Skip to content

Piero Bosio Social Web Site Personale Logo Fediverso

Social Forum federato con il resto del mondo. Non contano le istanze, contano le persone
  1. Home
  2. Categories
  3. Uncategorized
  4. Bypassing LinkedIn's Connection Privacy with a Simple Search Filter

Bypassing LinkedIn's Connection Privacy with a Simple Search Filter

Uncategorized
2 2 1
Log in to reply

Feed RSS
Bypassing LinkedIn's Connection Privacy with a Simple Search Filter

Gli ultimi otto messaggi ricevuti dalla Federazione
@pierobosio@soc.bosio.info
Post suggeriti
  • release_candidate@mastodon.bsd.cafeundefined

    https://committing-crimes.com/articles/2024-09-09-jitpack/

    Uncategorized infosec centralization zerotrust supplychainattack
    1
    0 Votes
    1 Posts
    6 Views
    release_candidate@mastodon.bsd.cafeundefined
    https://committing-crimes.com/articles/2024-09-09-jitpack/The infosec hell was never users writing down their password in a post-it stuck to their monitor.The true infosec hell is developers trusting centralized repositories of "open source" that nobody reads nor audits.Again I have to battle against devs that, for pure convenience and laziness, put users and the company at the mercy of any random of the internet, with the willing to perform a supply chain attack.#infosec #centralization #zerotrust #supplychainattack
  • teajaygrey@snac.bsd.cafeundefined

    I submitted a Pull Request to update MacPorts' OpenSSH to 10.1p1 here:https://github.com/macports/macports-ports/pull/28592GitHub Continuous Integration checks passed OK

    Uncategorized openssh macports secureshell macos encryption security infosec
    1
    0 Votes
    1 Posts
    17 Views
    teajaygrey@snac.bsd.cafeundefined
    I submitted a Pull Request to update MacPorts' OpenSSH to 10.1p1 here:https://github.com/macports/macports-ports/pull/28592GitHub Continuous Integration checks passed OK!Alas, the agent.patch that iamGavinJ had created, doesn't apply cleanly, in large part because ssh-agent.c has been reworked significantly with this release.Subsequently, I closed this previous Pull Request: https://github.com/macports/macports-ports/pull/28592 not because I didn't want to restore that functionality to launchd, but because it will require more effort than I can give such things at this time.But, check out these improvements to ssh-agent from the OpenSSH 10.1 release notes:"ssh-agent(1)](https://man.openbsd.org/ssh-agent.1), sshd(8): move agent listener sockets from /tmp tounder ~/.ssh/agent for both ssh-agent(1) and forwarded socketsin sshd(8).This ensures processes that have restricted filesystem accessthat includes /tmp do not ambiently have the ability to use keysin an agent.Moving the default directory has the consequence that the OS willno longer clean up stale agent sockets, so ssh-agent now gainsthis ability.To support $HOME on NFS, the socket path includes a truncatedhash of the hostname. ssh-agent will, by default, only clean upsockets from the same hostname.ssh-agent(1) gains some new flags: -U suppresses the automaticcleanup of stale sockets when it starts. -u forces a cleanupwithout keeping a running agent, -uu forces a cleanup that ignoresthe hostname. -T makes ssh-agent put the socket back in /tmp."Anyway, I updated this as well:https://trac.macports.org/ticket/72482I should probably actually close this ticket now that I think of it (fingers crossed that adding that to the PR is sufficient, since I forgot to add that note to the commit message as is typically preferred: https://trac.macports.org/ticket/73084).#OpenSSH #MacPorts #SecureShell #macOS #encryption #security #infosec
  • knitcode@infosec.exchangeundefined

    I recently discovered that rich assholes may have intimidated a security company into taking down excellent research they wrote three years ago.'nThere are far too many rich assholes attempting to intimidate people these days.

    Uncategorized threatintel cybercrime scam malware infosec dns phishing
    1
    0 Votes
    1 Posts
    5 Views
    knitcode@infosec.exchangeundefined
    I recently discovered that rich assholes may have intimidated a security company into taking down excellent research they wrote three years ago.There are far too many rich assholes attempting to intimidate people these days. Fuck all these guys.And don't forget to archive shit in many locations.. locally. Archive.org. archive.today.. email it to others.. rewriting history is bad.You should read this excellent paper. I don't know the researchers but it is good work..Please boost for awareness of this great work and scare tactics #threatintel #cybercrime #scam #malware #infosec #dns #phishing https://web.archive.org/web/20250731051150/https://www.cyjax.com/wp-content/uploads/2022/11/Fangxiao-a-Chinese-threat-actor.pdf
  • losttourist@social.chatty.monsterundefined

    #NIST have issued updated #password guidelines for businesses.

    Uncategorized nist password infosec
    1
    0 Votes
    1 Posts
    7 Views
    losttourist@social.chatty.monsterundefined
    #NIST have issued updated #password guidelines for businesses. Interestingly they now say that requiring special characters is no longer a recommendation, but longer passwords / passphrases (using spaces) is a better idea.I say "interesting" because that's something I've been doing for many years, long before I discovered password managers to remember things for me.https://proton.me/blog/nist-password-guidelines#infosec