cybersecurity

Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.

Hey everyone! My name is Mike and I write about #infosec, #tech and other things at https://shellsharks.com. I'm currently running an event this week I refer to as >Shark Week (https://shellsharks.com/sharkweek), which is essentially just me posting some sort of "content" each day for the entire week, coinciding with actual shark week (https://www.discovery.com/shark-week) on Discovery.

Appreciate a follow, boost and/or feedback on the site/posts. Thanks so much! 🦈🦈🦈

Kicking off >Shark Week, I wanted to share everywhere I am these days. I'll admit I am most active on Mastodon but like to maintain some form of presence other places. So connect with me wherever or everywhere!

• Infosec.Exchange: https://infosec.exchange/@shellsharks
• Mastodon.Social: https://mastodon.social/@sass
• Infosec.Pub: https://infosec.pub/u/shellsharks
• Fedia.io: https://fedia.io/u/shellsharks
• Infosec.Town: https://infosec.town/@shellsharks
• Infosec.Place: https://infosec.place/shellsharks
• Threads: https://www.threads.net/@mk3s
• Bluesky: https://bsky.app/profile/shellsharks.com
• Matrix: @shellsharks:matrix.org
• Nostr: npub122gmsek4hrjyw08xj62d2qq04xvfqshvqlxs37w6nn67ea3kxrtsf2022j
• Spoutible: https://spoutible.com/shellsharks
• Post.news: https://post.news/@/shellsharks
• Discord: https://discord.gg/3rkHgtcYbb (as shellsharks)
• Spill: Not on here yet but if anyone has an invite let me know!

Thanks again!

Weekly thread to discuss industry certifications, trainings and other courses/learning. Ask questions, share your experiences and help others!

Sorry if this was already posted, I just subscribed to this community and didn't see a related article replicated to my lemmy instance yet.

Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? This is the time and place to ask!

Become a cybersecurity champion

Want to train up to take on today’s biggest cybersecurity challenges? Go from zero to hero with this comprehensive bundle of courses from Packt. Focus on the fundamentals, and build up advanced skills through hands-on training. Learn how to write secure code, test your systems’ defenses, how to be an ethical hacker, and more—and help support World Wildlife Fund with your purchase!

Pay at least $25 for the entire bundle

(Crosspost) Summary:

Meduza Stealer is a malware that targets Windows users and organizations. It is specifically designed to steal data from browsers, including login credentials, browsing history, and cookies. It can also steal data from password managers, 2FA apps, cryptocurrency wallets, and gaming extensions The malware is distributed through a variety of channels, including cybercrime forums and Telegram channels. It is difficult to detect because it does not use obfuscation techniques. Once it is installed, the malware will connect to a remote server and upload the stolen data. The malware is specifically designed to target Windows users, but it could be adapted to target other platforms in the future. The malware is not currently very widespread, but it has the potential to become more widespread in the future. The malware is still under development, so it is possible that it will be updated with new features or capabilities. Defensive measures suggested:

Regularly install updates for your operating system, browsers, and installed applications to patch vulnerabilities that malware can exploit. Be cautious when downloading files or opening email attachments, especially from unknown sources. Scan files using security software before opening them. Employ strong and unique passwords for all your accounts, including browsers, email, and cryptocurrency wallets. Consider using a password manager to securely store and manage your passwords. Enable 2FA wherever possible to add an extra layer of security to your accounts. This helps protect against unauthorized access, even if passwords are compromised. Only install browser extensions from trusted sources. Regularly review and remove unnecessary or suspicious extensions to minimize the risk of malware interference. Keep a close eye on your financial accounts, including cryptocurrency wallets, and regularly review transaction history for any suspicious activities. Report any unauthorized transactions or security breaches immediately. There are no details about what kind of information it can steal from the Password manager extensions.

Hello, I am looking for a PDF Reader that works on Linux and does not execute Javascript or other hidden executable code even if the PDF is infected. Is there such thing?

You might have found HTML injection, but unfortunately identified that the site is protected with CSP. All is not lost, it might be possible to bypass CSP using DOM clobbering, which you can now detect using DOM Invader! In this post we'll show you how.

We've based the test case on a bug bounty site, so you're likely to encounter similar code in the wild. If you're unfamiliar with DOM clobbering then head over to our Academy to learn about this attack class and solve the labs.

The Fediverse – a network comprised of Mastodon, Pleroma and other adjacent projects – suffers from the same glaring contradiction. Similar to email nodes, servers (known as Instances within this network) are branded around common interests, political beliefs or sexualities. Users are encouraged to join the servers that resonate with them. Like Scuttlebutt, political and sexual expression is warmly encouraged; in just one example, after centralised media moved to close the accounts of sex workers to comply with new US anti-sex trafficking laws, a Mastodon Instance named Switter was created to offer space for these individuals to continue to operate safely. Switter is now one of the largest Instances in the network.

A brand-new Burp Suite extension for discovering DNS vulnerabilities in web applications.

Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.

Basicgopot is a basic honeypot I have been developing. It is an HTTP honeypot that logs and saves all file uploads, optionally checking the uploaded file against VirusTotal. Additionally, the user can easily extend the functionality of the honeypot by configuring API webhooks. I plan on adding more features and possibly broadening the project's scope to include deploying deceptions for other protocols.

I would appreciate any feedback and contributions are always welcome.

HI all,

For people who live in the neighbourhood of Hanover, Gernany. In almost 3 weeks from now, I will give a workshop "Hacking Radio-signals" in the summer edition of hackover 2023. The exact timeslot still has to be decided, but hackover is the weekend of 14, 15 and 16 July.

In the workshop, we will capture, analyse and decode the signal of a 433 MHz remote-control. You do are required to bring your laptop and have some software installed beforehand.

If you are interested, either drop a message in this thread or contact me at the email-address in the announcement

Weekly thread to discuss industry certifications, trainings and other courses/learning. Ask questions, share your experiences and help others!

Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? This is the time and place to ask!

TIL the French government may have broken encryption on a LUKS-encrypted laptop with a "greater than 20 character" password in April 2023.

• https://nantes.indymedia.org/posts/87395/une-lettre-divan-enferme-a-la-prison-de-villepinte-perquisitions-et-disques-durs-dechiffres/

When upgrading TAILS today, I saw their announcement changing LUKS from PBKDF2 to Argon2id.

• https://tails.boum.org/security/argon2id/index.en.html

The release announcement above has some interesting back-of-the-envelope calculations for the wall-time required to crack a master key from a LUKS keyslot with PBKDF2 vs Argon2id.

And they also link to Matthew Garrett's article, which describes how to manually upgrade your (non-TAILS) LUKS header to Argon2id.

• https://mjg59.dreamwidth.org/66429.html

Anyone familiar/have experience with conducting a Crown Jewels Analysis (CJA)? MITRE's SEG ("Systems Engineering Guide") has a process for doing this (page 167) but there are certainly other methodologies. Am working on something like this so any anecdotes would be cool to hear about!

Now here's two tools I wish I was more experienced with - Semgrep and Jupyter. Beyond this cool article from NCC, I'm interested to hear from anyone who uses either one of these tools. How did you get started, what do you do with them, etc...

Hey Pub-folk of /c/cybersecurity! Wanted to get a quick pulse-check and collect some thoughts from the community here regarding their usage both current and future. I'll

1. Would anyone like to see weekly threads created for things like #mentorshipmonday? If so, let me know what kind of weekly threads you all would find useful/interesting.
2. There are a few infosec/cyber-related communities that have popped up both here on infosec.pub and elsewhere (e.g. kbin.social, fedia.io, etc...). Some are more niche, while others similarly general as this community. What is everyone's thoughts in terms of where they plan to spend their time? I want to be mindful of the fracturing and try to build something here that people find useful.
3. Do you think the "threadiverse" (kbin, Lemmy, etc...) is a viable alternative to Reddit for you? (Assuming you were on reddit originally).
4. If you have any other thoughts or suggestions for the community please share them here as well! Thanks!

Gotta hand it to the guys over at risky.biz, it seems like they are producing so much great content that I can't get enough of it.

I really enjoy their stuff because it's not just a bunch of news headlines with little context; they'll actually go into in-depth conversations and talk about the implications of a current event or headline.

Are there any other podcasts I should be checking out?

Interesting piece from last year on how Spotify does VM

I found this tool on github:

https://github.com/hmaverickadams/breach-parse

and there is also h8mai, but just wondering if there are any other places I could go to download more dbs for offline research? I am willing to pay a small fee, but I want a site that isn't shady and is legitimate for research.