threatpost
https://threatpost.com/microsoft-active-attacks-air-gap-99-patches/152807/
That time the US Secret Service mistook a cyberpunk RPG for a hacker's handbook
Quand on a plusieurs banques, c'est amusant de voir comment celles-ci interprètent la #DSP2 et le besoin de faire de l'authentification en deux étapes.
Boursorama demande un login+mot de passe en étape 1 et un code SMS en étape 2.
La caisse d'épargne demande (attachez vous à votre siège) le login en étape 1 et le mot de passe en étape 2. C'est tout.
Je laisse ça là.
X_Cli
boosted
Will you refuse to install an application because of the programming language it was written with?
- Yes
- Conditionally (Yes, but only if there is no binary available and I have to install the language's build tools)
- No
- Other conditions: please specify
Boosts appreciated, because I find the "boosts appreciated" trick working for other people and I figured I'd try once
X_Cli
boosted
brow.sh is a text-based browser supporting HTML5, CSS3, JS, video and WebGL https://www.brow.sh (FreeBSD: https://www.freshports.org/www/browsh/)
X_Cli
boosted
Patch your OpenSMTPD mailservers now. Exploiting critical RCE vulnerability CVE-2020-7247 is as simple as using this SMTP command:
MAIL FROM:<;for i in 0 1 2 3 4 5 6 7 8 9 a b c d;do read r;done;sh;exit 0;>
https://www.qualys.com/2020/01/28/cve-2020-7247/lpe-rce-opensmtpd.txt
X_Cli
boosted
Cisco Webex Flaw Lets Unauthenticated Users Join Private Online Meetings
The flaw could allow a remote, unauthenticated attacker to enter a password-protected video conference meeting.
X_Cli
boosted
Pour les techniciens web et autres sysadmins et graphistes végans, #L214 recrute sur quatre postes !
https://www.l214.com/offres-demploi
#véganisme
#CurveBall (CVE-2020-0601) - PoC
https://github.com/ollypwn/CVE-2020-0601
"CVE-2020-0601, or commonly referred to as CurveBall, is a vulnerability in which the signature of certificates using elliptic curve cryptography (ECC) is not correctly verified...."
X_Cli
boosted
Creating a simple Python pip repository https://jpmens.net/2020/01/16/creating-a-simple-python-pip-repository/
X_Cli
boosted
Critical Firefox 0-Day Under Active Attacks – Update Your Browser Now!
X_Cli
boosted
We have computed the very first chosen-prefix collision for SHA-1. To put it in another way: all attacks that are practical on MD5 are now also practical on SHA-1.
We have reduced the cost of a collision attack from 2^64.7 to 2^61.2, and the cost of a chosen-prefix collision attack from 2^67.1 to 2^63.4.
Demo: The legacy branch of GnuPG (version 1.4) is vulnerable. We have created two PGP keys with different UserIDs and colliding certificates.
X_Cli
boosted
#JeRecrute
On cherche un·e Administrateur·ice Système dans le centre-ville de Marseille (centre-ville).
Connaissance et compétences requises:
- Unix / Linux
- DNS
- Mail
- Debian
- Python et/ou Ruby
- Nginx
- KVM
- etc.
C'est mieux si vous connaissez des outils de gestion de configuration comee SaltStack puppet ou ansible.
Cerise sur le gateau si vous vous y connaissez en CISCO
#JeChercheUnJob
Boost appréciés
X_Cli
boosted
If you started to use #Fedilab, you can have a look to its wiki: https://fedilab.app/wiki/features/
Also to its Peertube videos: https://peertube.fedilab.app/videos/local
X_Cli
boosted
Holy shit, Samsung Smart TVs straight up send "snippets" of things that you watch back home to "to provide you with customized Smart TV experiences".
https://www.samsung.com/us/account/privacy-policy/
Search that page for the text: "Your Smart TV transfers video snippets or TV tuner information in order to determine the programs watched."
A Leipzig, l’avenir des messageries sécurisées en question
https://www.lemonde.fr/pixels/article/2019/12/29/a-leipzig-l-avenir-des-messageries-securisees-en-question_6024333_4408996.html
- Real Name
- Florian Maury
- Occupation
- Network Guardian Angel
I am a RNG (Random Network-#infosec Guy): do not expect better toots than those produced by an infinite number of monkeys. #Antispeciesist
Joined Nov 2017
