One nice thing about having a birthday in April is that the new OS versions releases feel like birthday presents.
Fedora 44 and Ubuntu 26.04? For me? Thanks dev teams, that's so kind of you.
RossMadness
- 26 Followers
- 73 Following
- 1,094 Posts
Infosec Analyst, former Systems Admin, Linux Enthusiast, at one time I was an aspiring English scholar.
Kevin BeaumontOrgs aiming to implement a Mythos-ready security program when they have a flat network with default creds everywhere and ransomware actors casually logged in.
@arcanox @Peetz0r @deviantollam In my experience, Crowdstrike Falcon usually blocks these due to IOA (behavioral) chains. So usually it still blocks it early enough for the attack to fail. Also, I'm not sure what settings VirusTotal is using because Falcon Prevention Policies have a billion settings that could change the results.
Mike Shewardwent to the theatre to see Les Misérables because i am a classy soul, and while i don’t have a clue what transpired over the last three hours because i haven’t pre read it or watched the movie, the cast and musicians were very very good.
also one fella, at least, was french, that much i know.
@deviantollam like others have said, this is a common tactic that I've seen way too many people fall for. The real fun ones are in Claude or ChatGPT "public docs" which are uploaded by users, but people think it's an answer from ChatGPT.
Shout out to all the OSINT homies with their "phone brightness set to Guantanamo level".
I am monitoring the situation.
i was quite surprised to discover that no one had registered deleteduser [dot] com, and was curious to see how many emails i'd get if i registered it, assuming many orgs 'delete' logic probably just overwrote the email address with [email protected] or similar.
The answer, is at least 3 different orgs in the hour that I've owned that domain and been listening for email.
And yes, all of those emails contain the actual PII of the person who has been 'deleted' :-D
Lisa MeltonRecently I read a post by some jackhole techbro who wants a default automatic feed algorithm here just like Big Social™.
Opening the door for AI bullshit is not even the worst part of this idea.
Folks, all of us here ARE the algorithm. Personal curation is a feature, not a bug.
We make Mastodon awesome by following people and boosting what we find meaningful, significant or just cool. That's how it works.
Let's keep making friends. Let's keep sharing. Let's keep Mastodon alive. Together. 💖
Recently had an acquaintance ask me if I saw a story posted on Facebook. I said I didn't. When asked why not, I informed them I don't have Facebook. Surprised, they asked why I didn't have Facebook and I said "privacy concerns" and cited just one concern about their meticulous GPS tracking because it's the least technical one I could think of. They replied to me with "Well, they haven't found ME yet."
I have never gotten that response before. Usually the other person acknowledges the problem but explains why it doesn't concern them. I've never met someone who thinks a bazillion dollar company doesn't know who they are as they use the platform. Bizarre.
Brian Greenberg 
A startup is putting military-style drones in high school ceilings. Ceiling-mounted. Charging. Waiting. And when something happens, a pilot in Austin, Texas, decides whether to deploy pepper gel on your kid's school. I'm not saying the problem isn't real. It absolutely is. But read that back.... in schools. We've taken a Ukrainian battlefield tactic against Russian soldiers and ported it to Deltona High School in Florida. The co-founder literally said the idea came from watching drone videos of the war in Ukraine. The chief pilot described it as "cheating in a video game after you die." These are children.
Here's what's not in the headline:
🔒 The drones use an encrypted connection — but the article notes they're potentially vulnerable to cyberattack. A compromised drone in a crowded hallway isn't a security tool; it's a weapon pointed in the wrong direction.
⚖️ Mithril reserves the right to act independently during an attack, without waiting for law enforcement. A private company operating remotely is making use-of-force decisions at a school.
💰 Florida and Georgia approved $500K+ each for this. A group of Texas parents raised $200K more. That's real money going to ceiling drones instead of mental health services, counselors, or de-escalation programs.
The ACLU said it plainly: when force becomes a zero-risk remote action, it gets overused. Axon tried a Taser drone for schools in 2022, and its own ethics board killed it. Mithril is picking up where that got dropped.
I teach cybersecurity. I've spent years in boardrooms helping organizations think through risk. And the risk calculus here isn't just about whether the drone works. It's about what we're normalizing when we turn schools into drone-monitored combat zones and call it progress.
"This is the future," said the sheriff's captain.
I hope not.
#SchoolSafety #Cybersecurity #Leadership #security #privacy #cloud #infosec