GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE
  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Notices by :brdRobe: (cr0w@infosec.exchange)

  1. Embed this notice
    :brdRobe: (cr0w@infosec.exchange)'s status on Wednesday, 01-Jul-2026 04:44:28 JST :brdRobe: :brdRobe:

    shut up and taste the rainbow

    In conversation about 5 days ago from infosec.exchange permalink

    Attachments


    1. https://media.infosec.exchange/infosec.exchange/media_attachments/files/115/697/390/249/696/378/original/94836ff806837fec.png
  2. Embed this notice
    :brdRobe: (cr0w@infosec.exchange)'s status on Tuesday, 30-Jun-2026 06:50:30 JST :brdRobe: :brdRobe:
    in reply to
    • Matthew Lyon

    @mattly In that case, I would say your best bet is to look for a Netflow setting somewhere. I don't do much with home routers so there may not be one but it's worth a look.

    In conversation about 6 days ago from infosec.exchange permalink
  3. Embed this notice
    :brdRobe: (cr0w@infosec.exchange)'s status on Tuesday, 30-Jun-2026 06:39:28 JST :brdRobe: :brdRobe:
    in reply to
    • Matthew Lyon

    @mattly Do you have root access on the router?

    In conversation about 6 days ago from infosec.exchange permalink
  4. Embed this notice
    :brdRobe: (cr0w@infosec.exchange)'s status on Wednesday, 17-Jun-2026 05:32:48 JST :brdRobe: :brdRobe:
    in reply to
    • Soatok Dreamseeker

    @soatok Not just Trump but yes.

    In conversation about 19 days ago from infosec.exchange permalink
  5. Embed this notice
    :brdRobe: (cr0w@infosec.exchange)'s status on Wednesday, 17-Jun-2026 05:30:30 JST :brdRobe: :brdRobe:

    RE: https://cyberplace.social/@GossiTheDog/116759868416707730

    CSAM generation is now openly "critical for national security." So yeah, America is going about as expected.

    In conversation about 19 days ago from infosec.exchange permalink

    Attachments

    1. No result found on File_thumbnail lookup.
      Kevin Beaumont (@GossiTheDog@cyberplace.social)
      from Kevin Beaumont
      The US government has intervened in a lawsuit on the side of X, saying Grok is "critical for national security" https://www.wired.com/story/doj-lawyers-argue-xai-vital-national-security-naacp-lawsuit/
  6. Embed this notice
    :brdRobe: (cr0w@infosec.exchange)'s status on Friday, 12-Jun-2026 06:47:29 JST :brdRobe: :brdRobe:
    • Matthew Lyon

    @mattly Did you tell them that it wouldn't be as fun that way or what?

    In conversation about a month ago from infosec.exchange permalink
  7. Embed this notice
    :brdRobe: (cr0w@infosec.exchange)'s status on Friday, 12-Jun-2026 06:41:10 JST :brdRobe: :brdRobe:

    Like, have y'all tried just not being so vulnerable? Maybe try that and see if the breaches stop.

    In conversation about a month ago from infosec.exchange permalink
  8. Embed this notice
    :brdRobe: (cr0w@infosec.exchange)'s status on Wednesday, 10-Jun-2026 09:48:12 JST :brdRobe: :brdRobe:

    While it's fun making fun of AI failures, be sure to attribute the failures to the orgs and people responsible, especially when talking to people outside of this bubble. We can't let them keep getting away with blaming it all on AI growing pains and not the intentional business decisions that enabled the failures.

    In conversation about a month ago from infosec.exchange permalink
  9. Embed this notice
    :brdRobe: (cr0w@infosec.exchange)'s status on Wednesday, 10-Jun-2026 08:02:18 JST :brdRobe: :brdRobe:

    If you have any Palo Alto GlobalProtect portals, maybe take a look for successful authentications from AS215540, especially 92.118.112.230, 89.185.80.144, or 89.185.80.183.

    #GAYINT

    In conversation about a month ago from infosec.exchange permalink
  10. Embed this notice
    :brdRobe: (cr0w@infosec.exchange)'s status on Tuesday, 09-Jun-2026 09:40:17 JST :brdRobe: :brdRobe:

    It's not arson, we're vibe hunting for dinner.

    In conversation about a month ago from infosec.exchange permalink

    Attachments


    1. https://media.infosec.exchange/infosec.exchange/media_attachments/files/116/717/225/378/254/688/original/e76d45d4030d756e.png
  11. Embed this notice
    :brdRobe: (cr0w@infosec.exchange)'s status on Friday, 05-Jun-2026 06:51:55 JST :brdRobe: :brdRobe:
    • Kevin Beaumont

    @GossiTheDog I already grabbed that but it's funny how quiet it's been since that listing was published. I'm still hammering it to try to get people to give a fuck about VS Code extensions but it isn't working.

    In conversation about a month ago from infosec.exchange permalink
  12. Embed this notice
    :brdRobe: (cr0w@infosec.exchange)'s status on Friday, 05-Jun-2026 06:47:34 JST :brdRobe: :brdRobe:

    That whole GitHub breach sure got quiet fast.

    In conversation about a month ago from infosec.exchange permalink
  13. Embed this notice
    :brdRobe: (cr0w@infosec.exchange)'s status on Friday, 05-Jun-2026 05:51:29 JST :brdRobe: :brdRobe:

    Reminder: Security companies exist to protect the wealthy. Community protects community.

    In conversation about a month ago from infosec.exchange permalink
  14. Embed this notice
    :brdRobe: (cr0w@infosec.exchange)'s status on Friday, 05-Jun-2026 00:55:57 JST :brdRobe: :brdRobe:
    in reply to
    • darf :BlobhajMlem:

    @darfplatypus It's not. I'm a dummy and not blissful.

    In conversation about a month ago from infosec.exchange permalink
  15. Embed this notice
    :brdRobe: (cr0w@infosec.exchange)'s status on Friday, 05-Jun-2026 00:55:56 JST :brdRobe: :brdRobe:
    in reply to
    • tehfishman
    • darf :BlobhajMlem:

    @tehfishman @darfplatypus Okay but also see

    In conversation about a month ago from infosec.exchange permalink

    Attachments


    1. https://media.infosec.exchange/infosec.exchange/media_attachments/files/116/692/585/830/542/598/original/77f748a637f0db2b.png
  16. Embed this notice
    :brdRobe: (cr0w@infosec.exchange)'s status on Thursday, 04-Jun-2026 23:54:04 JST :brdRobe: :brdRobe:
    in reply to
    • Dr. Christopher Kunz
    • Will Dormann

    @christopherkunz @wdormann Here's a new one to take a look at. I haven't gone through it and can't vouch for its legitimacy, but y'all know what you're doing more than I do anyway: https://github.com/Vanquishermacdetach/CVE-2026-41089-509

    In conversation about a month ago from infosec.exchange permalink

    Attachments

    1. Domain not in remote thumbnail source whitelist: opengraph.githubassets.com
      GitHub - Vanquishermacdetach/CVE-2026-41089-509: CVE-2026-41089 PoC — Netlogon CLDAP stack buffer overflow (CVSS 9.8 CRITICAL)
      CVE-2026-41089 PoC — Netlogon CLDAP stack buffer overflow (CVSS 9.8 CRITICAL) - Vanquishermacdetach/CVE-2026-41089-509
  17. Embed this notice
    :brdRobe: (cr0w@infosec.exchange)'s status on Wednesday, 03-Jun-2026 12:52:29 JST :brdRobe: :brdRobe:

    RE: https://infosec.exchange/@cR0w/116682616422398554

    I think what bugs me about this is:

    • They don't care.
    • It's clearly intentional.
    • We all know nothing will change.
    In conversation about a month ago from infosec.exchange permalink

    Attachments

    1. No result found on File_thumbnail lookup.
      care.it
      This domain may be for sale!
    2. No result found on File_thumbnail lookup.
      cR0w (@cR0w@infosec.exchange)
      from cR0w
      :dumpster_fire_gif: :blobcatpopcorn: :dumpster_fire_gif: https://www.kb.cert.org/vuls/id/615987 >CVE-2026-10629 Verizon IMS deployments were observed transmitting SIP signaling without integrity protection. REGISTER exchanges lacked Security-Client, Security-Server, and Security-Verify headers, and no ESP-encapsulated SIP traffic was detected during subsequent signaling such as INVITE, MESSAGE, BYE, and UPDATE. This pattern persisted across devices, operating systems, and network conditions, indicating a deliberate network configuration rather than a transient issue. >Per 3GPP TS 33.203 and GSMA IR.92, SIP signaling between the UE and P-CSCF must be protected using IPsec ESP following IMS AKA authentication, with negotiation occurring during registration. The absence of this protection allows attackers to manipulate SIP signaling undetected, enabling call hijacking, spoofing, denial-of-service, and misrouting of emergency calls. >Verizon initially acknowledged the issue and stated that integrity support would be available upon request and extended broadly later in the year. However, the company has since ceased participation in coordination, including follow-up discussions and draft review, and has not provided verifiable evidence of mitigation. As remediation remains unconfirmed, this disclosure proceeds to inform users of an ongoing security exposure. >Independent verification would require observation of successful SIP security negotiation, ESP-protected traffic, or official confirmation from Verizon.
  18. Embed this notice
    :brdRobe: (cr0w@infosec.exchange)'s status on Saturday, 30-May-2026 02:08:34 JST :brdRobe: :brdRobe:

    The amount of bluetooth shit being added to critical infrastructure systems in this the year of our cryptid 2026 is extremely concerning.

    In conversation about a month ago from infosec.exchange permalink
  19. Embed this notice
    :brdRobe: (cr0w@infosec.exchange)'s status on Saturday, 23-May-2026 07:55:37 JST :brdRobe: :brdRobe:
    in reply to
    • nyanbinary (unvalued goose)

    @nyanbinary Ask CatSalad. They figured it out.

    In conversation about a month ago from infosec.exchange permalink
  20. Embed this notice
    :brdRobe: (cr0w@infosec.exchange)'s status on Friday, 22-May-2026 04:19:04 JST :brdRobe: :brdRobe:

    EITW ../ in Trend Micro Apex One. :brdAlert:

    https://success.trendmicro.com/en-US/solution/KA-0023430

    CVE-2026-34926

    TrendAI has released updates to Apex One (on-premise), Apex One as a Service and Vision One - Standard Endpoint Protection (SEP) to resolve multiple vulnerabilities.

    In conversation about a month ago from infosec.exchange permalink

    Attachments


  • Before

User actions

    :brdRobe:

    :brdRobe:

    Analyst

    Tags
    • (None)

    Following 0

      Followers 0

        Groups 0

          Statistics

          User ID
          161036
          Member since
          18 Aug 2023
          Notices
          446
          Daily average
          0

          Feeds

          • Atom
          • Help
          • About
          • FAQ
          • TOS
          • Privacy
          • Source
          • Version
          • Contact

          GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

          Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.