GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE
  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Notices by Catalin Cimpanu (campuscodi@mastodon.social)

  1. Embed this notice
    Catalin Cimpanu (campuscodi@mastodon.social)'s status on Sunday, 27-Apr-2025 21:26:22 JST Catalin Cimpanu Catalin Cimpanu
    in reply to
    • cR0w :cascadia:

    @cR0w Is it related to this?

    https://reliaquest.com/blog/threat-spotlight-reliaquest-uncovers-vulnerability-behind-sap-netweaver-compromise/

    In conversation about a month ago from mastodon.social permalink
  2. Embed this notice
    Catalin Cimpanu (campuscodi@mastodon.social)'s status on Sunday, 27-Apr-2025 21:26:21 JST Catalin Cimpanu Catalin Cimpanu
    in reply to
    • cR0w :cascadia:

    @cR0w yeah, looks like a zero-day patch for me too

    details line up perfectly

    I wish I could see what's in that private SAP page

    In conversation about a month ago from mastodon.social permalink
  3. Embed this notice
    Catalin Cimpanu (campuscodi@mastodon.social)'s status on Sunday, 27-Apr-2025 21:26:20 JST Catalin Cimpanu Catalin Cimpanu
    in reply to
    • cR0w :cascadia:

    @cR0w looks like there's another hushed-up zero-day out there

    in CraftCMS: https://github.com/craftcms/cms/security/advisories/GHSA-f3gw-9ww9-jmc3

    In conversation about a month ago from mastodon.social permalink

    Attachments

    1. Domain not in remote thumbnail source whitelist: opengraph.githubassets.com
      Remote Code Execution
      ### Impact This is an additional fix for https://github.com/craftcms/cms/security/advisories/GHSA-4w8r-3xrw-v25g This is a high-impact, low-complexity attack vector. To mitigate the issue, us...
  4. Embed this notice
    Catalin Cimpanu (campuscodi@mastodon.social)'s status on Tuesday, 29-Oct-2024 06:52:19 JST Catalin Cimpanu Catalin Cimpanu
    • Marcus Hutchins :verified:
    • Kevin Beaumont

    @malwaretech @GossiTheDog the entire game looks dated on all platforms, yet the CoD fanboys preach it like GOTY

    In conversation about 7 months ago from mastodon.social permalink
  5. Embed this notice
    Catalin Cimpanu (campuscodi@mastodon.social)'s status on Saturday, 12-Oct-2024 07:56:42 JST Catalin Cimpanu Catalin Cimpanu

    That recent Firefox zero-day was used to target Tor Browser users

    https://blog.torproject.org/new-release-tails-6-8-1/

    In conversation about 8 months ago from mastodon.social permalink
  6. Embed this notice
    Catalin Cimpanu (campuscodi@mastodon.social)'s status on Tuesday, 17-Sep-2024 22:30:33 JST Catalin Cimpanu Catalin Cimpanu

    DMCA takedowns at GitHub and YT are a joke

    A company can get your code/video taken down in 3 nano-seconds but when you file a complaint against a big corp it takes months to "review"

    https://tech.lgbt/@obfusk/113120199714429241

    In conversation about 8 months ago from mastodon.social permalink

    Attachments

    1. No result found on File_thumbnail lookup.
      Fay 🏳️‍🌈 (@obfusk@tech.lgbt)
      from Fay 🏳️‍🌈
      Tencent ported my python 3 code to python 2. And violated my copyright by replacing my copyright notice with their own and changing the licence from GPL to BSD. I filed a DMCA takedown request with GitHub over a month ago. They said it would be processed soon but have not replied to my questions asking how much longer it will take since. https://tech.lgbt/@obfusk/112764377831333163 Update: likely as a result of all the attention this post got — thank you! — Tencent has finally responded and removed my code now; but only from the master branch, so they are still distributing it in e.g. existing releases.
  7. Embed this notice
    Catalin Cimpanu (campuscodi@mastodon.social)'s status on Saturday, 14-Sep-2024 11:45:41 JST Catalin Cimpanu Catalin Cimpanu

    This account is now on delete posts older than a week.

    In conversation about 9 months ago from mastodon.social permalink
  8. Embed this notice
    Catalin Cimpanu (campuscodi@mastodon.social)'s status on Saturday, 14-Sep-2024 11:45:08 JST Catalin Cimpanu Catalin Cimpanu

    CrowdStrike ex-employees: ‘Quality control was not part of our process’

    https://www.semafor.com/article/09/12/2024/ex-crowdstrike-employees-detail-rising-technical-errors-before-july-outage

    In conversation about 9 months ago from mastodon.social permalink
  9. Embed this notice
    Catalin Cimpanu (campuscodi@mastodon.social)'s status on Friday, 13-Sep-2024 02:37:08 JST Catalin Cimpanu Catalin Cimpanu

    Ok, so this is very clever.

    Some infostealer devs are forcing browsers to enter in Kiosk Mode and forcing users to enter credentials on legitimate sites.

    Once entered, they are stored in Chrome's password manager, from where the passwords can be easily extracted

    https://research.openanalysis.net/credflusher/kiosk/stealer/stealc/amadey/autoit/2024/09/11/cred-flusher.html

    In conversation about 9 months ago from mastodon.social permalink
  10. Embed this notice
    Catalin Cimpanu (campuscodi@mastodon.social)'s status on Thursday, 12-Sep-2024 01:10:22 JST Catalin Cimpanu Catalin Cimpanu

    Newsletter: https://news.risky.biz/risky-biz-news-uk-nca-on-its-knees-bleeding-staff-seriously-underpaid/
    Podcast: https://risky.biz/RBNEWS333/

    -UK NCA "on its knees," bleeding staff, seriously underpaid
    -Poland's Pegasus inquiry reaches a roadblock
    -Poland disrupts Russian cyber-saboteurs
    -Americans lost $5.6 billion to crypto-fraud last year
    -US arrests Terrorgram admins
    -Sextortion gang charged
    -Australia to introduce minimum age for social media
    -Russian to invest $650mil in national firewall
    -Wix leaves Russia
    -Ford seeks new car-spying patent

    In conversation about 9 months ago from mastodon.social permalink

    Attachments


    1. https://files.mastodon.social/media_attachments/files/113/118/202/874/552/102/original/ae13e0bb8d05ce3e.png
    2. Domain not in remote thumbnail source whitelist: news.risky.biz
      Risky Biz News: UK NCA "on its knees," per recent report
      In other news: Poland's Pegasus inquiry reaches a roadblock; Americans lost $5.6 billion to crypto-fraud last year; US arrests Terrorgram admins.

  11. Embed this notice
    Catalin Cimpanu (campuscodi@mastodon.social)'s status on Sunday, 08-Sep-2024 23:13:07 JST Catalin Cimpanu Catalin Cimpanu

    Google has removed the TENET Media YouTube channel after the DOJ indictment revealed the organization took money from Russia to publish Kremlin propaganda

    https://therecord.media/youtube-removes-tenet-media-russian-ties

    In conversation about 9 months ago from mastodon.social permalink
  12. Embed this notice
    Catalin Cimpanu (campuscodi@mastodon.social)'s status on Sunday, 08-Sep-2024 11:59:03 JST Catalin Cimpanu Catalin Cimpanu

    I just removed a bookmark from by browser toolbar after two decades

    Yes, I said two decades 😭 😭 😭 😭 😭

    Damn, I'm actually old now

    In conversation about 9 months ago from mastodon.social permalink
  13. Embed this notice
    Catalin Cimpanu (campuscodi@mastodon.social)'s status on Thursday, 05-Sep-2024 04:36:31 JST Catalin Cimpanu Catalin Cimpanu

    Telegram has removed multiple channels hosting deepfake porn starring local South Korean women.

    The company apologized for its late response to the police's request and provided authorities with a dedicated email where they can report future crimes.

    It's a surprise how responsive to law enforcement investigations a platform can get after you arrest its CEO. Shocking, right? :nigmathink: :nigmathink: :nigmathink: :nigmathink:

    https://en.yna.co.kr/view/AEN20240903008900320

    In conversation about 9 months ago from mastodon.social permalink

    Attachments

    1. No result found on File_thumbnail lookup.
      CRIMES.IT
    2. Domain not in remote thumbnail source whitelist: img4.yna.co.kr
      Telegram apologizes for handling of deepfake porn content in S. Korea | Yonhap News Agency
      from Kim Na-young
      SEOUL, Sept. 3 (Yonhap) -- South Korea's media regulator said Tuesday encrypted messa...
  14. Embed this notice
    Catalin Cimpanu (campuscodi@mastodon.social)'s status on Wednesday, 04-Sep-2024 03:38:49 JST Catalin Cimpanu Catalin Cimpanu

    D-Link says it won't patch four recently discovered vulnerabilities impacting a line of now discontinued SOHO routers (DIR-846)

    All four bugs are critical RCEs

    https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10411

    In conversation about 9 months ago from mastodon.social permalink
  15. Embed this notice
    Catalin Cimpanu (campuscodi@mastodon.social)'s status on Saturday, 31-Aug-2024 09:52:33 JST Catalin Cimpanu Catalin Cimpanu

    The city of Columbus sues a security researcher who exposed the administration for lying about a recent ransomware attack

    https://www.10tv.com/article/news/local/city-columbus-sues-cybersecurity-expert/530-fc59233d-39cb-463f-9454-0234f1c8cced

    In conversation about 9 months ago from mastodon.social permalink
  16. Embed this notice
    Catalin Cimpanu (campuscodi@mastodon.social)'s status on Saturday, 31-Aug-2024 08:27:17 JST Catalin Cimpanu Catalin Cimpanu

    NSA will launch a podcast:

    https://pca.st/yx9w8c4v

    In conversation about 9 months ago from mastodon.social permalink
  17. Embed this notice
    Catalin Cimpanu (campuscodi@mastodon.social)'s status on Tuesday, 27-Aug-2024 06:00:58 JST Catalin Cimpanu Catalin Cimpanu

    "My gut says Telegram is an FSB operation."

    I'm glad someone else says it and lays down the arguments for it.

    https://blog.thc.org/keep-pavel-durov-locked-up

    In conversation about 9 months ago from mastodon.social permalink
  18. Embed this notice
    Catalin Cimpanu (campuscodi@mastodon.social)'s status on Thursday, 22-Aug-2024 09:05:01 JST Catalin Cimpanu Catalin Cimpanu

    Holy f***ing s**t!

    I need 250GB to update Call of Duty!

    What tf is wrong with that company's engineers!!!!

    In conversation about 9 months ago from mastodon.social permalink
  19. Embed this notice
    Catalin Cimpanu (campuscodi@mastodon.social)'s status on Monday, 19-Aug-2024 00:35:40 JST Catalin Cimpanu Catalin Cimpanu

    Latest CrowdStrike threat actor naming scheme

    Source/PDF: https://go.crowdstrike.com/rs/281-OBQ-266/images/24-MA-099_2024-Threat-Hunting-Report_11.pdf

    In conversation about 9 months ago from mastodon.social permalink

    Attachments


    1. https://files.mastodon.social/media_attachments/files/112/983/389/402/567/411/original/5638006f42920574.png

  20. Embed this notice
    Catalin Cimpanu (campuscodi@mastodon.social)'s status on Sunday, 18-Aug-2024 21:00:43 JST Catalin Cimpanu Catalin Cimpanu

    There's more accurate information online on how to contact Cristiano Ronaldo than my own electricity provider :hurb: :hurb: :hurb: :hurb: :hurb: :hurb: :hurb: :hurb:

    In conversation about 9 months ago from mastodon.social permalink

    Attachments


    1. https://files.mastodon.social/media_attachments/files/112/982/851/299/463/391/original/82ef244a3760d45a.png
  • Before

User actions

    Catalin Cimpanu

    Catalin Cimpanu

    Cybersecurity reporter for Risky Business#infosec #cybersecurity #security

    Tags
    • (None)

    Following 0

      Followers 0

        Groups 0

          Statistics

          User ID
          22592
          Member since
          10 Nov 2022
          Notices
          128
          Daily average
          0

          Feeds

          • Atom
          • Help
          • About
          • FAQ
          • TOS
          • Privacy
          • Source
          • Version
          • Contact

          GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

          Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.