Notices by Christoffer S. (nopatience@swecyb.com)

@Viss @cR0w @chillybot @jerry @lerg

haha... I feel I need to contribute.

I have seen Airwolf and ultimately feel qualified to assert that helicopters and airplanes should in fact attempt to avoid colliding.

I enjoy reading articles written by humans, because most often ... they read like as if a human had written it.

Tell me what you think of this one from Fortinet:

https://www.fortinet.com/blog/threat-research/analyzing-malicious-intent-in-python-code

To me this reads like an LLM has generated the output based on some technical indicators.

What's your take? I really, really dislike it. Please dont write like this if you are a human.

#CybeeSecurity

Huntress: https://www.huntress.com/blog/analyzing-initial-access-across-todays-business-environment

Thorough analysis of initial access and the distribution of various techniques. Exploitation of 0days, contrary to reporting is not an especially common technique but using stolen creds and logging in, however, is.

Good read for sure and certainly helps with prioritization of defensive countermeasures.

#CyberSecurity #ThreatIntel

Pay for it Friday! Use this toot as an excuse to support your #Fediverse instance home. Perhaps that's #Mastodon, #Pixelfed or any of the other wonderful software projects enabling us all to communicate across platforms.

Setup a recurring donation, anything and everything really counts. I'm personally supporting Mastodon with a $20/monthly donation (and have done so since 2023!). In addition to running a Swedish cybersecurity instance.

Boost if you believe in the fediverse ideal. 🙂

Another thought regarding #OpenSource software. There is a pervasive mentality that such software cannot be associated with money. It appears hard to reconcile paying for something that is free.

This mentality must change. We must foster and support the idea that great software is costly to develop. How can we ensure that more people financially contribute to OSS if it supports them?

I believe that we should highlight those paying and supporting OSS. 1/x

How about a website/portal/system where we could aggregate and display how people could contribute and support various software packages. Where we encourage support, provide tools and guides to how one can support projects.

Perhaps (as a starting point) it could be a simple collection of popular projects where you can contribute financially, orgs enabling such support and how to connect with those?

I so fucking wish there were more hours available during each day...

I have been perhaps somewhat knowingly ignorant of Amazon practices as it relates to price blackmailing regarding books and the authors producing them.

Giving up Kindle is not easy, the comfort and ease with which to buy... license books, is well smooth.

How do people read digitally without Kindle? What are the alternatives?

I credit my enlightenment to @mwl when he in passing explained the reason for not selling through Amazon.

#Books #Kindle #Alternative

I wish some technically inclined and adept people could develop a browser, which I could also pay for.

This would allow them to align their interests with mine much more closely. I'm forking out quite a bit or money each month to various free software projects but there are literally no browsers building their business around just doing that, providing a browser.

Surely if #Kagi can succeed so must a #WebBrowser ?

Fork something and get started. I will be the first paying customer. $50/month.

A little embarrassed to admit that I had forgotten about @Vivaldi

They actually allow donations now. So I'm going to take Vivaldi for a more serious spin for a few months and also setup, during this time, a recurring monthly donation. And I guess I have to eat my own words and pay $50.

I discovered this because of a Toot from @jon and having read through much of what's on Vivaldi homepage... we have somewhat aligned incentives and "values".

Let's do this!

#SilentSunday

@BeAware ... that... could yeah... be useful.

I was kind of thinking like a note next to the export of a mute. So that it's more closely connected with the actual mute/block whatever.

But yeah... perhaps that could work as an intermediate solution!

It would be quite useful, when muting a user, that I could provide myself a note for future reference of why I muted the account in the first place.

#Mastodon #Features #Moderation #Tools

Guess memory only resident malware got entirely fucked today. Shame on all those backdoors and established C2-channels. Real shame.

#CyberSecurity #CrowdStrike

Fucking YES! #ChatControl has been removed from the agenda.

@inthehands
Im confused. I thought the sauce was first to be applied to the foundation, only after which an appropriate spread of glue can be applied.

But perhaps it should go on first to keep both sauce and cheese non-moving.

Perhaps ask for a clarification?
@tdp_org @Brad_Rosenheim

Transferred my financial support for #Immich from GitHub to Liberapay. $15/month for something I use almost daily.

Also supporting #Gnome with $20/month and Fedilab Android client.

What apps and/or projects are you supporting?

Would like to support #Fedora as well, but there are no options (?) to subscribe or donate.

#OpenSource #Sponsor

NoName are going bananas with DDoS-attacks against Finland since a few days ago.

Sup?

#ThreatIntel #NoName #DDoS

With regard to xz backdoor, did anyone actually have any idea this was going on? With all these vendors doing source code scanning, was there any indication of maliciousness?

#OSS #Security #SBOM #xz

@GossiTheDog Plenty more victims now... guess this has done nothing but embolded him/them and I guess we can expect more eager affiliates to join the ranks for LockBit. Given the absolutely phenomenally massive marketing campaign that was provided to them for free.

I thought this would end-up with lockbitsup in jail, but if this is not going to be the case.

The fallout will be bad... really bad me thinks.

Would be very useful to create a feature in Mastodon which would enable admins of instances to create trusted and exchange relationships for peer blocked domains.

That way I could create a trusted relationship to for example @jerry and @seb and choose to trust their block lists of for example limited servers, or even blocked ones.

That way we would somewhat leverage the Fediverse of selective trusted relationships between instances.

#Feature #Mastodon #Moderation #Spam