Jesse Brown

@[email protected]
94 Followers
114 Following
295 Posts

I'm an IT Consultant with a strong focus on security. Been working in the industry since 2004 and running various public services on the Internet since 1999. Before that I ran a BBS. Also: Electronics and programming hobbyist. Amateur Radio operator (kf4hzu). SCUBA diver. Casual gamer.

My opinions are my own and not related in any way to my day job. I don't like politics and I very much avoid discussing politics or religion with clients and will avoid the same here. I will say if I had to choose a side I guess I am "left" cause I certainly can't relate to the other side of that choice in the US.

#infosec #radio #technology #scuba #gaming

Company Sitehttps://itacfl.com
Alt Accounthttps://mastodon.radio/@kf4hzu
Old Accounthttps://mastodon.social/@jessebrown
Jesse BrownDec 29, 2023
Sharrow_irlDec 29, 2023
You can be exposed to #Covid and be contagious, for 10 days before test positive.
Jesse BrownDec 29, 2023
Shreshta - Uncovering badnessDec 29, 2023

Two suspicious domain names possibly impersonating Anydesk anydeskwin[.]info and anydeskdownload[.]info

Both the websites are serving an #opendir at the moment and pointing at AS13335

#threatintel #anydesk

Show threadJesse BrownDec 27, 2023
@tinker 68 seconds. 😜
Jesse BrownDec 27, 2023
VissDec 26, 2023
behold!
any environment running docker/k8s in production:
Show threadJesse BrownDec 27, 2023
@bthylafh @hacks4pancakes They are a sales and marketing company, not a security company.
Jesse BrownDec 27, 2023
@bthylafh @hacks4pancakes Maybe check when they last patched their devices on your network. While troubleshooting an issue with them I saw that they hadn't patched the appliances for at least 3 months. I called it out to them and the client and they tried to drum up some excuses, eventually just apologizing. Additionally, the made the bold statement that they have no need to monitor East-West traffic, only North-South because their "AI" will detect any intrusions. 🤣 They take a bunch of open source stuff and hide it behind their web interface so people think they are getting some high techs custom stuff but anyone that knows anything about security will know it is just barely enough to detect the loudest of attacks. Microsoft's Defender agent did a better job.
Show threadJesse BrownDec 26, 2023
@hacks4pancakes They are a terrible company that is mostly snake oil rip-off garbage. I've had clients use them and they are useless, getting canceled after showing their true incompetence. They still haven't registered their company internal domain that is used to manage and access all customers! Just ripe for DNS attacks if someone ever registered it.
Jesse BrownDec 23, 2023
mr_daemonDec 23, 2023

Fun fact: you can make your PiKVM multiport by just hooking it up to a cheap four ports HDMI kvm and hooking up the control serial port to the rpi hub, and setting up macros in kvmd to make it switch ports from the Web UI.

it's everything I ever wanted and the Redfish BCMs in my SuperMicro stuff are starting to feel primitive and clumsy in comparison.

#PiKVM #kvm #HomeLab #computing #server #rpi #lom #linux

Jesse BrownDec 5, 2023
Jan SchaumannDec 4, 2023

Let's Encrypt will issue new intermediate certs in Q1/2024: https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/L7XoAXt_s1c

Make sure your LE cert deployment logic includes serving the right intermediates that ACME should hand you, not just that same old LE intermediate you got years ago. Otherwise, there'll be breakage...

#x509 #pki #LetsEncrypt

Let's Encrypt New Intermediate Certificates

Jesse BrownNov 28, 2023
NASANov 28, 2023
Ganymede from Juno https://apod.nasa.gov/apod/ap231128.html #APOD
APOD: 2023 November 28 – Ganymede from Juno

A different astronomy and space science related image is featured each day, along with a brief explanation.