Notices by Chester Wisniewski (chetwisniewski@securitycafe.ca)

@GossiTheDog Are they Fortiproxy? That was affected.

@GossiTheDog 0-day confirmed https://www.csoonline.com/article/3802722/fortinet-confirms-zero-day-flaw-used-in-attacks-against-its-firewalls.html

@tim Right, but for me to set up DNS on HE's servers it needs to see the delegation.

@tim Strange thing was a local whois from my server showed the delegation, but Hurricane Electric's DNS service did not. It is possible HE checked as soon as I added the domain (race condition) and won't check for another 60 mins as a rate limiter?

@tim Some sort of odd timer, might be an issue with Hurricane Electric. Exactly 60 minutes after purchase it recognized the delegation.

I like my .ca domain names, but the provisioning is soooo slow. Every time I create a new domain, I want to USE it. The delegation seems to take hours to propagate sometimes, where a .com in 2024 seems almost instantaneous.

h/t to @johnshier

Is it just me or should all journalists be seriously looking at the Fediverse as the only sensible home? Now with Threads being able to follow accounts here and Threads banning political and news content on their own platform, it seems like the perfect workaround. Add in a bridge to BSky and Bob's deep throat's uncle.

What if AT&T had MFA enabled on their Snowflake... and were SIM swapped?

@GossiTheDog @campuscodi I did an analysis at RSA 6 years ago on who hosts the bad... https://youtu.be/FQLlt-7gsYI?si=iuXrCpLn1VVvgBfc

@GossiTheDog Yes, this happens a lot too.

@GossiTheDog we see the same last I checked. You don't need to believe me either, but I believe it is true.

@GossiTheDog This whole thing feels like a desperate ploy to explain to people why they should throw out their PCs to get a new one with an "NPU". Don't want, don't need. They have to include something that "requires" it, even though as already proven, it isn't even needed for this.

@GossiTheDog @Quinnypig Everyone gives me the side eye for running my own mail server, IRC, nextcloud, etc. I have seen this play before and it ends in tears. Trust no one.

@Techmeme Hadn't this already been debunked?

@GossiTheDog @metlstorm I'm surprised this was effective considering many more ransomware crews are doing "remote ransomware", effectively running the encryption on an unprotected device and connecting to the shares over the network. Would work against Netware shares as well as anything else...

Looks like Lush Cosmetics were victims of Akira as they have appeared on their leak site. Akira has exploited unpatched Cisco ASA VPNs in the past, wondering if the same here? They use them according to Shodan data.

It's getting harder and harder to not publicly say critical things about the competition...

Great! TransUnion, whom I have the pleasure of receiving free credit monitoring from due to the MGM Casino breach in Sept, has a policy of only allowing 15 characters or less. Not like anything important is on the line or anything. Oh, they get bonus points for letting me skip the password with a trivial security question! #InfoSec #NotAFeature @boblord @thorsheim

@atomicpoet @iameli It sounds good, but I don't see it being possible without compromising many people's safety. Suggesting it is safe without having studied the underlying risks is dangerous and irresponsible. (2/2)