Notices by cR0w :cascadia: (cr0w@infosec.exchange), page 2

@briankrebs Everything's getting taken down. What's left to hack? Shit we actually need to stay operational like utilities?

Veeam isn't used to protect anything important, right? So a sev:CRIT 9.9 RCE shouldn't be a big deal.

https://www.veeam.com/kb4724

A vulnerability allowing remote code execution (RCE) by authenticated domain users.

But it's cool because they're going to blame it on their customers:

Note: This vulnerability only impacts domain-joined backup servers, which is against the Security & Compliance Best Practices.

https://nvd.nist.gov/vuln/detail/CVE-2025-23120

@kajer Yes please! I'd also like some 169.254.0.0/16 if you've got them.

@kajer If you're handing out certs like that, where can I put in my requests? 😈

@kajer @ryanc Yes! I'll get the popcorn.

@silverwizard INFOSEC as an industry is bad. INFOSEC as a practice, such as encrypted comms while searching for Bigfoot, is good.

People keep posting about destroying or getting rid of Alexa devices because of the blatant creepiness, but I wonder if it would be better to leave them in a box or something away from people with an AM radio playing different stations 24 / 7. I don't know enough about how the Alexa devices work but the idea of creating noise for their creepiness to parse through entertains me.

https://arstechnica.com/gadgets/2025/03/everything-you-say-to-your-echo-will-be-sent-to-amazon-starting-on-march-28/

I knew it was coming but it still sucks. 😡

Being interviewed for someone's clearance six years ago:

Interviewer: Has $subject ever been a part of a plot to overthrow the US government?

Me: HAHA. No.

Interviewer: HAHA. Yeah, I know. We have to ask though.

Being interviewed for someone's clearance three years ago:

Interviewer: Has $subject ever been a part of a plot to overthrow the US government?

Me: No.

Interviewer: Good.

Being interviewed for someone's clearance now:

Interviewer: Has $subject ever been a part of a plot to overthrow the US government?

Me: No.

Interviewer: That's too bad. Thanks for your time.

This is a big deal because I was told ( unofficially, grain of salt ) that Niantic was specifically collecting the location data from Ingress and Pokemon Go in order to map all types of travel routes for certain defense operations. For example: if 20 players walked 20 different routes through a park while playing, all 20 routes and their overlap is now mapped as foot paths. If it thought you were on a bike, in a car, etc. those routes are mapped, regardless of whether they were on actual trails or roads or private property. See where I'm going with my concern here?

https://www.404media.co/saudi-arabia-buys-pokemon-go-and-probably-all-of-your-location-data/

@Sempf WTF is this "maybe" shit? You can't just dangle that out there and hide it behind your back again. We're not cats. Well, we're not all cats.

The Pihole and uBlock projects get a lot of love, as they should, but shout out to the people maintaining the lists for those adblocking projects and others. I just realized that unless you are involved in those kinds of efforts, most people don't even know that work is going on by, as far as I can tell, volunteers. 🍻

@da_667

Between ingesting private repos into Copilot and the high-profile infostealer this week, on top of the whole American ownership thing, I can't believe there isn't more open discussion about getting off GitHub completely so the entire domain can be blocked.

@richi Ban all network gear with "link" anywhere in its name.

@GossiTheDog I'm sure they're just honeypots and not actually vulnerable corp access points...

@da_667 @GossiTheDog Or allowing users to log into browsers with their personal profiles because they say it's easier for them.

So Microsoft Edge is moving to MV3, disabling the best ad blocking protections available to end users, at the same time Microsoft Security pats itself on the back for taking down malware that has been hosted on Microsoft GitHub long enough to infect 1 million browsers through malicious ads that could have been easily blocked by MV2 ad blockers. Did I get that right? Just making sure.

https://www.bleepingcomputer.com/news/security/microsoft-says-malvertising-campaign-impacted-1-million-pcs/

@GossiTheDog I thought this one was discussed when it came out because MSRC changed it from exploited:no to exploited:yes the day after it was originally published. I think it was in a screaminggoat thread though so I can't search for it anymore.

@jerry I'm not a financial person, but with the craziness going on, it feels like even the historically safe money markets and bonds are no longer safe. Is that your understanding too?