Public
- Public
- Network
- Groups
- Featured
- Popular
- People

Conversation

Notices

Embed this notice
cR0w :cascadia: (cr0w@infosec.exchange)'s status on Wednesday, 14-May-2025 01:25:55 JST cR0w :cascadia:

WTF? I hate phishing training so much.
https://mastodon.social/@Firr/114490502536328063

In conversation about 3 days ago from infosec.exchange permalink
- Embed this notice
  da_667 (da_667@infosec.exchange)'s status on Wednesday, 14-May-2025 01:25:53 JST da_667
  in reply to
  - B'ad Samurai 🐐
  @cR0w @badsamurai you know what I love the most? knowbe4 re-uses their SSL certs. its just one gigantic SSL cert for a bunch of domains. Congrats, you just doxxed your phishing infra because I can fuckin' read.
  
  In conversation about 3 days ago permalink
- Embed this notice
  B'ad Samurai 🐐 (badsamurai@infosec.exchange)'s status on Wednesday, 14-May-2025 01:25:54 JST B'ad Samurai 🐐
  in reply to
  
  @cR0w if companies are going to play those games, I'll shout outlook rules from the rooftops.
  FWIW ProofPoint's keyword is threatsim
  
  In conversation about 3 days ago permalink
- Embed this notice
  cR0w :cascadia: (cr0w@infosec.exchange)'s status on Wednesday, 14-May-2025 01:25:54 JST cR0w :cascadia:
  in reply to
  - B'ad Samurai 🐐
  @badsamurai Hell yes. Let's add some more headers:
  X-ThreatSim-ID
  X-ThreatSim-Header
  X-Phishtest
  X-PhishMe
  X-PhishMeTracking
  X-PHISH
  
  In conversation about 3 days ago permalink
  
  Ryan Castellucci :nonbinary_flag: repeated this.

Feeds