cybersecurity

cross-posted from: https://infosec.pub/post/2466014

This is my first write-up, on a vulnerability I discovered in iTerm2 (RCE). Would love to hear opinions on this. I tried to make the writing engaging.

Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.

Bit of a different one. I have some credits for audible and I am looking for your favourite books on the subject. Fiction or non fiction it doesn't really matter.

Normally I'd google it and slap "reddit" on the end, but I thought I'd give lemmy a chance to show me some answers

Weekly thread to discuss industry certifications, trainings and other courses/learning. Ask questions, share your experiences and help others!

Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? This is the time and place to ask!

Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.

Weekly thread to discuss industry certifications, trainings and other courses/learning. Ask questions, share your experiences and help others!

Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? This is the time and place to ask!

It was obvious already before that NVD really does not try very hard to actually understand or figure out the problem they grade. In this case it is quite impossible for me to understand how they could come up with this severity level. It’s like they saw “integer overflow” and figure that wow, yeah that is the most horrible flaw we can imagine, but clearly nobody at NVD engaged their brains nor looked at the “vulnerable” code or the patch that fixed the bug. Anyone that looks can see that this is not a security problem.

During the last two days it seems we have been "bombarded" with advertisement bots.

I found it curious, the advertisements are correctly targeted to sysadmins and security professionals. Meanwhile they have somewhat believable biographies (even if they are a little on the nose), suggesting hand crafted accounts.

Something they all have in common is their instance (discuss.tchncs.de) and that they have a "bachelors degree in computer science".

This is not the first time I've seen adbots on Lemmy, but it's the first time I've seen them on infosec.

Does anyone have any insight into the world of adbots they could share? I find myself increasingly curious in what goes on behind the curtains.

The vulnerability should be obvious: at some point in the boot process, the VMK transits unencrypted between the TPM and the CPU. This means that it can be captured and used to decrypt the disk.

I'm interested in looking at newly registered domains for bad actors.

There are services out there that offer zone files for 'all' TLDs but are too expensive for individuals not backed by a company to pick up the bill. I've also found some free lists but they appear to be incomplete.

So I've gone down the route of attempting to obtain zone files or at least newly registered domain lists from TLDs themselves. Obtaining zone files for gTLDs is straight forward with ICANN's CZDS service. But obtaining zone files for ccTLDs appears to be quite interesting. I attempted to Google but couldn't find anything so I've started to email ccTLDs; it already feels like I'm spamming since I'm sending the same email - I've only sent it to 10 TLDs so far. It looks like there are a few hundred ccTLDs.

Is there a better method than emailing each ccTLD and hoping for the best?

Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.

Hi all,

Small question. Does anybody know if there already exists a lemmy community on disinformation (in the infosec area or more broadly)?

Thanks! :-)

Kr.

Weekly thread to discuss industry certifications, trainings and other courses/learning. Ask questions, share your experiences and help others!