Elektrine
Log in Register

#infosec

105 posts · Last used 2d

Back to Timeline
@shodansafari@infosec.exchange · 2d ago
ASN: AS963 Location: Los Angeles, US Added: 2026-04-18T06:49 #shodansafari #infosec
1
1
0
Boosted by Kevin Karhan @kkarhan@jorts.horse
@brian_greenberg@infosec.exchange · 3d ago
Trying to be secure... You deleted the app. You turned on disappearing messages. You did everything right. The FBI can still read your Signal messages. Huh? This wasn't a Signal failure. Signal did its job. iOS didn't. The phone was storing notification previews in a database long after the app was gone, because someone turned on Lock Screen message previews. Apple just patched it in iOS 26.4.2, and they only found out about it because a defendant's court case exposed it during testimony. 🔎 This is why privacy promises and privacy architecture are two different things 📲 Update your phone. Not because you're hiding something. Because your phone is quietly keeping receipts you don't know about. ⚠️ And if you're a CISO still telling employees that "just use Signal" is a complete privacy answer, it's time to revisit that conversation. https://www.macrumors.com/2026/04/22/ios-26-4-2-notification-database-security-fix/ #Cybersecurity #Privacy #iOS #InfoSec #Leadership #security #cloud #infosec #AlwaysUpdate
11
1
13
Boosted by Greg Bell @ferrix@mastodon.online
@tinker@infosec.exchange · 4d ago
Ummm... Is SANS training ICE? https://sam.gov/workspace/contract/opp/99f8bdc298c34f06bcac9bd7e39b1bca/view Edit to add: SANS is training ICE how to pull information off of harddrives, etc. FOR498: Digital Acquisition and Rapid Triage "Course Overview: A digital forensic acquisition training course, FOR498 provides the skills to identify the many and varied data storage mediums in use today, and how to collect and preserve this data in a forensically sound manner despite how and where it may be stored. This forensics data collection course covers digital acquisition from computers, portable devices, networks, and the cloud, and teaches rapid triage—the art and science of identifying and starting to extract actionable intelligence from a hard drive in 90 minutes or less." This training will directly hurt people. #sans #ice #infosec
62
17
126
@cigitalgem@sigmoid.social · 4d ago
Great to see a BIML quote in this Fortune piece. Our next big piece of work is on measurement (in final review now), so the story timing is great. #MLsec #ML #AI #swsec #appsec #infosec https://fortune.com/2026/04/23/ai-cybersecurity-standards-mythos-nist-owasp-sans-cosai-dc-meeting-eye-on-ai/?sge456
0
0
2
In reply to
@kkarhan@jorts.horse · 4d ago
@javahippie@mainz.social ja, nur ist das das geringste Problem der #ITsec ,#InfoSec, #OpSec & #ComSec dort...
0
0
0
@AAKL@infosec.exchange · 6d ago
New. This guy is 24-years-old. His chosen career path is cybercrime. We really should ask what is happening to that generation because there are multiple accounts of kids in their teens turning to cybercrime, not just in the UK, although that country clearly has a problem. Technically, this shouldn't qualify as "normal," non-delinquent behavior. So, in the grand social tapestry, there is a glaring black hole. Who failed? KrebsonSecurity: ‘Scattered Spider’ Member ‘Tylerb’ Pleads Guilty https://krebsonsecurity.com/2026/04/scattered-spider-member-tylerb-pleads-guilty/ @briankrebs@infosec.exchange #infosec #ransomware
2
0
3
In reply to
@SecureOwl@infosec.exchange · Apr 15, 2026
I wrote up this cursed discovery with more details: https://mike-sheward.medium.com/deleteduser-com-a-15-pii-magnet-c4396eb21061 #infosec
243
0
231
Boosted by Kevin Karhan @kkarhan@jorts.horse
In reply to
@SecureOwl@infosec.exchange · 5d ago
Ok, if you are particularly sensitive to the effects of irony, I suggest you take a seat before reading further. In what is perhaps the most perfect encapsulation of everything that this experiment has shown so far, last night, deleted-user.com received over 400 emails from the same organization. This was an EU based tech firm. The purpose of those emails? They were from the company's legal team, advising users of updated terms and conditions, and the first update was: "Data protection: we added language explaining how we handle personal data under the GDPR" #infosec #gdpr
48
0
30
@markwyner@mas.to · 5d ago
Google is sleeping with ICE. And they have your data. So, yeah, maybe detach from their services. https://www.eff.org/press/releases/eff-state-ags-investigate-googles-broken-promise-users-targeted-government #Google #ICE #Fascism #Privacy #InfoSec #OpSec
60
0
116
In reply to
@kkarhan@jorts.horse · 5d ago
@javahippie@mainz.social ändert trotzdem nix daran dass @Bundesregierung@social.bund.de miserable #ITsec, #InfoSec, #OpSec & #ComSec haben. Also wirklich miserabel…Und nein ich kann nicht ins Detail gehen. Nacher Ende ich wie Boris "Tron" Floricic…
0
0
0
@AAKL@infosec.exchange · 5d ago
Headline of the day: "Claude Mythos Finds 271 Firefox Vulnerabilities" Security Week: https://www.securityweek.com/claude-mythos-finds-271-firefox-vulnerabilities/ @SecurityWeek@infosec.exchange #Mozilla #Firefox #Claude #Anthropic #infosec #vulnerability
2
0
1
In reply to
@kkarhan@jorts.horse · 5d ago
@markus_netzpolitik@chaos.social @oldperl@mastodon.online am Ende entscheide ich das nicht. @Bundesregierung@social.bund.de & @bsi@social.bund.de steht es ja frei entsprechend Mittel für Planstellen freizuschaufeln damit nicht erst alles bei @certbund@social.bund.de aufschlägt.Gern mach' ich auch nen #Onboarding damit die #ITsec, #InfoSec, #OpSec & #ComSec nicht mehr komplett für die Tonne ist, denn das was ich an #OSINT bisher ohne #NDA rausfinden konnte ist erschreckend!So "@Lilith@chaos.social würde wahrscheinlich untertauchen müssen" - Level…
1
0
0
@newsgroup@social.vir.group · 5d ago
Cybersecurity is everyone's responsibility, not just IT's. The weakest link in any system is the human factor, and most breaches start with a single click. #cybersecurity #infosec #tech
0
1
0
@brian_greenberg@infosec.exchange · 5d ago
An ex-Azure engineer published six essays arguing Microsoft's cloud has been on life support since 2008, and the cause isn't bad code. It's bad people decisions. Rushed launch, post-launch talent exodus, no testing discipline, no architectural vision. Sound familiar to anyone who's worked in a place that ships first and staffs later? Now layer 2026 on top. Microsoft cut roughly 15,000 jobs in mid-2025. Coding agents are pumping out 4x more commits in 90 days. GitHub's unofficial uptime has slipped under 90% and the proposed fix is, wait for it, moving more of GitHub onto Azure. The same Azure the engineer says is held together with rushed decisions and wishful thinking. 🧠 The phrase that stuck with me is "knowledge dilution from high attrition." When the senior people who knew why a system was built that way leave, no LLM in the world can recover that context 🤖 More AI-written code does not mean less work. It means more code to review, test, deploy, and run, which means more compute and more humans needed downstream 📉 OpenAI signing an $11.9B compute deal with CoreWeave in March 2025 was the loudest "we don't trust your capacity" signal Microsoft has ever received from its closest partner 🪑 The bet that AI lets you cut headcount keeps colliding with the reality that AI generates work for humans faster than it removes it Every CIO I talk to is being pitched the same dream: fewer engineers, more agents, lower run rate. The Azure story is what happens when that math doesn't pencil out and the bill comes due in incidents instead of dollars. https://www.theregister.com/2026/04/04/azure_talent_exodus/ #Azure #AI #Leadership #security #privacy #cloud #infosec #cybersecurity #software #devops
117
0
139
@bich@apobangpo.space · 5d ago
"Democratic lawmakers are demanding that the Trump administration halt plans to collect sensitive medical records for millions of federal workers and retirees, as well as their family members." https://kffhealthnews.org/news/article/opm-federal-workers-health-records-hipaa-democratic-letters/ #healthcare #insurance #HHS #HIPAA #healthIT #infosec #data #privacy #UScongress #USpol
0
0
2
In reply to
@kkarhan@jorts.horse · 5d ago
@evawolfangel@chaos.social I wish they'd get serious #GDPR fines and be forced to reimburse everyone's costs and damages to change these and the harm caused by said #DataBreach. Cuz #LackOfAccountability & #LackOfConsequences embolden companies to not take #ITsec & #InfoSec serious…
0
0
0
In reply to
@kkarhan@jorts.horse · 5d ago
@isotopp@infosec.exchange the problem is that such failures have no #consequences for those that fail to #safeguard said info. If a #bank gambles away customer's savings, they at least have to have insurance to cover at least the legal minimum in deposit per customer & bank account in their juristiction.Whereas with gross neglect in #InfoSec, they ain't even forced to reimburse all the damages and #costs incured, much less punitive #damages for gross neglect!
0
1
0
@meridian@mastodon.com.pl · 6d ago
Nadszedł ten moment. Odinstalowałem Facebooka. Dzień 1. #privacy #privacyMatters #degoogle #deapple #ios #mastodon #cybersecurity #infoSec
9
0
5
Boosted by Kevin Karhan @kkarhan@jorts.horse
@AAKL@infosec.exchange · Apr 20, 2026
The post mentions that the WatchGuard report was posted today, but I haven't seen it yet. Here's the blog: https://www.watchguard.com/wgrd-news/blog/term/3936/cybersecurity-insights Infosecurity-Magazine: Formbook Malware Campaign Uses Multiple Obfuscation Techniques to Avoid Detection https://www.infosecurity-magazine.com/news/formbook-malware-multiple/ #phishing #infosec #malware
1
0
2
@ml@social.mitexleo.one · Apr 20, 2026
Al Jazeera: Twelve British universities have paid a private firm run by former military intelligence officials to “spy” on student protesters and academics, including those who have expressed solidarity with Palestine. (1/3) #british #uk #privacy #Palestine #Gaza #infosec #UsPol #Israel
2
0
3