Public
- Public
- Network
- Groups
- Featured
- Popular
- People

Notices by cR0w (cr0w@infosec.exchange), page 4

Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Sunday, 19-Oct-2025 10:08:26 JST cR0w
in reply to
@catsalad @prettygood Interestingly, what I noticed was that even the poop-adjacent ran disconnecting all cables from the D-Link. It's almost like they know what @Dio9sys and @da_667 know.

In conversation about 3 months ago from infosec.exchange permalink
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Sunday, 19-Oct-2025 10:08:06 JST cR0w
in reply to
- Cat 🐈🥗 (D.Burch) :paw:⁠:paw:
- prettygood
@catsalad @prettygood Okay but did you find it?

In conversation about 3 months ago from infosec.exchange permalink
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Sunday, 19-Oct-2025 09:55:48 JST cR0w
in reply to
- Cat 🐈🥗 (D.Burch) :paw:⁠:paw:
- prettygood
@prettygood @catsalad Is it even shitposting if you're not hey a squirrel!

In conversation about 3 months ago from infosec.exchange permalink
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Wednesday, 15-Oct-2025 02:50:09 JST cR0w
in reply to
- 7666
@7666 I wasn't implying that you were lying. I was asking because I am not an actual CISSP.

In conversation about 3 months ago from infosec.exchange permalink
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Wednesday, 15-Oct-2025 02:49:35 JST cR0w
in reply to
- 7666
@7666 But are you an actual CISSP?

In conversation about 3 months ago from infosec.exchange permalink
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Wednesday, 15-Oct-2025 02:49:20 JST cR0w

Yeah, I'm a CISSP: Certified Information Security Shit Poster.

In conversation about 3 months ago from infosec.exchange permalink
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Saturday, 11-Oct-2025 05:11:15 JST cR0w

RE: https://infosec.exchange/@da_667/115351550577837727
Phishing testing as it's implemented is checkbox wanker bullshit and I love any time people help other people fuck with it.
In conversation about 4 months ago from infosec.exchange permalink
Attachments
1. No result found on File_thumbnail lookup.
  
  da_667 (@da_667@infosec.exchange)
  
  from da_667
  
  How to tell a phishing exercise domain is a phishing exercise domain: The SSL certificate specifies a Subject Alternative Names list that is a fucking novel.
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Friday, 10-Oct-2025 16:13:07 JST cR0w
in reply to
- darf :BlobhajMlem:
@darfplatypus
In conversation about 4 months ago from infosec.exchange permalink
Attachments
1. A human hand on a keyboard with a cat's paw on top of it with the text "It's time to stop posting."
  https://media.infosec.exchange/infosec.exchange/media_attachments/files/115/348/009/504/316/529/original/84ecaab201e93d8c.jpg
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Friday, 10-Oct-2025 16:13:06 JST cR0w
in reply to
- darf :BlobhajMlem:
@darfplatypus https://pewpew.gayint.org ?
In conversation about 4 months ago from infosec.exchange permalink
Attachments
1. Domain not in remote thumbnail source whitelist: blog.gayint.org
  
  Pew Pew Pew Pew
  
  Real time view of the cyber pewpews.
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Friday, 10-Oct-2025 16:13:06 JST cR0w
in reply to
- darf :BlobhajMlem:
@darfplatypus
In conversation about 4 months ago from infosec.exchange permalink
Attachments
1. Death generator of Doug on a pay phone saying "Hello, feds?"
  https://media.infosec.exchange/infosec.exchange/media_attachments/files/115/348/018/018/250/905/original/1fbba76ccf566efd.png
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Wednesday, 08-Oct-2025 13:01:07 JST cR0w

My partner bought a dog treat bag and it came with a training clicker. I wouldn't even think twice about it if it weren't for this lovely, educational place. But you better believe I'm taking this thing to conferences to see who responds to it.

In conversation about 4 months ago from infosec.exchange permalink
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Wednesday, 08-Oct-2025 00:55:57 JST cR0w
- Matthew Lyon
@mattly Feels weirdly similar to another ongoing discourse in tech... 🤔

In conversation about 4 months ago from infosec.exchange permalink
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Wednesday, 08-Oct-2025 00:02:15 JST cR0w

Example eleventy billion that we could easily get rid of most phishing, and therefore most breaches, simply by going back to plain text email.
https://blog.talosintelligence.com/too-salty-to-handle-exposing-cases-of-css-abuse-for-hidden-text-salting/

In conversation about 4 months ago from infosec.exchange permalink
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Tuesday, 07-Oct-2025 03:43:13 JST cR0w
- Matthew Lyon
@mattly :dumpster_fire_gif: :coolhhHHAAAHHH: :dumpster_fire_gif:

In conversation about 4 months ago from infosec.exchange permalink
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Tuesday, 07-Oct-2025 03:39:18 JST cR0w

I'm still waiting to have someone explain to me how the security controls, processes, and procedures are somehow different for emails composed by an LLM vs by a human. I simply don't understand why I'm supposed to give a fuck about AI-assisted phishing.

In conversation about 4 months ago from infosec.exchange permalink
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Tuesday, 07-Oct-2025 03:38:43 JST cR0w
- Matthew Lyon
@mattly Oh. Oh no. That sounds like a horrible thing that shouldn't exist.

In conversation about 4 months ago from infosec.exchange permalink
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Friday, 03-Oct-2025 02:14:26 JST cR0w

Fedi in a nutshell.
In conversation about 4 months ago from infosec.exchange permalink
Attachments
1. Drawing of a character with a bow tie and an angry expression and a pointy crotch bulge. Below it is the text "Despair but also an erection."
  https://media.infosec.exchange/infosec.exchange/media_attachments/files/114/633/166/683/362/048/original/786976e3fa8f58db.png
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Thursday, 02-Oct-2025 03:11:54 JST cR0w

Not sure how I'll top last year's pumpkin in both spookiness and confusion of the neighbors.
#directoryTraversalMemes
In conversation about 4 months ago from infosec.exchange permalink
Attachments
1. A jack-o-lantern but instead of a face it has a ../ carved into it.
  https://media.infosec.exchange/infosec.exchange/media_attachments/files/115/300/220/713/677/847/original/5e857bebf6cafca0.png
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Sunday, 28-Sep-2025 03:09:45 JST cR0w
in reply to
- Bill
@Sempf
🎶 The best part of waking up
Is screaming What The Fuck 🎶

In conversation about 4 months ago from infosec.exchange permalink
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Friday, 26-Sep-2025 06:43:10 JST cR0w

A backdoored MCP? I'm shocked. Shocked! Well, not that shocked.
https://www.koi.security/blog/postmark-mcp-npm-malicious-backdoor-email-theft
Since version 1.0.16, it's been quietly copying every email to the developer's personal server. I'm talking password resets, invoices, internal memos, confidential documents - everything.

In conversation about 4 months ago from infosec.exchange permalink

After
Before

User actions

Just another analyst chasing squirrels and pretending to know things.Anything stupid I say can and should be blamed on #AI. I mean, I don't intentionally use AI products, but if the AI snakeoilers can take credit for the things other people produce, they can also take the blame.

Tags