Mastodon.world admins @mwadmin

17 posts12 participants0 posts today

𝕂𝚞𝚋𝚒𝚔ℙ𝚒𝚡𝚎𝚕»Gmail Gets End-To-End Encryption From Google As 21'st Birthday Present: […] Google Claims To Have Invented An Entirely New Type Of Encryption For Gmail Users […]«This is not an April joke and yes Google offers OpenPGP for Gmail Accounts. This is not difficult to set up but too many people are too lazy in my opinion.📧 <a href="https://www.forbes.com/sites/daveywinder/2025/04/01/gmail-gets-end-to-end-encryption-from-google-as-21st-birthday-present/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.forbes.com/sites/daveywinder/2025/04/01/gmail-gets-end-to-end-encryption-from-google-as-21st-birthday-present/</a><a href="https://chaos.social/tags/e2ee" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#e2ee</a> <a href="https://chaos.social/tags/openpgp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#openpgp</a> <a href="https://chaos.social/tags/email" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#email</a> <a href="https://chaos.social/tags/gmail" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#gmail</a> <a href="https://chaos.social/tags/mail" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#mail</a> <a href="https://chaos.social/tags/itsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#itsec</a> <a href="https://chaos.social/tags/encryption" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#encryption</a> <a href="https://chaos.social/tags/google" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#google</a> <a href="https://chaos.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://chaos.social/tags/april" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#april</a> <a href="https://chaos.social/tags/endtoendencryption" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#endtoendencryption</a> <a href="https://chaos.social/tags/pgp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pgp</a> <a href="https://chaos.social/tags/joke" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#joke</a> <a href="https://chaos.social/tags/birthday" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#birthday</a> <a href="https://chaos.social/tags/nojoke" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#nojoke</a> <a href="https://chaos.social/tags/april" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#april</a> <a href="https://chaos.social/tags/ransomware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ransomware</a>

Felix Eckhardt<a href="https://social.heise.de/@heisec" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@heisec</a> Wisst Ihr, was da bei NIST los ist? nvd.nist.gov ist seit min. heute Mittag immer wieder nicht erreichbar (503).<a href="https://det.social/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://det.social/tags/itsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#itsec</a> <a href="https://det.social/tags/itsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#itsecurity</a> <a href="https://det.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a>

Felix Eckhardtnvd.nist.gov seems to be down? DOGE@work?<a href="https://det.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://det.social/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://det.social/tags/itsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#itsecurity</a> <a href="https://det.social/tags/itsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#itsec</a> <a href="https://det.social/tags/doge" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#doge</a> <a href="https://det.social/tags/musk" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#musk</a>

Griesgram in spe :linux:Interessant: Wenn ich der Home Assistant App (iOS) die Berechtigung sich im LAN umzuschauen, entziehe, dann funktioniert die Verbindung zum Server nicht mehr. Eigentlich sollte der Server-URL ausreichen. Finde ich verdächtig. <a href="https://norden.social/tags/homeassistant" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#homeassistant</a> <a href="https://norden.social/tags/itsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#itsec</a> <a href="https://norden.social/tags/opensourceistnichtimmersicher" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#opensourceistnichtimmersicher</a>

𝕂𝚞𝚋𝚒𝚔ℙ𝚒𝚡𝚎𝚕»Unsicherheit – US-Kürzungsrausch gefährdet für das Internet wichtige Open-Source-Projekte: Die neue US-Regierung entzieht dem Open Technology Fund (OTF) die Mittel. Von diesem sind unter anderem <a href="https://infosec.exchange/@letsencrypt" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@letsencrypt</a>, <a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@torproject</a> und <a href="https://floss.social/@fdroidorg" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@fdroidorg</a> finanziell abhängig. Der OTF hat Klage eingereicht«Sehr heikel und es petrifft, wenn auch "nur" indirekt, alle Menschen auf der Erde. Der Egoismus eines Irren kann uns alle betreffen!👉 <a href="https://www.derstandard.at/story/3000000263520/lets-encrypt-tor-trump-kuerzungen-gefaehrden-fuer-das-internet-wichtige-open-source-projekte" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.derstandard.at/story/3000000263520/lets-encrypt-tor-trump-kuerzungen-gefaehrden-fuer-das-internet-wichtige-open-source-projekte</a><a href="https://chaos.social/tags/trump" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#trump</a> <a href="https://chaos.social/tags/uspol" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#uspol</a> <a href="https://chaos.social/tags/tor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#tor</a> <a href="https://chaos.social/tags/fdroid" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#fdroid</a> <a href="https://chaos.social/tags/letsencrypt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#letsencrypt</a> <a href="https://chaos.social/tags/itsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#itsec</a>

𝕂𝚞𝚋𝚒𝚔ℙ𝚒𝚡𝚎𝚕»Cyberkriminalität - Swisspass-Konto gehackt: freie Fahrt für die Betrüger: Hacker ändern das Login und bestellen auf Kosten eines Studenten Zugtickets von fast 900 Franken. Das ist kein Einzelfall.«Ich bin froh, dass ich öfters noch analoge Dinge nutze und dies bewusst. Was mich mehr aufregt, ist dass viele digitale so wie online Dienste sich nicht wirklich um die Sicherheit ihrer Kunden kümmern.🔊 [CH-DE] <a href="https://www.srf.ch/sendungen/kassensturz-espresso/espresso/cyberkriminalitaet-swisspass-konto-gehackt-freie-fahrt-fuer-die-betrueger" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.srf.ch/sendungen/kassensturz-espresso/espresso/cyberkriminalitaet-swisspass-konto-gehackt-freie-fahrt-fuer-die-betrueger</a><a href="https://chaos.social/tags/sbb" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#sbb</a> <a href="https://chaos.social/tags/bahn" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bahn</a> <a href="https://chaos.social/tags/ticket" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ticket</a> <a href="https://chaos.social/tags/mobile" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#mobile</a> <a href="https://chaos.social/tags/digital" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#digital</a> <a href="https://chaos.social/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hacking</a> <a href="https://chaos.social/tags/schweiz" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#schweiz</a> <a href="https://chaos.social/tags/itsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#itsec</a>

𝕂𝚞𝚋𝚒𝚔ℙ𝚒𝚡𝚎𝚕Apple ID Hack — New Warning For 2 Billion UsersApple has long since had an air of invulnerability about it as far as users have been concerned; be they iPhone, iPad or Mac fans, the ecosystem has been thought of as pretty darn secure. Like most security assumptions, however, it is wrong. […]🍎 <a href="https://www.forbes.com/sites/daveywinder/2025/03/30/apple-id-hack-new-warning-for-2-billion-users/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.forbes.com/sites/daveywinder/2025/03/30/apple-id-hack-new-warning-for-2-billion-users/</a><a href="https://chaos.social/tags/apple" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#apple</a> <a href="https://chaos.social/tags/itsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#itsecurity</a> <a href="https://chaos.social/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hacking</a> <a href="https://chaos.social/tags/users" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#users</a> <a href="https://chaos.social/tags/itsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#itsec</a> <a href="https://chaos.social/tags/iphone" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#iphone</a> <a href="https://chaos.social/tags/ipad" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ipad</a> <a href="https://chaos.social/tags/mac" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#mac</a> <a href="https://chaos.social/tags/itsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#itsecurity</a> <a href="https://chaos.social/tags/idhack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#idhack</a> <a href="https://chaos.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://chaos.social/tags/appleidhack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#appleidhack</a> <a href="https://chaos.social/tags/appleid" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#appleid</a> <a href="https://chaos.social/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a>

𝕂𝚞𝚋𝚒𝚔ℙ𝚒𝚡𝚎𝚕User vs IT security 😼💻<a href="https://chaos.social/tags/itsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#itsecurity</a> <a href="https://chaos.social/tags/user" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#user</a> <a href="https://chaos.social/tags/online" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#online</a> <a href="https://chaos.social/tags/password" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#password</a> <a href="https://chaos.social/tags/it" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#it</a> <a href="https://chaos.social/tags/web" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#web</a> <a href="https://chaos.social/tags/itsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#itsec</a> <a href="https://chaos.social/tags/passwords" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#passwords</a> <a href="https://chaos.social/tags/joke" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#joke</a> <a href="https://chaos.social/tags/ITJokes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ITJokes</a> <a href="https://chaos.social/tags/video" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#video</a> <a href="https://chaos.social/tags/humor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#humor</a> <a href="https://chaos.social/tags/login" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#login</a> <a href="https://chaos.social/tags/jokes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#jokes</a> <a href="https://chaos.social/tags/cats" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cats</a> <a href="https://chaos.social/tags/cat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cat</a>

**Franz** @zalintyre@chaos.social · 3d

Franz @zalintyre@chaos.social

Cursed idea: An die E-Mail-Adresse im Impressum einen Alias mit Timestamp-basierten Hash anhängen und Spam automatisiert mit IP-Adresse aus dem Log an die Justiz übergeben

#spam #itsec #itsecurity

**defnull** @defnull@chaos.social · 4d *

4d *

defnull @defnull@chaos.social

Yearly reminder that #malware on #linux can just shutdown #ClamAV before downloading payload to avoid real-time detection, and #cisco does not think this is a problem.

https://github.com/Cisco-Talos/clamav/issues/1169

#itsec #infosec #foss

Replied in thread

**Kevin Karhan** @kkarhan@infosec.space · 5d *

5d *

Kevin Karhan @kkarhan@infosec.space

@dzwiedziu @fj @signalapp not really, as the #Metadata #FUD cited by #Signal is mitigateable with proper measures.

You can't even run Signal over @torproject and even if that point is moot when you're forced to quasi-#KYC by virtue of a #PhoneNumber aka. #PII they have neither legitimate interest nor technical reason to demand in the first place!

Every claim that things like #ITsec, #InfoSec, #OpSec & #ComSec can be solved with "Just use Signal!" is "#TechPopulism" at best if not being a "#UsefulIdiot"!

All #centralized, #SingleVendor & #SingleProbider systems are inherently insecure!

#EOD #thxbye #next

**𝕂𝚞𝚋𝚒𝚔ℙ𝚒𝚡𝚎𝚕** @kubikpixel@chaos.social · 5d *

5d *

𝕂𝚞𝚋𝚒𝚔ℙ𝚒𝚡𝚎𝚕 @kubikpixel@chaos.social

What is BLAKE3?

Even if I use a big fan from the use of BLAKE3 to hash, it is not possible to use it in a very advantageous way everywhere. What kind of thing is always what you have to question as a programmer. In the case of a product, the following conditions are met.

https://academy.bit2me.com/en/que-es-blake3-algoritmo-hash/

Bit2Me Academy · Nov 12, 2024What is BLAKE3?Meet BLAKE3, one of the fastest, most secure and efficient hashing algorithms in the computing and blockchain world.

#hash #BLAKE3 #encryption

**SterbeProzess** @XSterbeProzessX@mastodon.social · 5d

SterbeProzess @XSterbeProzessX@mastodon.social

Oh Oracle hat einen Sicherheitsvorfall.

Ob das @bsi uns irgendwann unterrichtet ob auch deutsche Behörden betroffen waren?

>>
Den Angaben nach umfassen die von rose87168 veröffentlichten Daten auch eine Liste von über 140.000 Domains von Unternehmen und Behörden, die allesamt von dem Datenleck betroffen sein sollen.
<<
also könnte ja sein

https://www.golem.de/news/it-konzern-unter-druck-echtheit-von-oracle-kundendaten-nach-cyberangriff-bestaetigt-2503-194741.html

Golem.de · 5dIT-Konzern unter Druck: Echtheit von Oracle-Kundendaten nach Cyberangriff bestätigt - Golem.deBy Marc Stöckel

#ITSEc #Oracle

**Kevin Karhan** @kkarhan@infosec.space · 5d *

5d *

Kevin Karhan @kkarhan@infosec.space

Rant re: Signal Shills being dangerous Tech Illiterates

Replied in thread

**Kevin Karhan** @kkarhan@infosec.space · 5d *

5d *

Kevin Karhan @kkarhan@infosec.space

@Andromxda @mollyim no it's not bs and fanboying @signalapp isn't going to change that.

If #Signal was secure it would be the #1 comms tool of organized crime...

Yet I've only seen #TechIlliterates shill it.

Real professionals use #SelfHosting capable, fully #FLOSS'd solutions like #PGP/MIME & #XMPP+#OMEMO.

Again: Demanding #PII like #PhoneNumbers and shilling a #Shitcoin-#Scam (#MobileCoin) makes Signal literally untrustworthy and if it doesn't for you then maybe your standards are just too low...

It's just me reading the room: Cuz #ComSec isn't done woth "JuSt UsE sIgNaL!" and everyone who claims so without pointing out #OpSec, #InfoSec & #ITsec is BSing hard.

The cold hard truth is that #TechLiteracy is irreplaceable and the only solution to it is to actually teach normies how to "get gud" with stuff like PGP.

Fortunatelty, @thunderbird and @tails_live / @tails / #Tails and many other tools make that easier than ever before.

So rather than vomiting insults against my intellect in my mentions, go to the next @cryptoparty@mastodon.earth / #Cryptoparty / @cryptoparty@chaos.social and lend a hand.

YouTubeSignal's Terrible MobileCoin BetrayalBy The Hated One

#cryptoparty

Continued thread

**JW Prince of CPH, Radicalized** @jwcph@helvede.net · 6d

JW Prince of CPH, Radicalized @jwcph@helvede.net

how phishing etc. often plays on urgency to lower your defenses, remember to then also remind people that almost nothing is ever that urgent.

Above all, always remember that almost everybody is on a sliding scale of "out of their element" when using a computer. The most important ITSEC measure is helping people move that slider in the comfortable direction & the best way of doing that is helping people realize they're the masters of their machines & not the other way around.

#itsec #ux #tech

**jesterchen42** @jesterchen@social.tchncs.de · 6d

jesterchen42 @jesterchen@social.tchncs.de

Tell me you are working in #itsec without telling me you're in IT sec.

https://www.reddit.com/r/Germany_Jobs/s/2prK0fAU78

**CyberEthical.Me** @cyberethical_me@infosec.exchange · 6d

CyberEthical.Me @cyberethical_me@infosec.exchange

Full write-up for ToolPie this year's forensics challenge from Hack The Box Cyber Apocalypse CTF - Tales From Eldoria.

PCAP (network capture) analysis
Python bytecode, marshalling, decompiling

https://blog.cyberethical.me/htb-ctf-2025-forensics-toolpie

#CyberEthical #CyberApocalypse25 #HackTheBox

Replied in thread

**Kevin Karhan** @kkarhan@infosec.space · 6d

Kevin Karhan @kkarhan@infosec.space

@maldr0id it's called #InfoSec, #ComSec & #OpSec.

Without it #ITsec is nonexistant.

Not to mention people got jailed for far less shite!

**𝕂𝚞𝚋𝚒𝚔ℙ𝚒𝚡𝚎𝚕** @kubikpixel@chaos.social · Mar 26

Mar 26

𝕂𝚞𝚋𝚒𝚔ℙ𝚒𝚡𝚎𝚕 @kubikpixel@chaos.social

sqlmap: Automatic SQL injection and database takeover tool

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. […]

https://darkwebinformer.com/sqlmap-automatic-sql-injection-and-database-takeover-tool/

Dark Web Informer - Cyber Threat Intelligence · Mar 25sqlmap: Automatic SQL injection and database takeover toolsqlmap: Automatic SQL injection and database takeover tool

#sql #check #database

Recent searches

Search options

Administered by:

Server stats:

#itsec