JRT

@jrt@infosec.exchange
760 Followers
1.5K Following
2.1K Posts

Average nmap enjoyer, destroyer of IoT worlds and embedded universes.
Chief #Passkey Advocate

"Experte für Nischenthemen" - unnamed

he/him

Working in #InfoSec by day. Doing some things at @AsteroidOS and @spline by night.

ALT: @jrt

#InfoSec #Security #linux #foss #CCC #spline #berlin #ArchLinux #fedora #AsteroidOS #VR #CyberpunkIsNow

Websitehttps://jrtberlin.de
LanguagesEnglish, German
Signaljrt.42
Threemahttps://threema.id/FMESVF5Y
Matrix@jrt:kde.org
JRT15h ago
Show threadpetersuber1d ago

Update. The Danish government is moving away from #Microsoft products to #OpenSource alternatives.
https://itsfoss.com/news/denmark-road-traffic-authority-ditches-microsoft/

#Denmark

Denmark Begins Its Exit from Microsoft — and This Is Just the Start

The move is part of a government-wide effort to reduce dependency on Microsoft software. The traffic department's move is just the beginning.

It's FOSS
JRT15h ago
Mjack2d ago

Used Theremin

Like new. Never been touched

JRT19h ago
Jesper Tingvall1d ago

Coming to a seed exchange at #39c3 .

Prepare your pots and soil to take in some #chili refugees.

JRT1d ago
Manuel 'HonkHase' Atug1d ago

Während in Deutschland alte weiße Männer den Verbrennermotor und fossile Energien mit Inbrunst und Machtmissbrauch weiter führen und die ehem-Gaskonzern-jetzt-Energieministerin fossiles russisches Gas propagiert, sagen die Chinesen mal kurz die Zukunft an. 🔥🔥🔥

China: Forscher brechen die Temperaturgrenzen von Wärmepumpen
https://winfuture.de/news,155658.html

China: Forscher brechen die Temperaturgrenzen von Wärmepumpen

Chinesische Forscher haben eine technologische Hürde überwunden, die die industrielle Nutzung von Wärme seit mehr als hundert Jahren begrenzt hat. Eine neue Wärmepumpen-Architektur soll theoretisch in der Lage sein, sogar einige Erze zu schmelzen.

WinFuture.de
JRT2d ago

I got the The Archer archetype!

https://infosec.exchange/@jrt/wrapstodon/2025/5d828f008aae0b9a

#Wrapstodon2025

Wrapstodon 2025 for JRT

See how JRT used Mastodon this year!

Infosec Exchange
JRT2d ago
Teri Radichel2d ago

Microsoft will finally kill obsolete cipher that has wreaked decades of havoc - RC4 which is susceptible to Kerberoasting.

https://arstechnica.com/security/2025/12/microsoft-will-finally-kill-obsolete-cipher-that-has-wreaked-decades-of-havoc/

Microsoft will finally kill obsolete cipher that has wreaked decades of havoc

The weak RC4 for administrative authentication has been a hacker holy grail for decades.

Ars Technica
JRT2d ago
Eva Wolfangel2d ago

Neuer Trend in staatlicher Spionage: anstatt teure Zeroday-Lücken zu kaufen, wird der physische Zugriff auf Geräte ausgenutzt, um Spyware zu installieren. Aktueller Fall aus Belarus: der dortige Geheimdienst nutzte die Schadsoftware seit vier Jahren. Dank Reporter Ohne Grenzen ist der Angriff endlich enttarnt worden. Hier mein aktueller Artikel dazu - für euch als Freebie. Danke @besendorf für deine Arbeit und das gute Interview!

https://www.zeit.de/digital/2025-12/belarus-spionagesoftware-handy-app-opposition?freebie=54d93229

Belarus: Belarussischer Geheimdienst spionierte Handys aus

Der belarussische Geheimdienst setzte wohl jahrelang eine Spionage-App gegen Oppositionelle ein. Darüber konnte er Smartphones vollständig überwachen – und sogar löschen.

DIE ZEIT
JRT2d ago
Janik Besendorf2d ago

We are very excited that our publication on previously unknown #spyware in Belarus is published today!
https://rsf.org/en/exclusive-rsf-uncovers-new-spyware-belarus

This is joint research by the Digital Security Lab from Reporters Without Borders and RESIDENT.NGO

Exclusive: RSF uncovers new spyware from Belarus

Reporters Without Borders (RSF)’s Digital Security Lab (DSL), working with the Eastern European organisation RESIDENT.NGO, has uncovered a previously unknown spyware tool used by the State Security Committee (KGB) of Belarus to target, among others, journalists and media workers. RSF assesses that this exposure is a serious setback for the KGB’s operations, not least because the software appears to have been in use for several years.

JRT2d ago
ploum3d ago

Mozilla has a new CEO who:

- Has been at Mozilla for less than a year
- Has no prior open source experience (but well in "fintech" and "real estate")
- Has a MBA (aka "brainworm diploma")
- Is all-in on AI

That’s exactly the kind of bingo profile the whole community has been waiting for.

JRT3d ago
Harry Sintonen3d ago

A privilege escalation in Dropbear (CVE-2025-14282) allows any authenticated user to run arbitrary commands as root. The vulnerability affects versions 2024.84 to 2025.88. Dropbear release 2025.89 fixes the vulnerability.

A mitigation is to run dropbear without unix socket forwarding by adding the -j option.

https://www.openwall.com/lists/oss-security/2025/12/16/2

#CVE_2025_14282 #infosec #cybersecurity

oss-security - Dropbear 2025.89 fixes privilege escalation, CVE-2025-14282