@jerry@infosec.exchange cover
@jerry@infosec.exchange avatar

jerry

@jerry@infosec.exchange

Cloud CISO
Podcast: https://defensivesecurity.org
Blog: https://infosec.engineering
Twitter: @maliciouslink
https://Infosec.Exchange Admin
#infosec #security #cybersecurity #risk #fedi22
…and for fucks sake, be nice to each other. We are only here for a brief time. Make it enjoyable.

To help support the costs associated with running this instance, please consider donating. You can set up recurring donations here:

Patreon: https://www.patreon.com/infosecexchange

Ko-Fi: https://ko-fi.com/infosecexchange

Liberapay: https://liberapay.com/Infosec.exchange/

You can also support with a one-time donation using PayPal to "jerry@infosec.exchange".

This profile is from a federated server and may be incomplete. View on remote instance

jerry , to Random stuff
@jerry@infosec.exchange avatar

Some fireworks pics from the baseball game this evening

video/mp4

jerry OP ,
@jerry@infosec.exchange avatar

@bplein a bit.

jerry OP ,
@jerry@infosec.exchange avatar

@ramsey that is exactly where I was

lcamtuf , to Random stuff
@lcamtuf@infosec.exchange avatar

I like fractals because in my teenage years, they were this huge pop-cultural phenomenon - as profound as cold fusion, aerogels, and graphene.

And some serious mathematicians stared at them for a good while, said "well, that's that then", and we never spoke of fractals again

jerry ,
@jerry@infosec.exchange avatar

@lcamtuf there have been some practical uses. For example, most cell phones and other wireless devices now use fractal antennas. https://insight.ieeeusa.org/articles/why-mobile-phones-can-do-so-many-things-the-invention-of-the-fractal-antenna/amp/

jerry , to Random stuff
@jerry@infosec.exchange avatar

I am surrounded by kids at the baseball game and remembering how Yoda died because Luke wouldn’t stop asking questions

video/mp4

infosec_jcp , to Random stuff
@infosec_jcp@infosec.exchange avatar
jerry ,
@jerry@infosec.exchange avatar

@infosec_jcp @Gargron well, the data privacy watchdog referenced in the article is on Twitter https://twitter.com/toezicht_AP

jerry , to Random stuff
@jerry@infosec.exchange avatar

Friday night baseball!

jerry OP ,
@jerry@infosec.exchange avatar

@InfoSecSherpa I root for whoever is winning, much to the dismay of my family

krypt3ia , to Random stuff
@krypt3ia@infosec.exchange avatar

So, people immolating themselves at the Trump trial….

jerry ,
@jerry@infosec.exchange avatar

@krypt3ia I did not have that on my bingo card

jerry , to Random stuff
@jerry@infosec.exchange avatar

I had a few minutes to get the camera out and take a few random shots. I really like this lens.

image/jpeg
image/jpeg
image/jpeg

jerry OP ,
@jerry@infosec.exchange avatar

@XEJKnol thanks. It’s the Nikon z 105mm f2.8 macro

jerry OP ,
@jerry@infosec.exchange avatar

@EmperorHenry the orange one is mine and the grey one is my son’s, but the both live with me

CoachKahnsef , to Random stuff
@CoachKahnsef@infosec.exchange avatar

So like, why does Facebook need an AI?

Seriously... Why?

@jerry does infosec.exchange need an AI?

jerry ,
@jerry@infosec.exchange avatar

@CoachKahnsef @shellsharks we have ChatJerryPT

adamshostack , to Random stuff
@adamshostack@infosec.exchange avatar

(I'm experimenting with short videos about blog posts like this one on the CSRB on Microsoft. I have no idea how video uploaded to Mastodon works.)

Edit: apparently it doesn't work 🤷

jerry ,
@jerry@infosec.exchange avatar

@adamshostack @dostalcody how big is the video and what format is it in?

jerry ,
@jerry@infosec.exchange avatar
jerry ,
@jerry@infosec.exchange avatar

@adamshostack @dostalcody ok. Let me see if perhaps ffmpeg is choking on the file

nuintari Bot , to Random stuff
@nuintari@infosec.exchange avatar

So, awesome issue I just noticed. I suspect because I nuked this account, and then was allowed to come back, and something ain't quite right in the backend because of it.

My followers/following counts are always zero.

I like it this way. I'm here, and awesome people interact with me. That is what matters. I don't need the dopamine rush of a steadily increasing follower count, I flat out don't want it.

Dear @jerry, If you decide you need to find out why this is happening, please tell me, because I always like to know such things. But for the love of god, please don't fix it.

jerry ,
@jerry@infosec.exchange avatar

@nuintari interesting. I think I know what is wrong, and I will fix it later tonight.

jerry , to Random stuff
@jerry@infosec.exchange avatar

FYI to all you clever Palo people who disabled telemetry to mitigate CVE-2024-3400:

In earlier versions of this advisory, disabling device telemetry was listed as a secondary mitigation action. Disabling device telemetry is no longer an effective mitigation. Device telemetry does not need to be enabled for PAN-OS firewalls to be exposed to attacks related to this vulnerability.

https://security.paloaltonetworks.com/CVE-2024-3400

realn2s , to Cybersecurity
@realn2s@infosec.exchange avatar

I haven't seen a lot of posts regarding the newly "discovered" Russian backdoor from any of the usual suspects. Only articles in general newspapers.

I this just hyped by a security firm?

jerry ,
@jerry@infosec.exchange avatar

@realn2s I am sure it is hype, but I think the report about it is pretty new, so likely will take a day or so to see the it hitting the usual places

miri , to Random stuff
@miri@infosec.exchange avatar

We’re at the 6.5 hour mark of this migraine and I just want to die. I’m not light, sound, smell, or temperature sensitive. I just have an ice pick being driven through both my temples right now and I’m really over it.

jerry ,
@jerry@infosec.exchange avatar

@miri I am sorry. I hope it passes soon.

Xavier , to Random stuff
@Xavier@infosec.exchange avatar

After you promote code to prod on Friday. I think this is actual footage of @jerry...

video/mp4

jerry ,
@jerry@infosec.exchange avatar

@Xavier dang, someone took a video of me upgrading Infosec.exchange

jerry ,
@jerry@infosec.exchange avatar

@mansr @Xavier that is wild…. And crazy

jerry , to Random stuff
@jerry@infosec.exchange avatar

I do find it oddly appropriate that the unit of a kubernetes deployment is called a “cluster”

jerry OP ,
@jerry@infosec.exchange avatar

@davesdogmaggie i hadn’t heard of that, but it certainly seems appropriate

campuscodi , to Random stuff
@campuscodi@mastodon.social avatar

UK plans to make the creation of sexually explicit deepfake images a crime

https://www.gov.uk/government/news/government-cracks-down-on-deepfakes-creation

jerry ,
@jerry@infosec.exchange avatar

@i0null @campuscodi :dance_cool_doge:

jerry , to Random stuff
@jerry@infosec.exchange avatar

It is starting to hit me. After this week, I think I will more earnestly start figuring out what is next

jerry OP ,
@jerry@infosec.exchange avatar

@DaveMWilburn I am intending to take the summer off, targeting September or October to get back to work, but I feel like I need to be looking now

jerry OP ,
@jerry@infosec.exchange avatar

@rtyler that does sound attractive, but I’m not sure there is enough money here to feed my orchid habit

jerry OP ,
@jerry@infosec.exchange avatar

@CapraObscura well, I have to find a new job, so I guess the bad kind. But then, I am happy to be leaving, so maybe the good kind?

jerry OP ,
@jerry@infosec.exchange avatar

@CapraObscura I have probably 20 years left, depending on what happens with 401k, etc

jerry OP ,
@jerry@infosec.exchange avatar

@grubbslinger it will be for a little while, but sadly I have to get back to work sooner or later

jerry OP ,
@jerry@infosec.exchange avatar

@hazelweakly the part about aging 40 years while working as a CISO is indeed true. Sadly retiring isn’t in the cards yet

jerry OP ,
@jerry@infosec.exchange avatar

@infosec_jcp I need to know the moment I’m done!

ksaj , to Random stuff
@ksaj@infosec.exchange avatar

Repeat after me: There👏 is👏 only👏 one👏 Solar👏 System👏! Until there is a second star named Sol, every star system is named after is star (or stars, in the case of binaries, etc).

Why do magazines that should know better make the same mistake so often? So unprofessional, and annoying besides...

https://www.universetoday.com/166560/what-happens-to-solar-systems-when-stars-become-white-dwarfs/

jerry ,
@jerry@infosec.exchange avatar

@ksaj do we have a generic name for an arrangement of planets around a star that doesn’t reference Sol? I can’t think of one

tethik , to Random stuff
@tethik@infosec.exchange avatar

These prices for storage seem very reasonable - time to do my own dyi-dropbox?

So far loving the service with them. Shame this isn't part of their provider.

jerry ,
@jerry@infosec.exchange avatar

@tethik there are some IO limits, but otherwise it’s a great deal on a good service

micahflee , to Random stuff
@micahflee@infosec.exchange avatar

There’s a lot going on at The Internet these days https://www.semafor.com/article/04/14/2024/the-intercept-is-running-out-of-cash

jerry ,
@jerry@infosec.exchange avatar

@micahflee

and two star journalists trying to take control.

So are there two “star” journalists or “two star” journalists?

jerry , to Random stuff
@jerry@infosec.exchange avatar

I took some glamor shots of Thor today. He is looking good for 17 and diabetic

image/jpeg
image/jpeg

jerry OP ,
@jerry@infosec.exchange avatar

I used a 70-200 lens set to 70mm at f2.8 - I hadn’t considered that lens for portraits, but it seems to work

jerry OP ,
@jerry@infosec.exchange avatar

@BenAveling lately, I use my 50f1.8 or 85f1.8 prime lenses

jerry OP ,
@jerry@infosec.exchange avatar

@mathieui I think I’ll go for a 50f1.2 before the plena. I mean, the plena looks great, but that’s not my favorite focal length and to have it as a prime seems like a bad use of money

jerry OP ,
@jerry@infosec.exchange avatar

@BenAveling I was taking some product shots for my wife of stuff of many different sizes, so the zoom was quite handy. Thor jumping on the table was a bonus.

I do think the 85f1.8 would have looked better

jerry OP ,
@jerry@infosec.exchange avatar

@rmd1023 he is the best.

jerry OP ,
@jerry@infosec.exchange avatar

@williamtm the Nikon z version is quite awesome and I’m not sure why I wasn’t using it that way before.

GossiTheDog , to Random stuff
@GossiTheDog@cyberplace.social avatar

I’ve been a director in cybersecurity for 6 months today.

Security is hard, y’all.

jerry ,
@jerry@infosec.exchange avatar

@GossiTheDog so say we all

jerry , to Random stuff
@jerry@infosec.exchange avatar

So, it turns out today was “chainsaw adoption day” at Home Depot. I just couldn’t let that poor chainsaw stay homeless.

jerry OP ,
@jerry@infosec.exchange avatar

@AndrewX192 @nuintari I just needed it to cut down one dead 30’ birch tree that was about 12 inches in diameter. I was able to cut it down and cut it up with one of the 8AH high output batteries and it only reduced the charge by one light (how accurate a reflection of the remaining charge, I do not know)

jerry OP ,
@jerry@infosec.exchange avatar

@ronwm planning for post-CISO life now. I only have 70 days left.

simontsui , to Random stuff
@simontsui@infosec.exchange avatar

CERT-EU warns of an exploited zero-day for Palo Alto Networks: CVE-2024-3400 (10.0 critical, disclosed 12 April 2024) command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software. Affected versions are PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1. This zero-day is NOT patched yet, and hotfix releases will be made available starting 14 April 2024. 🔗 https://cert.europa.eu/publications/security-advisories/2024-037/ and original Palo Alto Networks security advisory: https://security.paloaltonetworks.com/CVE-2024-3400

jerry ,
@jerry@infosec.exchange avatar

@simontsui it seemed super optimistic to me

jerry ,
@jerry@infosec.exchange avatar

@chinetsec @simontsui I was happy to learn that we didn’t have telemetry enabled. That said, I think we are in for a rough few months of palo vulns

  • All
  • Subscribed
  • Moderated
  • Favorites
  • supersentai
  • WatchParties
  • pixo
  • jeremy
  • Lexington
  • cragsand
  • mead
  • RetroGamingNetwork
  • MidnightClan
  • neondivide
  • xyz
  • PowerRangers
  • AnarchoCapitalism
  • kamenrider
  • electropalaeography
  • WarhammerFantasy
  • Rutgers
  • Teensy
  • itdept
  • space_engine
  • steinbach
  • learnviet
  • bjj
  • loren
  • AgeRegression
  • khanate
  • mauerstrassenwetten
  • Mordhau
  • All magazines