I don’t know why it motivates me more than anything else in the world

thirdbird :blobcatcoffee: boosted

Yeah, I wasn’t specific enough. By security providers I meant mostly CDN providers with built-in WAF. Like Cloudflare, Akamai and Fastly

Show thread

I strongly believe that security is not a type of thing that can be outsourced. Instead of delegating the security of your product to a third-party company invest in your own. These security providers have a much bigger infrastructure than yours, which makes them more vulnerable by default. They also usually have a larger attack surface and are dishier for bad actors. Finally, your account on these services is also an extra point of entry for attackers that are targetting your web app

Happy New Year and everyone else here! Hope 2022 will bring some good moments to all of us. Remember, dark times are not forever. Spread love and stay safe

thirdbird :blobcatcoffee: boosted

New project stuff 

I have a need for Rust devs, Flutter (flutter.dev) folks, and a lawyer versed in internet law. This is an open source project, it is targeted for a launch mid-year 2022.

We are 1-2 months out from needing the assistance, but better to start recruiting early... If you are interested in saving the world, I am here to speak with you.

I finally had some time to play with boxes. I enjoyed this one a lot. Amazing machine! I think it is one of my favorite so far

root@devzat:~# id
uid=0(root) gid=0(root) groups=0(root)

hackthebox.com/achievement/mac

thirdbird :blobcatcoffee: boosted
thirdbird :blobcatcoffee: boosted

I hope it will just go down one day, and never come back 

AWS ec2 availability problems in N.Virginia

thirdbird :blobcatcoffee: boosted

Hacking - NEW RULES (re: log4j) 

Please be kind to blue teams, and IT

- Do NOT hack on Fridays, Saturdays, or Sundays
- Please make sure that you have fuzzed ALL the possibilities BEFORE disclosing.

(( All of the log4j updates have been released on Fridays, when everyone is trying to chill :P. Also... there's been like 3 iterations of it so far.. STAAAAAAAAHP!! ))

thirdbird :blobcatcoffee: boosted

Happy HackingHolidays everyone <3 💻️ 🏴‍☠️ I hope your family and friends are doing good and well, let's make 2022 a year when we advance hacker culture and hacker ethics, and bring new people to this wonderful community now going on for more than 40 years. happy hacking! #hacking #hackers #hackerethics @merce @thegibson @TheDoctor @hackerfantastic @x3r0x @HackerRadioShow @surveillancepod @ghostdancer big thanks 2 Steven Levy for wonderful study on hackers heroes of the computer revolution

Am I missing something? Aren’t issues described in this article are true for any other service? If you don’t trust your admin selfhost your shit
@seb I hope this toot won’t get spoofed

infosec-handbook.eu/articles/x

Show older
IOC.exchange

INDICATORS OF COMPROMISE (IOC)
InfoSec Community within the Fediverse. Newbies, experts, gurus - Everyone is Welcome! Instance is supposed to be fast and secure.

We have a Getting Started Guide here: https://ioc.wiki/mastodon

HAVE FUN and STAY SAFE!