Dashboard FE Login

NSFW

Scott Mortimer
@ScottMortimer@infosec.exchange

Information Security geek, Old School RPG nerd, and wannabe fiction writer.

(@ScottMortimer@infosec.exchange)

List of well-known web sites that port scan their visitors

Many well-known and heavily used web sites are using a fraud protection script that port scans your local computer for remote access programs.

https://www.bleepingcomputer.com/news/security/list-of-well-known-web-sites-that-port-scan-their-visitors/

(@ScottMortimer@infosec.exchange)

Choosing 2FA authenticator apps can be hard. Ars did it so you don’t have to

Losing your 2FA codes can be bad. Having backups stolen can be worse. What to do?

https://arstechnica.com/?p=1677995

(@ScottMortimer@infosec.exchange)

How to Put More “Character” Into Your NPCs

Geoffrey Golden explores narrative design and imbuing NPCs with life and personality

https://pausebutton.substack.com/p/how-to-put-more-character-into-your

(@ScottMortimer@infosec.exchange)

Open Source Forensic Tools - eForensics

https://eforensicsmag.com/download/open-source-forensic-tools/

(@ScottMortimer@infosec.exchange)

I have been listening to podcasts since the early days of the idea and became enamored of RSS and all the cool possibilities that it brought. Now with Spotify and Audible making a play to gobble up a bunch of "A-List" podcasters, I worry that the open podcast ecosystem may start to get locked behind the walls of Big Media

We Lose A Lot When Podcasts Go Closed Instead Of Open

Just last week, Ben Thompson's excellent Stratechery site had a great post describing the important - 1/2

(@ScottMortimer@infosec.exchange)

Windows 10 quietly got a built-in network sniffer, how to use

Microsoft has quietly added a built-in network packet sniffer to the Windows 10 October 2018 Update, and it has gone unnoticed since its release.

https://www.bleepingcomputer.com/news/microsoft/windows-10-quietly-got-a-built-in-network-sniffer-how-to-use/

(@ScottMortimer@infosec.exchange)

Running dodgy programs safely with Windows Sandbox

I'm sure many of you, like me, have needed to run a program for one reason or another and you just weren't happy with the idea of running it on your own computer. In the past I've used VirtualBox and other solutions to spin up VMs but recently I came

https://scotthelme.co.uk/running-dodgy-programs-safely-with-windows-sandbox/

(@ScottMortimer@infosec.exchange)

Nearly half of Twitter accounts pushing to reopen America may be bots

Kathleen M. Carley and her team at Carnegie Mellon University’s Center for Informed Democracy & Social Cybersecurity have been tracking bots and influence campaigns for a long time. Across US and foreign elections, natural disasters, and other politicized events, the level of bot involvement is normally between 10 and 20%, she says. But in a…

https://www.technologyreview.com/2020/05/21/1002105/covid-bot-twitter-accounts-push-to-reopen-america/

(@ScottMortimer@infosec.exchange)

This is good news

Signal to move away from using phone numbers as user IDs | ZDNet

Signal launches profile PINs, the first step in supporting Signal user accounts that are not tied to phone numbers.

https://www.zdnet.com/article/signal-to-move-away-from-phone-numbers-as-user-ids/

(@ScottMortimer@infosec.exchange)

The latest in DNS Amplification DDoS

New vulnerability in DNS server software can be leveraged for DDoS attacks with an 1620x amplification factor.

https://www.zdnet.com/article/nxnsattack-technique-can-be-abused-for-large-scale-ddos-attacks/

(@ScottMortimer@infosec.exchange)

RSS never disappeared, it just became a bit forgotten about as people got sucked into proprietary platforms. I have used many different RSS apps and services and have come back to hosting my own (https://apps.nextcloud.com/apps/news) but Feedly, Inoreader and Tiny Tiny RSS are all good alternatives.

It's Time to Get Back Into RSS | Daniel Miessler

https://danielmiessler.com/blog/its-time-to-get-back-into-rss/

(@ScottMortimer@infosec.exchange)

There is speculation that there could be PRC involvement.

"The attacks on ARCHER and the other high performance computing labs around Europe come at a time when both academic and industrial research teams are working frantically to analyze and develop vaccines for COVID-19.
Attacks Knock Supercomputing Sites Offline"

A series of possibly related incidents has forced supercomputing site ARCHER in the UK and several others in Germany offline in the past few days.

https://duo.com/decipher/attacks-knock-supercomputing-sites-offline

(@ScottMortimer@infosec.exchange)
(@ScottMortimer@infosec.exchange)

This is one of the major reasons why my personal "daily driver" is a Chromebook HP-X2. Performs 80% of what I need to do with an attack surface that is quite minimal.

Safeboot: Boot Linux more safely

Debian package to enable UEFI SecureBoot, enroll your own hardware backed platform key, sign the kernel and initrd, decrypt the disk with the TPM, and enable system integrity protection with dmverity

https://safeboot.dev/

(@ScottMortimer@infosec.exchange)

6 common container security mistakes to avoid

Containers are a secure way to deploy applications and services, but only if you use them properly. Here's how.

https://www.csoonline.com/article/3541149/6-common-container-security-mistakes-to-avoid.html

(@ScottMortimer@infosec.exchange)

If you haven't already, you are a scandalous lackwit 😆

8 Practical Privacy Tips for Your Android Phone

With a few easy changes to the privacy and security settings, you can control how much information Android and Google—and the apps you use—collect about you.

https://thewirecutter.com/reviews/privacy-tips-for-android-phone/

(@ScottMortimer@infosec.exchange)

How does a TCP Reset Attack work?

A TCP reset attack is executed using a single packet of data, no more than a few bytes in size. A spoofed TCP segment, crafted and sent by an attacker, tricks two victims into abandoning a TCP connection, interrupting possibly vital communications between them.

https://robertheaton.com/2020/04/27/how-does-a-tcp-reset-attack-work/

(@ScottMortimer@infosec.exchange)

Hackers are exploiting a Sophos firewall zero-day | ZDNet

Sophos releases emergency patch to fix SQL injection bug exploited in the wild, impacting its XG Firewall product.

https://www.zdnet.com/article/hackers-are-exploiting-a-sophos-firewall-zero-day/

(@ScottMortimer@infosec.exchange)

Yesterday's unboxing of my new Fingbox. Had it connected a little over 24 hours and am quite impressed with it.

(@ScottMortimer@infosec.exchange)

Stay vigilant GitHub users

GitHub accounts stolen in ongoing phishing attacks

GitHub users are currently being targeted by a phishing campaign specifically designed to collect and steal their credentials via landing pages mimicking GitHub's login page. 

GitHub accounts stolen in ongoing phishing attacks https://www.bleepingcomputer.com/news/security/github-accounts-stolen-in-ongoing-phishing-attacks/

(@ScottMortimer@infosec.exchange)

Coronavirus contact-tracing apps are worse than useless – Schneier

Cryptographer Bruce Schneier says the false positives and negatives ‘are too great’ Influential security technologist Bruce Schneier has dismissed Covid-19 contact-tracing apps as potentially “worse t

https://portswigger.net/daily-swig/coronavirus-contact-tracing-apps-are-worse-than-useless-schneier

(@ScottMortimer@infosec.exchange)

San Francisco Airport data breach: Double website hack may have lifted users’ Windows login credentials

State-sponsored Russian actors said to have taken off with sensitive user data San Francisco International Airport (SFO) has warned that a breach against two of its websites may have allowed attackers

https://portswigger.net/daily-swig/san-francisco-airport-data-breach-double-website-hack-may-have-lifted-users-windows-login-credentials

(@ScottMortimer@infosec.exchange)

NextDNS is my new favourite DNS service

AKA Anycast-Pi-hole-as-a-Service... but even better!

https://angristan.xyz/2020/04/nextdns/

(@ScottMortimer@infosec.exchange)

Twitter Removes Privacy Option, and Shows Why We Need Strong Privacy Laws

Twitter greeted its users with a confusing notification this week. “The control you have over what information Twitter shares with its business partners has changed,” it said. The changes will “help Twitter continue operating as a free service,” it assured. But at what cost?What Changed?Twitter has...

https://www.eff.org/deeplinks/2020/04/twitter-removes-privacy-option-and-shows-why-we-need-strong-privacy-laws

(@ScottMortimer@infosec.exchange)

The Sandboxie Windows sandbox isolation tool is now open-source!

Cybersecurity firm Sophos announced today that it has open-sourced the Sandboxie Windows sandbox-based isolation utility 15 years after it was released.

https://www.bleepingcomputer.com/news/software/the-sandboxie-windows-sandbox-isolation-tool-is-now-open-source/

(@ScottMortimer@infosec.exchange)

Just a few years ago, I would never have imagined Microsoft writing Linux Security Modules. This is an affirmation that Linux rules Cloud Computing.

Microsoft announces IPE, a new code integrity feature for Linux

Microsoft says IPE (Integrity Policy Enforcement) was designed for immutable and embedded systems (e.g. network firewall device in a data center).

https://www.zdnet.com/article/microsoft-announces-ipe-a-new-code-integrity-feature-for-linux/

(@ScottMortimer@infosec.exchange)

Microsoft Reminds the World That Skype Exists

With usage of the insecure Zoom platform skyrocketing, Microsoft is offering up Skype as a safer and just as free alternative.

Benefits include:

Your meeting link does not expire and can be used anytime.

Free conference calls

No sign ups

No downloads

Record your call and save it for later review

Blur your background before entering the call

Share your screen whenever necessary

https://www.thurrott.com/cloud/microsoft-consumer-services/skype/234297/microsoft-reminds-the-world-that-skype-exists

(@ScottMortimer@infosec.exchange)

Have some POTARC to start your week.

Privacy Online Test And Resource Compendium

https://github.com/CHEF-KOCH/Online-Privacy-Test-Resource-List/blob/master/README.md

(@ScottMortimer@infosec.exchange)

Setup up your own Jitsi Meet server in less than 15 minutes

Jitsi Meet is an open source video conferencing solution which allows users to setup and share video conferences from a single web page with no apps or downloads necessary.

https://www.brring.com/2020/04/04/setting-up-a-jitsi-server-in-less-than-15-minutes/

(@ScottMortimer@infosec.exchange)

"We find that Zoom has “rolled their own” encryption scheme, which has significant weaknesses. In addition, we identify potential areas of concern in Zoom’s infrastructure, including observing the transmission of meeting encryption keys through China."

Move Fast & Roll Your Own Crypto: A Quick Look at the Confidentiality of Zoom Meetings - The Citizen Lab

https://citizenlab.ca/2020/04/move-fast-roll-your-own-crypto-a-quick-look-at-the-confidentiality-of-zoom-meetings/