GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE
  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Notices by Tod Beardsley (todb@infosec.exchange)

  1. Embed this notice
    Tod Beardsley (todb@infosec.exchange)'s status on Sunday, 25-May-2025 03:48:44 JST Tod Beardsley Tod Beardsley

    Say, what's the first major-release film to mention either "the internet" or "the world wide web?"

    (Or, alternatively, "DNS" or "SMTP" or "TCP/IP" or other uniquely internet technology, though that seems doubtful.)

    And I mean mention as in, either in dialogue or printed and shown on screen in a newspaper or something.

    There's a kind of annoying reddit thread about this that's not very helpful and is fixated on WarGames which definitely doesn't talk about the internet (all the comms in that movie are over dialup).

    A timestamp reference would be just great if you have it.

    In conversation about 7 days ago from infosec.exchange permalink
  2. Embed this notice
    Tod Beardsley (todb@infosec.exchange)'s status on Thursday, 22-May-2025 10:33:04 JST Tod Beardsley Tod Beardsley
    in reply to
    • scriptjunkie

    @sj I mean there definitely were millions of "extra" deaths due to Covid, so it's strange that they're not reflected. Not enough to move the needle on long-term projections?

    Source? How is this measured? (Life expectancy charts I've seen are usually in the context of the year a given population is born in, location and gender matters a lot, etc etc.)

    In conversation about 10 days ago from infosec.exchange permalink
  3. Embed this notice
    Tod Beardsley (todb@infosec.exchange)'s status on Thursday, 22-May-2025 10:33:04 JST Tod Beardsley Tod Beardsley
    in reply to
    • scriptjunkie

    @sj huh will you look at that.

    Maybe the net benefits of widespread masking and handwashing? Less road travel in 2020 (and beyond thanks to WFH normalization?)

    Covid-19 changed a lot of day-to-day life.

    In conversation about 10 days ago from infosec.exchange permalink
  4. Embed this notice
    Tod Beardsley (todb@infosec.exchange)'s status on Tuesday, 13-May-2025 04:11:32 JST Tod Beardsley Tod Beardsley

    #CISA adds CVE-2025-47729 to the #KEV -- which is for the crazy hacked up version of Signal used by high-ranking US government officials.

    Wowzo. That's something.

    https://www.cve.org/CVERecord?id=CVE-2025-47729

    In conversation about 19 days ago from infosec.exchange permalink
  5. Embed this notice
    Tod Beardsley (todb@infosec.exchange)'s status on Tuesday, 13-May-2025 00:57:31 JST Tod Beardsley Tod Beardsley

    #CISA ends RSS for #KEV. Sigh.

    https://www.cisa.gov/news-events/alerts/2025/05/12/update-how-cisa-shares-cyber-related-alerts-and-notifications

    In conversation about 19 days ago from infosec.exchange permalink
  6. Embed this notice
    Tod Beardsley (todb@infosec.exchange)'s status on Thursday, 08-May-2025 04:04:37 JST Tod Beardsley Tod Beardsley

    so close #CISA.

    In conversation about 24 days ago from infosec.exchange permalink

    Attachments


    1. https://media.infosec.exchange/infosec.exchange/media_attachments/files/114/468/070/726/514/583/original/45a5c3c24bb620d6.png
  7. Embed this notice
    Tod Beardsley (todb@infosec.exchange)'s status on Wednesday, 30-Apr-2025 05:31:11 JST Tod Beardsley Tod Beardsley

    Welp. Let’s see which way this room goes.

    In conversation about a month ago from infosec.exchange permalink

    Attachments


    1. https://media.infosec.exchange/infosec.exchange/media_attachments/files/114/423/125/242/360/613/original/a4ac9c38051802f3.jpeg
  8. Embed this notice
    Tod Beardsley (todb@infosec.exchange)'s status on Sunday, 27-Apr-2025 10:05:28 JST Tod Beardsley Tod Beardsley

    I’m always happy to take an opportunity to save an early-carreer netsec neophyte from the heartache of the totally fake and not real OSI model.

    #BSidesSF

    In conversation about a month ago from infosec.exchange permalink
  9. Embed this notice
    Tod Beardsley (todb@infosec.exchange)'s status on Thursday, 17-Apr-2025 21:08:18 JST Tod Beardsley Tod Beardsley

    l feel like i’m going to be using this a lot

    In conversation about a month ago from infosec.exchange permalink

    Attachments


    1. https://media.infosec.exchange/infosec.exchange/media_attachments/files/114/345/087/526/277/853/original/b59dc3f1a3157fc0.jpeg
  10. Embed this notice
    Tod Beardsley (todb@infosec.exchange)'s status on Friday, 28-Mar-2025 02:56:03 JST Tod Beardsley Tod Beardsley

    Greetings, Montrealers! I'll be talking about VibeSploitation at NorthSec, May 15 or 16th. More to come!

    Salutations, Montréalais! Je parlerai de VibeSploitation à NorthSec, le 15 ou le 16 mai. Plus à venir !

    https://nsec.io

    In conversation about 2 months ago from infosec.exchange permalink
  11. Embed this notice
    Tod Beardsley (todb@infosec.exchange)'s status on Tuesday, 25-Mar-2025 10:02:13 JST Tod Beardsley Tod Beardsley

    There's going to be a lot of confused attackers and scanners over the next couple days.

    More: https://www.runzero.com/blog/ingress-nightmare/

    In conversation about 2 months ago from infosec.exchange permalink

    Attachments


    1. https://media.infosec.exchange/infosec.exchange/media_attachments/files/114/220/323/770/331/037/original/68a2944eb603f349.png
    2. Domain not in remote thumbnail source whitelist: www.runzero.com
      How to find Kubernetes Ingress-NGINX Controller installations on your…
      from @runzeroinc
      On March 24th, Wiz and Kubernetes disclosed a pre-authentication remote code execution attack chain. Here's how to find Ingress-NGINX controller…
  12. Embed this notice
    Tod Beardsley (todb@infosec.exchange)'s status on Sunday, 09-Mar-2025 03:46:00 JST Tod Beardsley Tod Beardsley
    in reply to

    now, an \0x27 in this URL feels like a crime against polite society.

    https://www.classy.org/event/creative-commons'-open-house-for-an-open-future/e663144

    #sxsw2025

    In conversation about 3 months ago from infosec.exchange permalink

    Attachments


  13. Embed this notice
    Tod Beardsley (todb@infosec.exchange)'s status on Sunday, 09-Mar-2025 03:46:00 JST Tod Beardsley Tod Beardsley

    Neat

    https://en.m.wikipedia.org/wiki/G0v_movement

    at an open house with these folks right now at #sxsw2025

    more: https://www.classy.org/event/creative-commons'-open-house-for-an-open-future/e663144

    In conversation about 3 months ago from infosec.exchange permalink

    Attachments


  14. Embed this notice
    Tod Beardsley (todb@infosec.exchange)'s status on Thursday, 06-Mar-2025 12:21:14 JST Tod Beardsley Tod Beardsley

    On March 12, join @wingz3ro and me as we expose the seedy underbelly of exploits, espionage, and crime on the internet at #SXSW

    Also, there will be costumes - we’ve been in a noir mood lately.

    https://schedule.sxsw.com/2025/events/PP153751

    In conversation about 3 months ago from infosec.exchange permalink
  15. Embed this notice
    Tod Beardsley (todb@infosec.exchange)'s status on Saturday, 08-Feb-2025 00:42:31 JST Tod Beardsley Tod Beardsley

    Archived version of the quoted The Atlantic article is here:

    https://archive.ph/2025.02.07-140733/https://www.theatlantic.com/technology/archive/2025/02/elon-musk-doge-security/681600/

    Unrelated: If you believe there has been an intrusion in a US government system, you are encouraged to report it at https://cisa.gov/report
    https://journa.host/@w7voa/113963205109936094

    In conversation about 4 months ago from infosec.exchange permalink

    Attachments


    1. No result found on File_thumbnail lookup.
      Steve Herman (@w7voa@journa.host)
      from Steve Herman
      The Atlantic - Four government IT employees say Elon Musk's incursion into the US government may be worse than anyone realizes: “This is the largest data breach and the largest IT security breach in our country’s history." https://www.theatlantic.com/technology/archive/2025/02/elon-musk-doge-security/681600/
  16. Embed this notice
    Tod Beardsley (todb@infosec.exchange)'s status on Wednesday, 29-Jan-2025 07:22:12 JST Tod Beardsley Tod Beardsley

    So check it out. KEV data is now available on GitHub, in the proper cisagov organization. I know other people mirror KEV for their projects, but who can say if they're fiddling with it along the way? With https://github.com/cisagov/kev-data, you can rest assured that it's the Real and True mirror of KEV.

    https://cisa.gov/kev is still the actual authoritative source, but this GitHub mirror is a pretty close second.

    I posted about this on LinkedIn since that's what people do with work stuff, apparently.

    In conversation about 4 months ago from infosec.exchange permalink

    Attachments

    1. Domain not in remote thumbnail source whitelist: opengraph.githubassets.com
      GitHub - cisagov/kev-data: Mirror of cisa.gov/kev data files
      Mirror of cisa.gov/kev data files. Contribute to cisagov/kev-data development by creating an account on GitHub.
  17. Embed this notice
    Tod Beardsley (todb@infosec.exchange)'s status on Friday, 03-Jan-2025 01:50:01 JST Tod Beardsley Tod Beardsley

    98 KEVs to go until KEV #1337

    Hopefully it'll be a good one.

    In conversation about 5 months ago from infosec.exchange permalink
  18. Embed this notice
    Tod Beardsley (todb@infosec.exchange)'s status on Thursday, 28-Nov-2024 12:12:34 JST Tod Beardsley Tod Beardsley
    in reply to
    • sjvn

    @sjvn and even though nearly everyone believes archive.org is an unmitigated good, I have yet to see a single tech billionaire, of which there are several, step up and just peel off some millions to help out. Not one.

    In conversation about 6 months ago from infosec.exchange permalink

    Attachments

    1. No result found on File_thumbnail lookup.
      Internet Archive: Digital Library of Free & Borrowable Books, Movies, Music & Wayback Machine
  19. Embed this notice
    Tod Beardsley (todb@infosec.exchange)'s status on Thursday, 28-Nov-2024 09:43:57 JST Tod Beardsley Tod Beardsley

    I’m not pirating movies, I’m just training my model.

    In conversation about 6 months ago from infosec.exchange permalink
  20. Embed this notice
    Tod Beardsley (todb@infosec.exchange)'s status on Monday, 02-Sep-2024 23:45:58 JST Tod Beardsley Tod Beardsley

    So this is neat.

    1) Some (all?) antispam/counterphishing email scanners are blind to #QRCode content.

    2) You can draw working QRCodes with Unicode character sets, thus avoiding an image parser entirely, even if the scanner could process images in the first place.

    3) By providing QRCode links, the attacker encourages the victim to use their personal device rather than the workstation, making defensive tracking more complicated.

    I think it’s hilarious that a format designed SPECIFICALLY for machine vision is being used to evade machine interpretation.
    https://infosec.exchange/@patrickcmiller/113067302631450126

    In conversation about 9 months ago from infosec.exchange permalink

    Attachments

    1. No result found on File_thumbnail lookup.
      Patrick C Miller :donor: (@patrickcmiller@infosec.exchange)
      from Patrick C Miller :donor:
      New QR Code Phishing Campaign Exploits Microsoft Sway to Steal Credentials https://thehackernews.com/2024/08/new-qr-code-phishing-campaign-exploits.html
  • Before

User actions

    Tod Beardsley

    Tod Beardsley

    Shmethical #Hacker. #Research mucky-muck at @runzero. #Election Judge. #CVE bagman. #Metasploit collaborator. Briefly a fed. #FriendofDeSoto. #Podcaster #fedi22-findableAll subpoenas, warrants, contracts, and other linguistic puzzles should be directed to my attorney, @hotdogitsclaire.I post here for me, mostly around #infosec / #cybersecurity. Sometimes I post work stuff.Intro: https://infosec.exchange/@todb/109270457002321619

    Tags
    • (None)

    Following 0

      Followers 0

        Groups 0

          Statistics

          User ID
          29830
          Member since
          18 Nov 2022
          Notices
          36
          Daily average
          0

          Feeds

          • Atom
          • Help
          • About
          • FAQ
          • TOS
          • Privacy
          • Source
          • Version
          • Contact

          GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

          Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.