Notices by da_667 (da_667@infosec.exchange), page 2

tried using the choco windows package manager and hahaha this is the dumbest fucking thing I've ever used.

spite is the catalyst be which miracles are born.

You can call me a sensationalist, or that I don't know what I'm talking about. That's fine. I don't care. still fucking hate cloudflare. still doesn't feel right.

Go to the cloud they said, they won't log your passwords, they said. ItS a TrUsTeD cOmPuTiNg EnViRoNmEnT

https://benjojo.co.uk/u/benjojo/h/cR4dJWj3KZltPv3rqX

consider everything that cloudflare has done with their position of power so far:

-protected nazis
-forwarded abuse claims to nazis for them to hunt the ones making the claims
-hatespeech? more like freeze peach. (Re: kiwi farms bullshit)
-DNS over HTTPS having no garuntees of privacy anywhere
-DoH being used for massive malware campaigns, and no commitments to actually hunt down malicious infrastructure
-cloudflare workers, tunnels and various other services often hosting malware, but then doing fuck-all about it because "Hey, we don't actually host malware"

So, would mishandling passwords really surpise anyone? but don't worry, "we're quirky because lava lamps, lol."

@GossiTheDog Honest to god, this is still the most chill social network out of the options available.

If the worst I have to complain about is "Mastodon HOA" that is considerably better than the feeling of dread and self-loathing that is watching people cut into you and one another for their 15 minutes of fame constantly.

smoke 'em if you got 'em.

all I hear on my server is REEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE as I make two out of the twenty cores lose their shit compiling software in a VM.

idle cores :blobcat: :blobcat: :blobcat: :blobcat: :blobcat: :blobcat: :blobcat: :blobcat: :blobcat: :blobcat: :blobcat: :blobcat: :blobcat: :blobcat: :blobcat: :blobcat: :blobcat: :blobcat:

not-idle-cores: :blobcathyper2: :blobcathyper2:

and here I am installing 2GB of updates to kali, installing docker-compose, and installing dtale to throw and capture pcaps. This monday is moving already.

@GossiTheDog Not quite sure how I missed your POC the first time around, but I just added coverage in the ET ruleset for both Snort and Suricata. Rules will be out this evening in our daily rule release. Cheers and thank you.

Suricata:

alert http any any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS Cisco ASA/FTD Memory Leak Attempt (CVE-2020-3259)"; flow:established,to_server; http.method; content:"GET"; http.uri; bsize:>800; content:"|2b|CSCOE|2b|/sdesktop/webstart.xml|3f|"; fast_pattern; content:"|25|p"; endswith; reference:url,github.com/GossiTheDog/Exploits/blob/main/Cisco-CVE-2020-3259.sh; reference:cve,2020-3259; classtype:attempted-admin; sid:1; rev:1;)

Snort:

alert tcp any any -> $HOME_NET $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS Cisco ASA/FTD Memory Leak Attempt (CVE-2020-3259)"; flow:established,to_server; content:"GET"; http_method; urilen:>800; content:"|2b|CSCOE|2b|/sdesktop/webstart.xml|3f|"; fast_pattern:0,20; content:"|25|p"; distance:0; reference:url,github.com/GossiTheDog/Exploits/blob/main/Cisco-CVE-2020-3259.sh; reference:cve,2020-3259; classtype:attempted-admin; sid:1; rev:1;)

@GossiTheDog Been beating this drum for years. Infostealers are a huge threat because of crossing the streams. whether its byod, or wfh with a company asset, and your kid decides that downloading and running free_robux.toteslegit.exe on your work laptop with saved passwords in the browser is totally fine.

@soatok

Hey, Binary Defense is hiring for a Threat Hunting team lead. They reached out to me to extend an offer, but I'm happy where I'm at right now.

https://recruiting.paylocity.com/Recruiting/Jobs/Details/2999831

and because this isn't listed anywhere on the information about the position, this is the information I was able to get out their hiring person:

The max salary for this position is $165k plus 10% bonus, stock options, 401k match, full benefits and unlimited vacation days.

The position is fully remote, and unfortunately, I have no information as to whether or not they support international candidates.

Please note I'm sharing all the information I can here. Please don't reach out to me with more questions, but also good luck in your endeavors.

@reverseics

THEN FUCKING PAY FOR THE DATA.

https://arstechnica.com/tech-policy/2025/01/ai-haters-build-tarpits-to-trap-and-trick-ai-scrapers-that-ignore-robots-txt/

today it is wednesday

Tik-Tok ban upheld? Good, now do X for election interference and facebook reels because its just as shit as tik-tok ever was.

Oh, you won't do that because Mark and Elon are puppeteering the government so hard, their hands are literally up the president's ass? who would've guessed.

my wife was re-watching twilight last night.

"Your skin is ice cold. You barely drink. You avoid the sunlight."

"Say it. What am I?"

Me: "A security researcher"

@halva @puppygirlhornypost2 save as -> SAP.txt

@halva @puppygirlhornypost2

enterprise grade means never having to say you're sorry.

https://redrays.io/blog/critical-sap-businessobjects-authentication-vulnerability-cve-2024-41730/