infosec

Oh, your service logged me out for my security? Great, I'll just open up the vault that contains my private keys so that I can open up the password manager with the master password of my other vault, which has the credentials I'll use to log back into my account. And then to finish the login process you'll send me a one-time password in clear text through SMS or email because those are the only options you offer for a "second factor". I feel much more secure now thank you.

(For clarity this is a sardonic post).

#InfoSec #cybersecurity #security #web #dev #tech

#Whistleblower details how #DOGE may have taken sensitive #NLRB data

In the first days of March, a team of advisers from #Trump's new Department of Government Efficiency initiative arrived at the Southeast Washington, DC, headquarters of the National Labor Relations Board.

The small, independent federal agency investigates & adjudicates complaints about unfair #labor practices.

#law #InfoSec #privacy #NationalSecurity #Musk
https://www.npr.org/2025/04/15/nx-s1-5355896/doge-nlrb-elon-musk-spacex-security

Are you interested in a different kind of security conference?

Then take a look at the Open Security Conference (@OSCo). #osco25 takes place from October 2 to 5 in Rückersbach (Germany near Frankfurt) and registration is still open at https://opensecurityconference.org/.
(this is an English version of the original German thread https://infosec.exchange/@realn2s/114936419689473030)

Why?

The Open Security Conference aims to be diverse and inclusive. This also includes different levels of knowledge and experience.
It is therefore not only for security experts or for people who have (already) worked in the security sector for a long time,
but also for people who are interested in security or want to get into the field.

The #OpenSpace format not only enables expert presentations,
but also non-expert topics or questions as session topics. Sessions are not resticted to presentations, they can be interactive, collaborative, workshops or basically anything else.

Since topics do not have to be submitted months in advance,
but the agenda is created jointly by the participants, hot topics can also be covered.

The conference is non-commercial, i.e. the total costs are shared between the participants (including the organizers).
The costs include accommodation and meals in the conference hotel.

And yes, there are also sponsors who cover part of the costs.

But not everything is different.

There are great keynotes e.g. by @bkastl ("History repeating itself") and Mireia Cano ("Building an AppSec Program from Scratch").

#CyberSecurity #Security #InfoSec #AppSec #ProductSecurity #OTsecurity

***infosec specialists are needed in the resistance ***

The world needs tech security specialists to run workshops at public libraries for all ages & abilities to remove spyware, AI, reduce surveillance, understand the issues, & for more advanced, move to Linux, degooglefy, etc.

Libraries will pay good wages for these workshops.
If you have these skills, please consider offering them.

#libraries #library #tech #infosec #privacy #security #activism #antifa #resistance

Hey y’all, I’ve let myself get consumed by work and school and all of that, but shit is pretty fuckin’ dire for my friend @catbailey.

https://infosec.exchange/@catbailey/115051886620613739

If you’ve any help you can spare, any at all, she could use it, she’s just trying to stay alive long enough to land a job and get back on her feet. If all you’ve got is your reach on a niche federated microblogging network, I understand, but we'd appreciate you sharing with your network on the Fediverse and/or Bluesky where she's @blackcatswhitehats.org.

$868.26/4500 raised

Best to use Venmo/PayPal/CashApp, but GoFundMe is appreciated too and good for higher latency needs.

GoFundMe: https://www.gofundme.com/f/aid-for-cat-and-her-kids-in-crisis?lang=en_US
PayPal: https://paypal.me/catalystediting
Venmo: @BlackCatHackers
CashApp: $BlackCatOps

#MutualAid #MutualAidRequest #InfoSec #HelpCatAndCo #CyberSecurity

Is it just me, or has the number of captcha challenges significantly increased over the past few months? Nowadays I feel like I'm being hit with captchas all day every day, where before it was relatively rare. It is especially noticeable on sites I visit frequently, have accounts with, and presumably have cookies for.

#captcha #SecurityTheater #infosec #CyberSecurity #security #tech #dev #internet #web

Hello Fediverse! I’m @cyberseckyle 👋
Formerly @beardedtechguy. Same human, new handle that fits the work I live and breathe. I’m still very much a tech guy and the beard is staying 🧔‍♂️💻

What to expect here: practical security tips, MSP life behind the scenes, blue-team playbooks, lab tinkering, tool breakdowns, and no FUD. If you like clear, actionable posts with a little humor, you’re in the right place.

Let’s swap ideas and make the internet a little less weird and a lot more secure. 🛡️
#Cybersecurity #InfoSec

Hey y’all, another status update on @catbailey ’s situation. Apologies for any mistakes but I’m working from phone and memory, so if I get anything wrong I’ll correct the post.

Storage Units containing her kid’s inheritance are going up for auction in a matter of days if not day. Moving anything out of them would require becoming current on payments ($1350), having help, and either her car or use of one. Becoming current here is her highest priority.

Her car was repossessed early last week or late the week before after the bank with the loan took 9 days to draft their ACH against her account, allowing some other charges to hit first and dip her into insufficient funds. She can still reinstate the payment plan by becoming current before it sells in ~early November, to the tune of $2200.

Her internet faces cutoff immediately, $100, and phone is due soon, $120.

And, y’know, there’s the whole feeding her kids, her cats, and herself bit, in that order if I know her, plus the other essentials like cat litter, toilet paper, and so on. Adding it all up I’m bumping the goal again, because nothing ever gets cheaper.

$360/4500 raised

Best to use Venmo/PayPal/CashApp, but GoFundMe is appreciated too and good for higher latency needs.

GoFundMe: https://www.gofundme.com/f/aid-for-cat-and-her-kids-in-crisis?lang=en_US
PayPal: https://paypal.me/catalystediting
Venmo: @BlackCatHackers
CashApp: $BlackCatOps

#MutualAid #MutualAidRequest #InfoSec #HelpCatAndCo

The witch’s robes flapped in the gale as she knelt on the beach. Waves crashed and she squinted as the sea spray lashed her face.

She withdrew a small syringe from the water as the magic started to work. As she stood, the wind calmed to a gentle breeze. The ocean settled until it was smooth as glass.

“This spell,” she said, knocking sand off her knees, “I call ‘sea quell injection’”

#microfiction #dadjoke #infosec #sqlinjection

Once again blocked from using a website I've used regularly for years because of "unusual activity" from "your IP". After passing a captcha, no less.

Somehow bot-detecting algorithms have been degrading over time.

This is a troubling trend because people who aren't using the anointed access points of the internet struggle more and more to connect and interact. Large entities like CloudFlare choke off more and more avenues of access in the name of "security", enforcing digital checkpoints without any accountability to anyone.

#dev #tech #web #bot #DarkPattern #security #infosec #cybersecurity #checkpoint

It's been ages! But Scrolls is back once again. What's in it? A bunch of random stuff from bygone weeks. I hope you enjoy, and I hope to be back again soon with more good shtuff.

https://shellsharks.com/scrolls/scroll/2025-10-01

Thanks to those mentioned below. Their blogs, their writing, their thoughts, and what they share were not only featured in this week's edition, but they are part of what sustains myself and the IndieWeb in general in darker times. Thanks! 🧡

@laura @fyr @tinimalina @mttaggart @ismh86 @kedara_eu @WahPlus @luna @kalfeher @jwildeboer @decryption @adulau @aphyr @fedicat @StarWarsPlanets @fyr @bagder @stark4n6 @privacyguides @gaz @joel

#infosec #fediverse #indieweb

Y'all, @catbailey has lost phone service, and target to get that turned back on is $85.83. She's also working out how to explain to her kid that everything he inherited from his father is gone, because it doesn't look like there's any chance of saving the storage units. Her car was repossessed and is expected to sell in ~early November.

$460/4800 raised

Best to use Venmo/PayPal/CashApp, but GoFundMe is appreciated too and good for higher latency needs.

GoFundMe: https://www.gofundme.com/f/aid-for-cat-and-her-kids-in-crisis?lang=en_US
PayPal: https://paypal.me/catalystediting
Venmo: @BlackCatHackers
CashApp: $BlackCatOps

#MutualAid #MutualAidRequest #InfoSec #HelpCatAndCo

Reposting my updated Android #FOSS replacements list (as of Sep 28) 🧵1/3

Stock Replacement:
--Play Store ➡️ Droidify, Obtainium, Aurora Store
--Backup (non-root) ➡️ AppListBackup & App Manager (via wireless adb)
--Calculator/Converter ➡️ yetCalc
--Calendar/Tasks ➡️ TBA³ (currently aCalendar+)
--Camera ➡️ OpenCamera¹
--Chrome ➡️ Fennec & DDG
--Clock ➡️ Clock (best.deskclock)
--Contacts ➡️ Fossify
--Docs ➡️ Collabora
--Drive ➡️ ProtonDrive + Round Sync
--Files ➡️ TBA³ (currently Solid Explorer for SMB & cloud capability)
--GAuth ➡️ Aegis
--GBoard/Speech Recognition ➡️ HeliBoard w/ Whisper

#Android #FDroid #Obtainium #Foss #InfoSec #DeGoogle #Floss

#Discord age verification going about as well as was to be expected i see.

all your passport are belong to darkweb.

https://www.theverge.com/news/792032/discord-customer-service-data-breach-hack

#infosec #cybersecurity #ageVerification #Ukpol #eupol #uspol #hacking #socialmedia