David Penfold 

@davep@infosec.exchange
2K Followers
258 Following
22.4K Posts

Does IT stuff. Vegan and anarchism curious.

Likes permaculture, infosec, Tranmere Rovers. But mainly bad jokes stolen from https://www.justthetalk.co.uk/thehaven/17468/urgent-i-need-a-good-joke-right-now

Also unreasonably fond of BPMN.

Officially not right in the noggin #ʘ‿ʘ

likewhatever
SignalDave.14
CO2 ppm at birth321.37
Geology museums are neat because they're just an institutionalized version of "come check out this neat rock I found."

For the past few weeks, @DomainTools Investigations worked with OSINT analyst and investigative journalist grantees to help uncover connections between websites involved in the harassment of Ukrainian personnel and their families, and the people and infrastructure involved.

We provide a technical writeup below on the observables and data involved.

#infosec #cybersecurity #threatintel #disinformation

https://www.domaintools.com/resources/blog/rdap-and-bgp-in-investigative-journalism/

RDAP and BGP in Investigative Journalism - DomainTools | Start Here. Know Now.

One of the things we’re most proud of at DomainTools is our Grants program. We offer free access and training to investigative journalists, as well as security researchers involved in community-benefiting projects. Yearly presentations at the NICAR investigative reporter conference allow us to share techniques utilizing passive DNS and other domain intelligence that often prove […]

DomainTools | Start Here. Know Now.

AI voice clones have hit the White House AGAIN, now impersonating the Secretary of State, Marco Rubio, to other Government officials to try to steal secrets and access. Here is a video of me live demoing how quick and easy it is to clone a voice to hack and how to catch AI voice clone attacks in action!

It takes me 2 minutes total to set up a AI voice clone social engineering attack.
I need about 10-15 seconds of a person’s voice to clone it well, spoof a phone call (change caller ID to display another number -- available on the App Store!) and initiate a voice clone attack via call.

Governments, organizations and individuals need to know how to verify identity of caller outside of caller ID and voice match, now!

Gone are the days of trusting caller ID. We can no longer rely on “knowing someone’s voice” or “knowing someone’s face on video call”, I can clone those in minutes in a live audio call or video call.

Verify identity using another method of communication before providing sensitive data, codes, money, etc.

If they call, you can chat, email, DM -- any other method of communication to verify that person is who they say they are FIRST.

Stay politely paranoid, folks.

Please whenever some crappy Android or iOS app prompts you to go rate it without you asking always go give it a minimum rating. The sooner everyone does that the sooner the nonsense stops.

Elvis Costello - Tramp The Dirt Down

https://song.link/gb/i/294809845

Tramp the Dirt Down by Elvis Costello

Listen now on your favorite streaming service. Powered by Songlink/Odesli, an on-demand, customizable smart link service to help you share songs, albums, podcasts and more.

Songlink/Odesli
Designing a Repair Ecosystem: A Guide for OEMs

To keep customers happy and comply with Right to Repair laws, OEMs must support repair. But how? There are four main options.

iFixit

Trump is working on regime change in Europe — fact, not conspiracy theory

The US State Department published a memo urging Washington to back far-right parties in EU elections to build obedient “civilizational allies,” branding mainstream Europe as anti-democratic and making threats against governments that resist—effectively exporting Trump’s culture war to erode European sovereignty.

https://euobserver.com/eu-and-the-world/ar0ec480cc

(https://archive.ph/bYVVj)

Trump is working on regime change in Europe — fact, not conspiracy theory

On 27 May, an official document, The Need for Civilizational Allies in Europe, calling for regime change in European countries was published, written by a senior adviser for the Bureau for Democracy, Human Rights, and Labor in the US State Department, writes Caroline de Gruyter.

EUobserver
I was going to make a pun about the word scamp and how people use it in a naughty/amorous context and how it makes me think of scampi but I googled “sexy shrimp” and that is an actual creature that exists. Once again, nature has stolen my thunder.

Happy #PortfolioDay 🌳
I like pixelart!

#PixelArt #MastoArt #Art

Its official: The Post Office & Fujitsu have blood on their hands.... and as commentators are already saying; its the management of these firms who should have been prosecuted, not the hapless sub-postmasters.

This very British scandal (in that its about a managerial class shitting from a hight on normal working folk) is going to get a lot worse as the Horizon Inquiry delivers its results (n stages).

#PostOffice #Horizon #politics

https://www.theguardian.com/uk-news/2025/jul/08/post-office-scandal-inquiry-horizon-it-scandal

Post Office scandal may have led to more than 13 suicides, inquiry finds

First report from Horizon IT hearings lays bare ‘disastrous’ human impact as 10,000 people seek compensation

The Guardian
×