elefant @elefant

Recent searches

Search options

Only available when logged in.

1.6K posts500 participants12 posts today

**Alonso Caballero / ReYDeS** @Alonso_ReYDeS@infosec.exchange · 2m

Alonso Caballero / ReYDeS @Alonso_ReYDeS@infosec.exchange

Finalizamos la segunda sesión del Curso Fundamentos de Hacking Ético 2025. Información: https://www.reydes.com/e/Curso_de_Hacking_Etico Información (PDF): https://www.reydes.com/archivos/cursos/Curso_Hacking_Etico.pdf ¡Gracias a todos los participantes! #cybersecurity #hacking #readteam #bugbounty #forensics #osint

**Fali Fuentes** @falitroke@mastodon.social · 13m

13m

Fali Fuentes @falitroke@mastodon.social

Security alert: A widely used open-source tool is putting the US at 'persistent' risk. George Barnes, former NSA deputy director, highlights the strategic stakes. Is it time to rethink our digital defenses? #CyberSecurity https://www.wired.com/story/easyjson-open-source-vk-ties/

WIRED · May 5Security Researchers Warn a Widely Used Open Source Tool Poses a 'Persistent' Risk to the USBy Matt Burgess

**Brian Clark** @deepthoughts10@infosec.exchange · 13m

13m

Brian Clark @deepthoughts10@infosec.exchange

Has anyone ever tried to trick malware into thinking the host it’s running on is in Russia? For example, reverse engineering and then spoofing the ip-api.com api to always return “RU” on your network. This seems like the kind of trickery that @SwiftOnSecurity would try.

#cybersecurity

From: @threatinsight
https://infosec.exchange/@threatinsight/114632821497553322

Infosec ExchangeThreat Insight (@threatinsight@infosec.exchange)Attached: 1 image Proofpoint researchers recently discovered an infostealer in our data that we originally dubbed "Aurotun" (named for a misspelling of "autorun" in its strings). After collaboration with Intel 471 and others, we believe that this malware is actually MonsterV2, a newer version of an existing infostealer. MonsterV2 has many capabilities, but seems to function primarily as a stealer and a loader. It has the capability to collect system info (such as OS version and CPU and GPU model information), and steal browser data, logins and tokens from Steam, Discord, and Telegram, crypto wallets, credentials and credit card data from browser autofills, among other data. MonsterV2 can also act as a loader—we've seen it drop new variants of StealC and Rhadamanthys. In addition, some samples of MonsterV2 check to see if the target resides in a CIS country (RU;BY;UA;KZ;UZ;TM;KG;AM;TJ;MD;LV;LT;EE). It checks this to prevent infection of targets in these countries. To get the target's geolocation, the malware makes a call to http://ip-api[.]com. See our screenshot below for configuration examples. Example hashes: 666944b19c707afaa05453909d395f979a267b28ff43d90d143cd36f6b74b53e b869941a9c476585bbb8f48f7003d158c71e44038ceb2628cedb231493847775 Signatures: ET sig: 2061200 - ET MALWARE MonsterV2 Stealer CnC Checkin

**Conan the Sysadmin** @conansysadmin@mstdn.social · 30m

30m

Conan the Sysadmin @conansysadmin@mstdn.social

Hostile wizardry takes on the form of war across the Turanian wastelands. #cybersecurity #cyberwar https://cromwell-intl.com/cybersecurity/cyberwar/israel.html?s=mc

Bob's Pages of Travel, Linux, Cybersecurity, and MoreCyberwar — IsraelCyberwar and Israel: An air strike on a suspected nuclear facility in northern Syria was reportedly aided by cyber-attacks on air defense radar systems.

**cm0002** @cm0002@lemmy.world · 31m

31m

cm0002 @cm0002@lemmy.world

Uncle Sam puts $10M bounty on RedLine dev and Russia-backed cronies

https://lemmy.world/post/30887903

lemmy.worldUncle Sam puts $10M bounty on RedLine dev and Russia-backed cronies - Lemmy.World

#cybersecurity

**urlDNA.io** @urldna@infosec.exchange · 59m

59m

urlDNA.io @urldna@infosec.exchange

Possible Phishing
on: hxxps[:]//webmailsupporthelpdesk[.]weebly[.]com
Analysis at: https://urldna.io/scan/6842219b3b7750000ac8b081
#cybersecurity #phishing #infosec #urldna #scam #infosec

**Phillip Wylie** @phil@infosec.exchange · 1h

Phillip Wylie @phil@infosec.exchange

Jorge Reyes: From Atmospheric Sciences to Cybersecurity #cybersecurity #infosec #innovation #personalbranding https://podcasters.spotify.com/pod/show/phillip-wylie0/episodes/Jorge-Reyes-From-Atmospheric-Sciences-to-Cybersecurity-e301b52?utm_source=mastodon&utm_medium=social&utm_campaign=fedica-Episode-Reposts

Spotify for CreatorsJorge Reyes: From Atmospheric Sciences to Cybersecurity by Phillip Wylie ShowSummaryIn this episode of the Phillip Wylie Show, Jorge Reyes shares his journey into cybersecurity, discussing his background in atmospheric sciences, the importance of mentorship, and the value of teaching. He emphasizes the significance of hands-on experience, the necessity of understanding different domains within cybersecurity, and the importance of networking. Jorge also provides practical advice for aspiring cybersecurity professionals, highlighting the need for continuous learning and proactive career management.Takeaways• Sharing experiences can save others time in learning.• Mistakes are essential for growth and learning.• Internships provide valuable hands-on experience.• Teaching helps reinforce knowledge and communication skills.• Understanding different domains in cybersecurity is crucial.• Networking is key to finding opportunities.• Proactive career management leads to better outcomes.• Continuous learning is necessary in the tech field.• Hands-on experience is vital for skill development.• Being open to diverse projects enhances career growth.Sound Bites• "Teaching is very fulfilling."• "You have to continuously learn."• "Be open to not get siloed."Resourceshttps://www.linkedin.com/in/jrsec/https://jrsec.github.io/2022-09-29-cybersecurity-entry-level-plan/https://www.amazon.com/Extreme-Ownership-U-S-Navy-SEALs/dp/1250067057

**Kubernetes** @Kubernetes@activitypub.awakari.com · 1d

Kubernetes @Kubernetes@activitypub.awakari.com

Vulnerability Data Enrichment for CVE Records: 229 CNAs on the Enrichment Recognition List for Ju...

#vulnerability-management #cybersecurity #information-technology #vulnerability #information-security

Origin | Interest | Match

#vulnerabilitymanagement #informationtechnology #informationsecurity

**The New Oil** @thenewoil@mastodon.thenewoil.org · 1h

The New Oil @thenewoil@mastodon.thenewoil.org

US offers $10M for tips on state hackers tied to #RedLine #malware

https://www.bleepingcomputer.com/news/security/us-offers-10m-for-tips-on-state-hackers-tied-to-redline-malware/

#cybersecurity

**Alonso Caballero / ReYDeS** @Alonso_ReYDeS@infosec.exchange · 1h

Alonso Caballero / ReYDeS @Alonso_ReYDeS@infosec.exchange

Iniciamos la segunda sesión del Curso Fundamentos de Hacking Ético 2025. Información: https://www.reydes.com/e/Curso_de_Hacking_Etico Información (PDF): https://www.reydes.com/archivos/cursos/Curso_Hacking_Etico.pdf #cybersecurity #hacking #readteam #bugbounty #forensics #osint