@jerry@infosec.exchange cover
@jerry@infosec.exchange avatar

jerry

@jerry@infosec.exchange

Cloud CISO
Podcast: https://defensivesecurity.org
Blog: https://infosec.engineering
Twitter: @maliciouslink
https://Infosec.Exchange Admin
#infosec #security #cybersecurity #risk #fedi22
…and for fucks sake, be nice to each other. We are only here for a brief time. Make it enjoyable.

To help support the costs associated with running this instance, please consider donating. You can set up recurring donations here:

Patreon: https://www.patreon.com/infosecexchange

Ko-Fi: https://ko-fi.com/infosecexchange

Liberapay: https://liberapay.com/Infosec.exchange/

You can also support with a one-time donation using PayPal to "jerry@infosec.exchange".

This profile is from a federated server and may be incomplete. View on remote instance

jerry , to Random stuff
@jerry@infosec.exchange avatar

Happy Mother’s Day to the moms out there. We ❤️ you

video/mp4

jerry , to Random stuff
@jerry@infosec.exchange avatar

Sadly I am losing the battle with my sleeping pills. Have a good night and enjoy the aurora! Looking forward to pictures tomorrow.

jerry , to Random stuff
@jerry@infosec.exchange avatar

The sky to the north is a bit pink here in north Georgia. No clear aurora ribbons or trails, but definitely a color that is not normal

jerry OP ,
@jerry@infosec.exchange avatar

@mikej indeed. The link is more pronounced with my camera. I think I would need to drive for a while to get a better view of the norther horizon, though. Too many trees and mountains here.

jo , to Random stuff
@jo@infosec.exchange avatar

Fact: Uber (for drivers) doesn't let you change your profile picture without a reason.

Another fact: "extensive photomolecular destabilization" is apparently a valid reason.

Now if only I can get them to pay for a new turboencabulator too...

jerry ,
@jerry@infosec.exchange avatar

@jo I heard they’ll pay for everything on the turbo encabulator except for the girdle spring

Michigander , to Photography
@Michigander@toad.social avatar

Aurora opening a portal in the sky

jerry ,
@jerry@infosec.exchange avatar

@Michigander WOW!

jerry , to Random stuff
@jerry@infosec.exchange avatar

Ok, we gotta relocate the magnetic poles closer to the equator. The aurora pics are amazing tonight

jerry OP ,
@jerry@infosec.exchange avatar

@brunoph that would be pretty amazing. I am in Atlanta, so a good bit north of Texas and Florida

jerry OP ,
@jerry@infosec.exchange avatar

@blaise it’s still shining here in ATL too

kaoudis , to Random stuff
@kaoudis@infosec.exchange avatar

Got a good solid walk in.

A couple of great big red blooms on a dragonfruit cactus!
The tiniest new cactus paddles on a prickly pear 🥺
The fog re-forming over the beach as I walked through it was a really neat experience. Either it is foggy or not foggy usually!

jerry ,
@jerry@infosec.exchange avatar

@kaoudis great pics!

jerry , to Random stuff
@jerry@infosec.exchange avatar

I’ve informed my wife that I’ll be going all in on unemployment. I’m buying an old Firebird to put up on blocks in the driveway and working to develop a taste for natty light.

jerry OP ,
@jerry@infosec.exchange avatar

@tehstu 😂 even better!

jerry OP ,
@jerry@infosec.exchange avatar

@chrisgervais if I’m doing that, I think I need an old washing machine with a missing door to go with it

jerry OP ,
@jerry@infosec.exchange avatar

Seriously, though, I’ll be spending a bunch of time at my son’s house helping him get it in shape. Tomorrow, we are replacing his hot water heater, installing a doorbell and a doorbell camera, fixing his garbage disposal, and securing the dishwasher to the cabinets. I predict that I’ll be very sore tomorrow night.

jerry OP ,
@jerry@infosec.exchange avatar

@iagox86 that doesn’t seem like much fun

jerry , to Random stuff
@jerry@infosec.exchange avatar

It’s causing me some emotions to read the many goodbyes from coworkers.

I’ve heard from people I’ve not talked to in years.

jerry OP ,
@jerry@infosec.exchange avatar

@nonproductive 😂

jerry , to Random stuff
@jerry@infosec.exchange avatar

The first blooms on a ~110 year old rose bush

image/jpeg
image/jpeg

kevinrothrock , to Random stuff
@kevinrothrock@infosec.exchange avatar

next round's on me, boys

jerry ,
@jerry@infosec.exchange avatar

@kevinrothrock :blobheartcat:

jerry , to Random stuff
@jerry@infosec.exchange avatar

[insert joke here about Taco Bell causing the coronal mass ejection]

jerry , to Random stuff
@jerry@infosec.exchange avatar

There’s some weird shit on LinkedIn. Like manifesting money and whatnot kind of weird.

jerry , to Random stuff
@jerry@infosec.exchange avatar

Just announced on LinkedIn I’m no longer going to be a ciso. I wonder how that will impact the number of follows/connections I have, and whether it’ll finally stem the tide of DM spam I get.

jerry OP ,
@jerry@infosec.exchange avatar

@gangrif yeah, I was thinking that or something like an air traffic controller. Definitely something with less stress.

jerry , to Random stuff
@jerry@infosec.exchange avatar

the death of tooters.org is causing chaos in the sidekiq jobs. looks like they didn't run the self destruct sequence???

jerry OP ,
@jerry@infosec.exchange avatar

@thisismissem Agreed. I don't really understand what happened with tooters.org, but I do know that some instance admins in the past have "rage quit" knowing the chaos that their action creates. I doubt that was the case here, but I am also not aware that they asked anyone to take it over.

jerry OP ,
@jerry@infosec.exchange avatar

@gangrif it’s a cli only command, but it is there. No other fedi-software I know of has that same sort of self destruct capability.

masek , to Random stuff
@masek@infosec.exchange avatar

I discovered today, that is restricting the use of a password manager (in my case: Bitwarden).

The password can no longer being filled from the password manager.

IMHO there is a special place in hell reserved for such people. By doing that, they foster substandard security practices.

This wouldn't be so bad if the implementation of passkeys at Amazon would not be completely dysfunctional.

Citation from their own knowledge base:

"Important: To create and use passkeys, your device will need to meet one of these minimum software requirements (if applicable):

iOS 16
macOS BigSur
Android 9"

They really do not want their users to be secure. Their only interest is "being able to blame the user if anything goes wrong".

Their enshitification continues...

jerry ,
@jerry@infosec.exchange avatar

@masek FWIW, 1Password is still able to fill in the username/password on the mobile app and website on Windows/Edge on my iphone/safari.

jerry ,
@jerry@infosec.exchange avatar

@masek I just tried is on FF on my iphone and get a similar issue - it just doesn't do anything - no error, just doesn't fill in the username. It will works on FF on Windows, though.

Agree, btw, that this is a terribly bad idea. My amazon password is 50 random characters long,

jamesmarshall , to Random stuff
@jamesmarshall@sfba.social avatar

As we all know by now, Stack Overflow has alienated their primary contributors by letting OpenAI train on SO's (CC-protected) content, and forcefully preventing countermeasures. Therefore, SO content will likely become worse and even more outdated as time goes on.

So, time to migrate. What's the preferred open source, community-run alternative to SO for everyone to migrate to? Here's one list of alternative software to run such sites:

https://meta.stackexchange.com/questions/2267/are-there-any-clones-alternatives-for-running-a-stack-exchange-style-qa-site

Which site(s) are gaining traction? If none, who wants to start one?

jerry ,
@jerry@infosec.exchange avatar

@nopatience @jamesmarshall I have been looking for an excuse to spin up a discourse instance

jerry , to Random stuff
@jerry@infosec.exchange avatar

The year is 2032.

The majority of remaining Americans list their occupation as “social media storm chaser”

jerry , to Random stuff
@jerry@infosec.exchange avatar

To the many new members of Infosec.exchange today, I am curious: what happened that caused you to join?

jerry OP ,
@jerry@infosec.exchange avatar

@paul_ipv6 ooooo maybe

jerry OP ,
@jerry@infosec.exchange avatar

@alex_02

video/mp4

jerry OP ,
@jerry@infosec.exchange avatar

@alice_watson @catsalad @alice you bet! We’re glad you’re here!

jerry OP ,
@jerry@infosec.exchange avatar

@RGPphotog ah - that’s disappointing to hear. I’m sorry that happened, but I’m glad you’re here.

jerry OP ,
@jerry@infosec.exchange avatar

@lerg this was the answer I was expecting

jerry OP ,
@jerry@infosec.exchange avatar

@lerg well, did it happen?

jerry OP ,
@jerry@infosec.exchange avatar

@lerg

coleens_ , to Random stuff
@coleens_@infosec.exchange avatar

@npub1x0r5gflnk2mn6h3c70nvnywpy@momostr.pink @jerry - can you be of some assistance here my friend?

jerry ,
@jerry@infosec.exchange avatar

@coleens_ nuked from orbit

jerry ,
@jerry@infosec.exchange avatar

@nuintari @coleens_ anti-trans meme. Not sure how people have the time to worry so much about what other people are doing

Nonya_Bidniss , to Random stuff
@Nonya_Bidniss@mas.to avatar

Why do I keep getting no-follower, locked, French language accounts trying to follow me? Seems like what could be called "inauthentic behavior." I've been blocking them.

jerry ,
@jerry@infosec.exchange avatar

@DaveMWilburn its an odd thing. A new mastodon account’s home feed is completely empty, by design, and when people complain about it, we tell them they need to go follow people. So they do, and then we view them as spammers.

Certainly some of them are not honest engagement, but my unscientific polling of some of these accounts is that they’re just lurkers trying to fill their home TL with things by looking ay who other people follow, etc.

@neurovagrant @Nonya_Bidniss

jerry ,
@jerry@infosec.exchange avatar

@Nonya_Bidniss @DaveMWilburn @neurovagrant do you have some examples? I’ll take a closer look

shellsharks , to Podcast
@shellsharks@shellsharks.social avatar

So I want to get my #podcast back up but have been thinking about moving hosting providers. Currently with #Podbean, which has been easy to use and relatively cheap as far as I can tell. I've been interested in #Castopod given the Fedi-compatibility. Anyone have thoughts on Castopod? Their managed offering is quite a bit pricier than Podbean.

Surprised @jerry doesn't run a Castopod instance in the #jerryverse... maybe infosec.audio needs to exist? I'd definitely be willing to support with $$ 😄

jerry ,
@jerry@infosec.exchange avatar

@shellsharks I looked at it a while ago and it was a bit of a hot mess. I’ll take another look

DarkWebInformer , to Cybersecurity
@DarkWebInformer@infosec.exchange avatar

Pretty sure ZScaler has been breached.

🚨🚨Notorious threat actor,
@InteIBroker
, is selling access to a large Cybersecurity company. Price: $20,000. Details below.

Revenue: $1.8 Billion
Access includes:

  • Confidential and highly critical logs packed with credentials
  • SMTP Access
  • PAuth Pointer Auth Access
  • SSL Passkeys & SSL Certificates
  • some others (will be on contact)
    Price: $20K in XMR or ETH
    Middleman / Escrow accepted (Auto Escrow or
    @Baphomet
    )
    Message me on the forums for a point of contact.
    Proof of funds is required.
    I am only selling to reputable members. No time wasters or default rank users.

X Link: https://twitter.com/DarkWebInformer/status/1788179513353891977

jerry ,
@jerry@infosec.exchange avatar

@k3ym0 @DarkWebInformer indeed, this article references the above post from @thint https://www.bleepingcomputer.com/news/security/zscaler-takes-test-environment-offline-after-rumors-of-a-breach/amp/

jerry ,
@jerry@infosec.exchange avatar

@k3ym0 @DarkWebInformer @thint I should probably temper this by saying that in my career, particularly over the past few years, my employer was the subject of a bunch of BS claims, and I have wanted to do this very thing - try to set the record straight by calling out what I perceived as hyperbolic speculation, rumor compounded by more rumor. It’s also my experience that I’d be dealing with two problems instead of one if I made those posts and the rumors later turned out to be true.

In this instance, it appears that what may have been impacted was a lab and so hopefully no impact to client or employee data.

jerry , to Random stuff
@jerry@infosec.exchange avatar

I get to watch my youngest graduate university today. I hope y’all have a great day!

jerry OP ,
@jerry@infosec.exchange avatar

@joy Cruzan and his human are moving into my basement until he finds a job/gets situated

jerry OP ,
@jerry@infosec.exchange avatar

@cenobyte he’s graduating with a degree in economics

jerry OP ,
@jerry@infosec.exchange avatar

@taco2054 @infoseclogger I worked my tail off for 32 years to make sure both my kids could exit college without loans. I was fortunate enough to make that work for them.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • Mordhau
  • WatchParties
  • Rutgers
  • MidnightClan
  • Lexington
  • cragsand
  • mead
  • RetroGamingNetwork
  • mauerstrassenwetten
  • loren
  • xyz
  • PowerRangers
  • AnarchoCapitalism
  • kamenrider
  • supersentai
  • itdept
  • neondivide
  • space_engine
  • AgeRegression
  • WarhammerFantasy
  • Teensy
  • learnviet
  • bjj
  • khanate
  • electropalaeography
  • steinbach
  • jeremy
  • fandic
  • All magazines
    •