bolo boosted

A reminder that many many of our Jewish friends don't agree with the #gaza_genocide
#IsraelGazawar

bolo boosted

Mappa dei cavi sottomarini 2023
Questa nuova edizione illustra 529 sistemi di cavi e 1.444 approdi attualmente attivi o in costruzione.

submarine-cable-map-2023.teleg

bolo boosted

La vera grandezza di un'azienda di successo si vede nella sua capacità di fare pace con i concorrenti, quindi a Natale ricordatevi di fare gli auguri non solo a Gesù, ma anche a Isaac Newton (1643-1727), lo scienziato nato il 25 dicembre, che anche senza droghe era geniale e iperproduttivo come se fosse sotto anfetamine, e scontroso e paranoico come se fosse in crisi d'astinenza.

bolo boosted
bolo boosted
bolo boosted
bolo boosted

Elon Musk bashed the German government for providing some help to migrants lost at sea (and promoted a far-right political party with Nazi roots) the same day that the UN revealed that more than 2,500 people have already drowned this year in the Mediterranean. businessinsider.com/elon-musk-

bolo boosted
bolo boosted

A PoC for the Ivanti (MobileIron) RCE (CVE-2023-35078) has been uploaded on GitHub: github.com/vchan-in/CVE-2023-3

Can anyone confirm this is legit?

Nice introduction article on TETRA CVEs affecting all the encrypted security radio communications.
A clear violation of the Kerckhoff's principle:
mastodon.uno/@ildisinformatico

The Midnight Blue team published a preliminary report on
tetraburst.com/

bolo boosted

Important reminder ⚠️

If you have used our platform in the past, please ensure that you add at at least one additional authentication provider NOW ☝️👀

Go to auth.abuse.ch, log in with your Twitter account and connect at least one addition authentication provider 🔐

Twitter integration on our platform is DEPRECATED and will be removed soon 👇👇👇

bolo boosted

Since it seems #Google has decided to uni-laterally force through their new anti-#adblock #DRM euphemistically named "Web environment integrity", I decided to add a little bit of code to my website that blanks out the page and displays a protest message with a link to the firefox download page when you visit it from a browser with this DRM feature. Here's the source inside one toot, feel free to copy and put it at the end of your website's <body> before the closing tag:

bolo boosted
bolo boosted
bolo boosted

Security Update Required for Multiple Ubuntu Versions and Derivatives Due to Open VM Tools Vulnerability

Summary

A security vulnerability, identified as CVE-2023-20867, impacts multiple versions of Ubuntu and its derivatives. This issue specifically affects the open-vm-tools software used for virtual machines hosted on VMware. The following Ubuntu versions are affected:

Ubuntu 23.04
Ubuntu 22.04 LTS
Ubuntu 20.04 LTS
Ubuntu 18.04 LTS (Available with Ubuntu Pro)
Ubuntu 16.04 LTS (Available with Ubuntu Pro)

Details

The vulnerability is due to the incorrect handling of certain authentication requests by Open VM Tools. A fully compromised ESXi host could exploit this flaw to bypass host-to-guest authentication, compromising the confidentiality and integrity of the guest virtual machine.

Mitigation

To resolve this issue, users need to update their systems to the following package versions of open-vm-tools:

Ubuntu 23.04: open-vm-tools 2:12.1.5-3ubuntu0.23.04.1
Ubuntu 22.04 LTS: open-vm-tools 2:12.1.5-3~ubuntu0.22.04.2
Ubuntu 20.04 LTS: open-vm-tools 2:11.3.0-2ubuntu0~ubuntu20.04.5
Ubuntu 18.04 LTS (Available with Ubuntu Pro): open-vm-tools 2:11.0.5-4ubuntu0.18.04.3+esm1
Ubuntu 16.04 LTS (Available with Ubuntu Pro): open-vm-tools 2:10.2.0-3~ubuntu0.16.04.1+esm2

In general, a standard system update should implement all the necessary changes.

For more details on the vulnerability and updates, visit the Ubuntu security notice.

bolo boosted

In case you haven’t seen it, this spreadsheet of infosec Mastodon addresses is pretty great. Not sure how up to date it is, but it’s definitely adding to my follow list. docs.google.com/spreadsheets/d

bolo boosted

USB pendrives of DOOM.

Inserting them may hack your systems, leading to data theft. NEVER connect untrusted USB devices. Meaning, any devices you are not sure of. mandiant.com/resources/blog/in

bolo boosted
bolo boosted

Due to popular demand, here is a list of the fedi-services that are part of the infosec.* family:
1 - infosec.exchange - Glitch-soc fork of Mastodon (this instance does not block threads.net)
2 - relay.infosec.exchange - Activitypub relay
3 - video.infosec.exchange - Peertube instance (like youtube)
4 - infosec.press - WriteFreely blog*
5 - pixel.infosec.exchange - Pixelfed instance (like instagram)
6 - matrix.infosec.exchange - Synapse (with sliding sync) homeserver*
7 - infosec.place - Akkoma instance (like mastodon)
8 - infosec.town - iceshrimp instance (like mastodon)
9 - infosec.pub - Lemmy instance (like reddit)
10 - fedia.io - General interest mbin instance (also like reddit)
11 - fedia.social - General interst Iceshrimp instance
12 - elk.infosec.exchange - Elk web interface for Mastodon
13 - books.infosec.exchange - Bookworym instance (like goodreads)
14 - meetups.infosec.exchange (mobilizon)
15 - infosec.space - Glitch-soc fork of Mastodon (this instance does
block threads.net)

*indicates the instance authenticates against Infosec.exchange

Show older
Mastodon Bida.im

Un'istanza mastodon antifascista prevalentemente italofona con base a Bologna - Manifesto - Cosa non si può fare qui

An antifa mostly-italian speaking mastodon istance based in Bologna - About us - What you can't do here

Tech stuff provided by Collettivo Bida