Posts by hrbrmstr@mastodon.social
(DIR) Post #Ai48b7kzSJkMyanJb6 by hrbrmstr@mastodon.social
2024-05-06T10:13:07Z
0 likes, 0 repeats
Do I know anyone @ Unit42? If so, or if you do, can you have someone from there hit up bob at greynoise dot io?
(DIR) Post #Ai48bAHK54nYnRwAGu by hrbrmstr@mastodon.social
2024-05-06T14:12:32Z
0 likes, 0 repeats
Got someone! #ty!
(DIR) Post #Ak1d0F9ujcXD8SbFcu by hrbrmstr@mastodon.social
2024-07-17T12:48:11Z
1 likes, 0 repeats
Um… Someone shld prbly tell ZDNet that their writers may want to not have ChatGPT write their articles and that their editors might not want ChatGPT to edit their articles to avoid naming the wrong company in the headline and body text and linking to the wrong company's report (and then mix up annual comparisons by using the wrongly named company's previous year’s report).#DoNotTrustTechMediaWithoutVerifyinghttps://www.zdnet.com/article/cloudflare-reports-almost-7-percent-of-internet-traffic-is-malicious/Saved for posterity: https://web.archive.org/web/20240717124204/https://www.zdnet.com/article/cloudflare-reports-almost-7-percent-of-internet-traffic-is-malicious/
(DIR) Post #AlAp2ULqDNKyVRAcnA by hrbrmstr@mastodon.social
2024-08-20T00:35:02Z
0 likes, 0 repeats
I know nobody cares about this, but the real "scandal" is that Patreon DISBANDED THEIR INFOSEC DEPARTMENT.There is nobody — NOBODY — running cybersecurity there.Yet, all y'all care about is “Apple wants rent”.Yep. 100%. Ask any of us who want to buy comics or audiobooks from someone besides Apple and we’ll gladly commiserate.But, why on $DEITY’S own earth are you willing to put your $$$$ into an org who doesn’t care at all about the safety of your FINANCIAL SERVICES' data?
(DIR) Post #Aql6SxSb3fflLUB7JY by hrbrmstr@mastodon.social
2025-02-04T00:54:07Z
0 likes, 0 repeats
@Viss rookie mistake
(DIR) Post #AralzAPrdaYFEhzgy8 by hrbrmstr@mastodon.social
2025-02-28T20:36:50Z
4 likes, 1 repeats
(DIR) Post #AvaMZ9UGnmmtUprdOC by hrbrmstr@mastodon.social
2025-06-28T09:37:13Z
1 likes, 0 repeats
O_O Synology's middleware service was inadvertently exposing a master credential during every setup process, and this credential belonged to Synology's global app registration, giving attackers broad read-only access to organizational data including Teams messages, group information, and Microsoft 365 content. https://modzero.com/en/blog/when-backups-open-backdoors-synology-active-backup-m365/
(DIR) Post #AwL0WZadzX94iumxw8 by hrbrmstr@mastodon.social
2025-07-20T21:40:22Z
0 likes, 0 repeats
@Viss @neurovagrant not for nuthin' but spidey-sense is really telling me MSFT knew more abt this vuln than they're saying way earlier than they're letting on and i hope someone close to the info does a whistleblower thing.
(DIR) Post #AwL0Wba0arpEtWVUDw by hrbrmstr@mastodon.social
2025-07-20T21:42:06Z
0 likes, 0 repeats
@Viss @neurovagrant sharepoint 0-day
(DIR) Post #AwL0WcFq5LHmzG4tQO by hrbrmstr@mastodon.social
2025-07-20T21:42:27Z
1 likes, 0 repeats
@Viss @neurovagrant oh, wait…need to correct that…ANOTHER SharePoint 0-day
(DIR) Post #AwTpG67iQgsLczq35E by hrbrmstr@mastodon.social
2025-07-24T15:28:12Z
0 likes, 0 repeats
@Viss we can all go home, they solved security https://www.prnewswire.com/news-releases/maro-secures-4-3-million-in-seed-funding-to-eliminate-human-risk-in-cybersecurity-302512471.html
(DIR) Post #AzjqKVWYWGwGE5TyUa by hrbrmstr@mastodon.social
2025-10-30T14:37:24Z
1 likes, 0 repeats
(DIR) Post #B0dl2iLEZze6bPFh1U by hrbrmstr@mastodon.social
2025-11-26T14:24:13Z
0 likes, 0 repeats
@abucci @froztbyte Same reason reporters cozy up to silicon valley execs and terrible political leaders: access and perks. Sadly, b/c of that and his reach, he's kind of actually, for real, dangerous.Then again, Karpathy this week said "software is ephemeral" so we may be past the point of no return for a sizable % of coders.
(DIR) Post #B0qnaKfboyXxzoQ4Ke by hrbrmstr@mastodon.social
2025-12-02T21:26:52Z
1 likes, 0 repeats
TMW Magic Wormhole (https://github.com/magic-wormhole/magic-wormhole) gives you a very inappropriate CLI command to share with the person who needs the file(s):```wormhole receive 69-unicorn-facial```
(DIR) Post #B1NVyShUEJ3wtQKbx2 by hrbrmstr@mastodon.social
2025-12-18T15:12:37Z
0 likes, 0 repeats
@Saorsa @librewolf no software is apolitical. Suggesting otherwise is so daft.
(DIR) Post #B1RU2ipB4G3zFdQXKa by hrbrmstr@mastodon.social
2025-12-20T10:37:51Z
0 likes, 1 repeats
TMW the wind destroyed time https://lists.nanog.org/archives/list/nanog@lists.nanog.org/message/ACADD3NKOG2QRWZ56OSNNG7UIEKKTZXL/
(DIR) Post #B1uO02tr0SQeVKnDrU by hrbrmstr@mastodon.social
2026-01-03T12:54:41Z
1 likes, 0 repeats
Y'all shld have your orgs perma-block AS206264 at the edge.Caught them doing hikvision mass recon & dug in a bit more on them.Daily sessions exploded in late Nov++.Activity peaked during the week of December 22–28 with 2.4 million sessions, declining to 1.3 million the following week — consistent with holiday-period automation rather than manual operations.Need to do an infrastructure compare to see which group(s) migrated to (or just expanded use into) this bulletproof hoster.
(DIR) Post #B2YMqp5X3q8GDhYbYm by hrbrmstr@mastodon.social
2026-01-22T12:08:46Z
0 likes, 0 repeats
I *CANNOT WAIT* until we see this and other strings hit all these “Agentic SOC" environments. Likely gonna cause a whole bunch of orgs to go blind (telemetry-wise) for just enough time for attackers to do what they need to do. https://infosec.exchange/@morattisec/115929249640927958
(DIR) Post #B2YMqqPQ9NdSJfs0CO by hrbrmstr@mastodon.social
2026-01-22T12:35:23Z
0 likes, 0 repeats
BASE64 THESE EVERYWHERE
(DIR) Post #B2YMqrZ1r8untlNBoW by hrbrmstr@mastodon.social
2026-01-22T12:38:43Z
1 likes, 0 repeats
ZOMGOSH I HOPED THIS WOULD WORK the mt agamenticus img is what i asked it to describe)