@BetoOnSecurity@tr3ndki11@horse I don't know how, I don't know when, but when the time is right, I plan on trying to acquire land *somewhere* in northern michigan.
When we moved in 2017, the previous owners listed that they put in hardwood floors. Well... that's not expressly true. They put in a cheap, hardwood look-alike called pergo.
Most sites say that pergo is resilient but this shit... scratches at the slightest provocation. Not only that, its a very dark wood color so the scratches show up quite easily. On top of that we got bassetts that shed very frequently. Wet spots from going on and outside show up easily, fur shows up easily against the material, etc. I clean it weekly, and I swear, an hour later, its like I didn't do a fuckin' thing.
so we want to replace both the floor molding around our house, and get rid of the pergo.
Hey folks, I've been hearing a lot of ruminations about a potential wave of ransomware/wiper malware wiping ESXi servers using CVE 2021-21974 - OpenSLP.
I managed to put together a signature for it, and I'm really fucking proud of how it all came together so fast. The rule will be out with tonight's ETOPEN rule release -- that means the rule will be available for snort 2.9.x, Suri4, and Suri5+
@silverwizard it frustrates me to no fucking end, that DoH was opt-in by default on all new installs of Chrome and firefox, completely bypassing any filtering the user may have had set up. Hope you have ublock origin installed.
I want you to consider that nowhere in the RFC is privacy mentioned as a primary design goal of DoH. The only two goals are first-hop integrity, and bringing DNS resolution to the application.
So you have some measure of privacy/integrity to the DoH server, but no idea whether whether or not, or to whom they're giving your DNS queries to.
On top of that, bringing DNS resolution into the web application is going to have implications with regards to ad blocking.
With the sunsetting of manifest V2, and supposedly limiting the effectiveness of ad blockers, they're coming for your browsing data, and are here to make you watch ads. You know, those same ads from ad delivery networks that are serving you malware currently.
I mean, any DNS provider can provide you with platitudes promising to not log your IP address or DNS queries, but you'll never actually know if they are or they aren't unless you see the server configs yourself. So there's that.
Cloudflare claims that they don't log PII, but then immediately say that the may hold on to personally identifiable query data for up to 25 hours. https://www.cloudflare.com/privacypolicy/
They claim to do a lot of redaction in their dns-specific policies, but there is a lot of deliberate word usage. They don't story anything in non-volatile memory. The only capture ".05% of all traffic sent to Cloudflare’s network infrastructure" (but don't specifically mention their DNS infrastructure).
What I'm getting at is that if you didn't learn about how much companies value your privacy by the cascade of breaches over the past decade or the intelligence community leaks, then you weren't paying attention.
Also, several malware authors, and a number of new and aspiring frameworks use DoH as a C2 method. There's no clear communication from major DoH providers on how they plan on handling abuse of infrastructure. I brought concerns to cloudflare executives of known malware campaigns using their DoH infra, and they didn't give a shit.
@jerry@Viss I understand the value of pentesting, but this is neither a pentest, nor are you running a bug bounty. that's kinda, technically illegal for them to be doing that.
This is your circus, but if anyone was dumb enough to actually admit to doing that to shit that I'm running for a massive community, they get the ban hammer.
Senior Security Researcher, Proofpoint Emerging Threats.I've been doing this cybersecurity thing for the better part of a decade now. Probably longer than that. I'm starting to forget. Time is relative, but it surely isn't kind to my memory.I'd like to think I do cybersecurity well, but blue teamers collectively get told they're doing it wrong constantly. So maybe I just failed forward throughout my career.Oh, I wrote a book. Its a good framework for setting up a virtual machine lab. See my bookmarked toots if you're curious.Work-Related hashtags:#Iocs #ThreatIntel #DFIR #Malware #NSM #suricata #snort #BEC #phishing #APT #ThreatDetectionHobbies:#VideoGames #XCOM2 #Minecraft #Synthetik #Fallout #Skyrim #Anime #Manga #Adventure #Fantasy #Isekai #HomeImprovement #WoodWorking #MetalWorking #HomeLab