|
i am protected
|
#
?
Jan 5, 2017 18:24
|
|
|
|
| # ? Apr 26, 2024 02:28 |
|
|
updated the op to include the secthread officially approved podcast, risky business (the previous thread was mentioned in an episode)
|
|
#
?
Jan 5, 2017 18:28
|
|
|
pr0zac posted:posting on the first page and all that we're better than reddit by virtue of not being reddit https://www.youtube.com/watch?v=DOqb_UzJSUQ
|
|
#
?
Jan 5, 2017 18:30
|
|
|
cheese-cube posted:thankyou for doing the needful afreak. What are you up to currently and why wouldn't you wanna move? secops can be fun, get to play with a bunch of cool security tools cheese-cube posted:we're better than reddit by virtue of not being reddit meant it more for the industry as a whole as opposed to this thread, its kind of nuts that the best source for infosec news (wtf did i write newbies?) is a god drat subreddit wasnt meant as reddit hate either, though i did send that video to my brother over the holidays after he kept sending me stupid dumb reddit links
|
|
#
?
Jan 5, 2017 18:38
|
|
|
best source is still curated twitter unfortunately
|
|
#
?
Jan 5, 2017 18:40
|
|
|
pr0zac posted:What are you up to currently and why wouldn't you wanna move? secops can be fun, get to play with a bunch of cool security tools my gf got invited to move to the sec team because once the boss of the team couldn't tell if a super obvious phishing scam letter was actually a phishing letter and she was like "uh yeah it clearly is, you idiots" and they were like "wow you're real smart!" her boss rejected the transfer though because he's short staffed, so she'll stay at her current position ...which is tier III tech support 
|
|
#
?
Jan 5, 2017 18:41
|
|
|
Wiggly Wayne DDS posted:best source is still curated twitter unfortunately infosectaylorswift and thegrugq, ignore basically everything they post themselves and just read the retweets
|
|
#
?
Jan 5, 2017 18:42
|
|
|
neither of them are on my list tbh
|
|
#
?
Jan 5, 2017 18:43
|
|
|
if a yossec twitter list is created and doesn't look like poo poo, i'll make it official
|
|
#
?
Jan 5, 2017 18:46
|
|
pr0zac posted:posting on the first page and all that speaking of secfucks and reddit, https://www.reddit.com/r/TronScript/ is a pretty good collection of "good at computers" types who believe in the "run a magical program" school of infosec
|
|
|
#
?
Jan 5, 2017 18:56
|
|
|
swiftonsecurity is 99% noise
|
|
#
?
Jan 5, 2017 18:57
|
|
|
also @taviso, @briankrebs, and occasionally @puellavulnerata for yossec twitter
|
|
|
#
?
Jan 5, 2017 18:57
|
|
|
 https://www.bleepingcomputer.com/news/security/killdisk-ransomware-now-targets-linux-prevents-boot-up-has-faulty-encryption/
|
|
#
?
Jan 5, 2017 19:08
|
|
|
Celexi posted:Did i get on first page nope (just posting to boomark, honestly)
|
|
#
?
Jan 5, 2017 19:09
|
|
|
Shinku ABOOKEN posted:swiftonsecurity is 99% noise and 100% furry windows AV janitor
|
|
#
?
Jan 5, 2017 19:16
|
|
|
Segmentation Fault posted:speaking of secfucks and reddit, https://www.reddit.com/r/TronScript/ is a pretty good collection of "good at computers" types who believe in the "run a magical program" school of infosec i'm the batch files committed to github https://github.com/bmrf/tron/tree/master/resources
|
|
#
?
Jan 5, 2017 19:23
|
|
|
i change who's on my list frequently (usually if something big happens), and kick off people who are just noise but this has done me well so far: https://twitter.com/zylche/lists/security mostly i just look there for what's happening and if there's any big news my bigger follow list will have something to say/retweet someone of value
|
|
#
?
Jan 5, 2017 19:26
|
|
|
Rooney McNibnug posted:
quote:The KillDisk ransomware variant that targets Windows machines worked by encrypting each file via an AES-256 key, and then encrypting the AES keys with a public RSA-1028 key. 4 extra bits to make it 4 times more secure
|
|
#
?
Jan 5, 2017 19:28
|
|
|
Rufus Ping posted:and 100% furry windows AV janitor swiftonsecurity has me blocked for some reason i can only imagine it had to do with me wondering aloud if they were being paid to tweet positive comments about norton AV
|
|
#
?
Jan 5, 2017 19:32
|
|
|
 center for strategic and int'l studies wizard policy task force. has the wizard glasses to prove it 2017 is going to be a very good year for wizard security, i can tell already
|
|
#
?
Jan 5, 2017 19:35
|
|
|
Migishu posted:Security Fuckup Megathread - v13.0.1 - looks like them secfuck boys are at it again
|
|
#
?
Jan 5, 2017 19:48
|
|
|
Truga posted:
please, no security wizard would be caught dead in those
|
|
#
?
Jan 5, 2017 19:53
|
|
|
"what level computer wizard are you, fellow tech janitor?" "oh, I don't classify by level, I'm with The Foundation"
|
|
#
?
Jan 5, 2017 19:54
|
|
|
whoever was complaining about signal's egypt approach earlier: https://twitter.com/whispersystems/status/817062093094604800
|
|
#
?
Jan 5, 2017 19:55
|
|
|
Rooney McNibnug posted:
i'm the 222 btc fee
|
|
#
?
Jan 5, 2017 20:04
|
|
|
Wiggly Wayne DDS posted:i change who's on my list frequently (usually if something big happens), and kick off people who are just noise but this has done me well so far: https://twitter.com/zylche/lists/security link doesn't work
|
|
#
?
Jan 5, 2017 20:16
|
|
|
so browsers, huh https://twitter.com/anttiviljami/status/816585860661518336
|
|
#
?
Jan 5, 2017 20:27
|
|
|
well that sure is something
|
|
#
?
Jan 5, 2017 20:28
|
|
|
Wiggly Wayne DDS posted:best source is still curated twitter unfortunately I actually felt sad reading this. Because its true.
|
|
#
?
Jan 5, 2017 20:31
|
|
|
Migishu posted:i'm the 222 btc fee what, you don't have files valuable enough to pay $200k for a small chance to get them back? (I assume it's supposed to be milliBTC but lol)
|
|
#
?
Jan 5, 2017 20:35
|
|
|
lol
|
|
#
?
Jan 5, 2017 20:36
|
|
|
https://www.ftc.gov/news-events/press-releases/2017/01/ftc-charges-d-link-put-consumers-privacy-risk-due-inadequatequote:... complaint & exhibits: https://www.ftc.gov/system/files/documents/cases/170105_d-link_complaint_and_exhibits.pdf
|
|
#
?
Jan 5, 2017 20:42
|
|
|
ymgve posted:what, you don't have files valuable enough to pay $200k for a small chance to get them back? nah. the current idea is that it's not "real" ransomware but instead meant to cover the tracks of a targeted attack
|
|
#
?
Jan 5, 2017 20:44
|
|
|
Wiggly Wayne DDS posted:https://www.ftc.gov/news-events/press-releases/2017/01/ftc-charges-d-link-put-consumers-privacy-risk-due-inadequate quote:In a statement emailed to Consumerist, D-Link responds to the lawsuit: Are they denying that their software had hard coded usernames and password? Or are they denying that their private keys were publicly available for 6 months on the internet? Lmbo
|
|
#
?
Jan 5, 2017 20:48
|
|
|
OSI bean dip posted:updated the op to include the secthread officially approved podcast, risky business they need to get back with the 2017 episodes stat. i can't handle much more steptoe's politicizing
|
|
#
?
Jan 5, 2017 20:56
|
|
|
Truga posted:
those wizard glasses are extremely powerful
|
|
#
?
Jan 5, 2017 21:06
|
|
|
https://github.com/anttiviljami/browser-autofill-phishing/blob/master/index.html#L17
|
|
#
?
Jan 5, 2017 21:33
|
|
|
Wiggly Wayne DDS posted:https://www.ftc.gov/news-events/press-releases/2017/01/ftc-charges-d-link-put-consumers-privacy-risk-due-inadequate i don't know poo poo when it comes to law, is any of this meaningful in the sense that it's likely to end with more than dlink going "lol" and maybe paying a  fine? or set any precedent for further cracking down on security bullshit in the long term?
|
|
#
?
Jan 5, 2017 21:39
|
|
|
sir i havings submitted bug reporting to your platform add negative margin on form field style and clicking autofill. autofill still fill form even when not on screen! can send bank info or addrss for reward pls 6 years old issue!
|
|
#
?
Jan 5, 2017 21:43
|
|
|
|
| # ? Apr 26, 2024 02:28 |
|
|
https://bugcrowd.com/netgearquote:Payout Expected Outcome
|
|
#
?
Jan 5, 2017 21:47
|
|