Posts by lippard@infosec.exchange
(DIR) Post #9lgy29x5eHZh92N3MO by lippard@infosec.exchange
2019-08-08T23:49:32Z
0 likes, 0 repeats
Did anybody cover the charlatan track at Black Hat? Looks like there was a stellar entry today.
(DIR) Post #9lh0NxHVddiw7uRUcC by lippard@infosec.exchange
2019-08-09T00:18:09Z
0 likes, 0 repeats
@maxeddy There's a Twitter thread by @veorq. Crazy presentation about "time AI" encryption, a sponsored (and clearly unvetted) talk.
(DIR) Post #9lh4RmhZJaXYHziGMS by lippard@infosec.exchange
2019-08-09T01:03:40Z
0 likes, 0 repeats
@maxeddy It's some fun stuff. 5D Encryption, incorporating biometrics and music.
(DIR) Post #9lhAVjrQQ3DyMSalKC by lippard@infosec.exchange
2019-08-09T01:04:21Z
0 likes, 0 repeats
@maxeddy There were the inevitable Time Cube comparisons.
(DIR) Post #9lkXQCdNPN1iHbEJd2 by lippard@infosec.exchange
2019-08-10T16:46:23Z
0 likes, 1 repeats
The Bellingcat report on the Russian ProtonMail phishing campaign against them has now been published: https://www.bellingcat.com/news/uk-and-europe/2019/08/10/guccifer-rising-months-long-phishing-campaign-on-protonmail-targets-dozens-of-russia-focused-journalists-and-ngos/
(DIR) Post #AQkYb1Nlj7e5MZWaRs by lippard@infosec.exchange
2022-12-19T01:51:47Z
0 likes, 0 repeats
I think Elon has no intention of stepping down as CEO even if the poll goes against him (two of his more recent tweets tonight say there's no successor and no one else wants the job, and that the job requires investing your life savings in the company) -- therefore, I am happy again that I voted "yes" because it is even more revealing and will make no difference to the outcome.
(DIR) Post #AR6mtPZiBuHsRYtOhk by lippard@infosec.exchange
2022-12-29T19:20:52Z
0 likes, 1 repeats
I own the discord[.]org domain, which I registered a long time ago due to my fondness for Robert Anton Wilson and Robert Shea's Illuminatus! trilogy. A couple of years ago I started getting lots of mis-directed traffic due to the rise in popularity of Discord; I set up some redirection to help people find the right place. Now, since last month I've started getting lots of. weird web traffic using Roblox user agents (mainly Windows and Android), which I suspect may also be Discord-related, but I am not sure of the origin--there is no HTTP referrer clue.
(DIR) Post #AR6nRmXbJJnlW7IIls by lippard@infosec.exchange
2022-12-29T19:22:33Z
0 likes, 0 repeats
Here's what one of these HTTP GET requests looks like: GET /ecooUVw%20Dk}38:%80m%82Q9!hETYA-KsZ6D^/iDFj94bcO`%80uyGk*}ya.58%26H]v4%80!RcYP HTTP/1.1
(DIR) Post #AR6nRnCMrkPZYYMrJY by lippard@infosec.exchange
2022-12-29T19:25:39Z
0 likes, 0 repeats
I've not found any common characters or sequences in the requests (though I've only eyeballed it, so far), and they come from lots of different IPs, both IPv4 and IPv6. At the moment I'm just blocking the IPs but it's not a great mitigation strategy. There are some that hit repeatedly, others that do it only once or twice. There are also some unusual requests that seem to have recursive URIs embedded in the request repeatedly.
(DIR) Post #ARGgOgnfRWoh6cPaWO by lippard@infosec.exchange
2023-01-03T13:54:02Z
0 likes, 0 repeats
@DanielEsq @sethcotlar The SecJuice story claims the #2 and #3 instances are full of child porn. Both are Japanese, run by Mask Network/Social Coop Limited, and I think both are defederated? Powoo and Mstdn dot jp, I don't really know anything about them but the former is anime-themed and Mask also seems to be pushing Web3/cryptocurrency nonsense.
(DIR) Post #ARGgfNJf8YnJbHKjwm by lippard@infosec.exchange
2023-01-03T13:57:51Z
1 likes, 0 repeats
@jonhendry @lucybeahere @sethcotlar @DanielEsq Using the software name for the platform/network falls easily into confusion. The architecture is like email, so it's perhaps like saying "I hear most email sent with sendmail is spam, why would you support spamming by using sendmail?"
(DIR) Post #ASNfNXODmFfnZNjZ4K by lippard@infosec.exchange
2023-02-05T20:39:13Z
1 likes, 0 repeats
I haven't been on a CVE-2021-21974-vulnerable version of ESXi since December 19, 2020. I tend to update relatively early, but these MSPs that haven't been patching seem pretty negligent.
(DIR) Post #AWhbHyoauPBYxoigCG by lippard@infosec.exchange
2023-06-15T00:32:13Z
0 likes, 1 repeats
Now this is really funny. Trump ignored the advice of a smart lawyer (who was paid $3M in advance to work for Trump), in favor of a non-lawyer crank (Tom Fitton) from Judicial Watch, an organization founded by one of the most incompetent lawyers ever (Larry Klayman). https://www.washingtonpost.com/national-security/2023/06/14/trump-indictment-classified-documents-settlement/
(DIR) Post #AZq3fGiwL9GYgeXqIS by lippard@infosec.exchange
2023-09-16T17:31:34Z
1 likes, 0 repeats
Had an appointment for flu and COVID vaccine at CVS Health this morning, went in, and they only had the flu shot, and likely won't have the COVID vaccine for another week.
(DIR) Post #AZq3fI9Z1e9n7W0cQy by lippard@infosec.exchange
2023-09-16T17:41:15Z
0 likes, 0 repeats
Walgreens says they'll have it Monday. This is the second time CVS has allowed me to make an appointment and then didn't have it (or closed shortly before I arrived at my appointment time!).
(DIR) Post #AcpoTIGb8cznCqEBW4 by lippard@infosec.exchange
2023-12-15T13:15:56Z
0 likes, 0 repeats
@clive @landley @vaurora This is not a general purpose site, but this just happened: https://infosec.exchange/@lippard/111575104692587664