Mastodawn

Giaco 7h ago

Hailey 12h ago

rsync was basically done until the maintainer discovered vibecoding

Giaco 2d ago

larsborn 3d ago

And here for some good news in the current software supply chain craziness: https://www.crowdstrike.com/en-us/blog/inside-crowdstrike-takedown-of-a-developer-targeting-botnet/ #glassworm

watch out for traffic to 164.92.88[.]210. If you see it you might have an infected host on your network (even though nothing bad will happen anymore, that host is a sinkhole).

Inside CrowdStrike’s Takedown of a Developer-Targeting Botnet

Learn how CrowdStrike’s Counter Adversary Operations team executed a coordinated takedown of the Glassworm botnet, which targeted software developers.

CrowdStrike.com

Giaco 2d ago

Thomas Fricke (he/his)2d ago

Ihr könnt jetzt keiner Consulting Bude, die Euch einen KI Bericht liefert, mehr trauen. Das sind die Schippenverkäufer, die neben dem -hersteller Nvidia noch Geld verdienen. Fast alle anderen zahlen drauf. Ihr fast sicher auch.

Und wenn die KI einen Security Report mit falschen Referenzen generiert und Ihr den jemandem vorlegt, seid Ihr übrigens voll verantwortlich.

Geschäftsführung haftet mit Privatvermögen.

https://www.it-daily.net/shortnews/ki-skandal-ernst-young

#AI #AIslop #consulting #mckinsey #ey #deloitte

KI-Skandal bei Ernst & Young: Fehlerhafter Cyber-Bericht

Der Beratungskonzern Ernst & Young zieht einen Cybersicherheitsbericht zurück. Eine Analyse von GPTZero ergab, dass 70 Prozent der Quellen von KI erfunden waren.

Onlineportal von IT Management

Giaco May 21

Kuketz-Blog 🛡May 21

IT-Security-Weisheit am Abend 🌙

Ein Backup ist kein Backup, solange es nicht wiederhergestellt wurde. Viele merken erst im Ernstfall, dass ihre Sicherung seit Monaten stillsteht. Wer seine Daten wirklich schützen will, testet die Wiederherstellung - bevor der Ernstfall das Testen übernimmt.

#ITSecurity #Cybersecurity #Sicherheit

Giaco May 20

Graham Sutherland / Polynomial May 20

fun trick: if someone gives a hosted LLM a skill that lets it fetch web pages (directly, not through some third party scraper service) and it's hosted on AWS, you can often trick it into fetching data from the AWS instance metadata server (IMDS) at 169.254.169.254 / [fd00:ec2::254]. the higher end models tend to refuse if you give the IP, but you can just spin up a domain with A/AAAA records pointing at that IP and request that instead. if IMDSv1 isn't disabled you can get secrets out of it.

Giaco May 18

FIRST.org May 18

🌐 Cybersecurity leaders are heading to Mexico City for the 2026 Mexico City Technical Colloquium
📍 August 17–19 | #FIRSTMX26
🔗https://go.first.org/jv1Xh

Dive into incident response, crisis management, and global threat trends alongside experts from around the world.

2026 Mexico City Technical Colloquium

FIRST — Forum of Incident Response and Security Teams

Giaco May 18

mc.fly May 18

NIST has given up on CVE's. They can't deal with it anymore.

https://www.nist.gov/news-events/news/2026/04/nist-updates-nvd-operations-address-record-cve-growth

#NIST is from now on only reviewing "important" CVE's.
This means that only if it affects the (us) government or its really bad they will review CVE Submissions.

Around 90% of the submissions will not be reviewed anymore (for now)

#infosec #cybersecurity

NIST Updates NVD Operations to Address Record CVE Growth

NIST is changing the way it handles cybersecurity vulnerabilities and exposures, or CVEs, listed in its National Vulnerabilit

NIST

Giaco May 15

vollkorn (DECT 5676/"korn")May 15

And here's this friday's vuln: https://github.com/0xdeadbeefnetwork/ssh-keysign-pwn/

GitHub - 0xdeadbeefnetwork/ssh-keysign-pwn: Steal SSH host private keys and /etc/shadow via the ptrace_may_access mm-NULL bypass + pidfd_getfd. Pre-31e62c2ebbfd kernels.

Steal SSH host private keys and /etc/shadow via the ptrace_may_access mm-NULL bypass + pidfd_getfd. Pre-31e62c2ebbfd kernels. - 0xdeadbeefnetwork/ssh-keysign-pwn

GitHub

Giaco May 12