Show more
sid boosted
sid boosted
sid boosted

da @netico ho tovato "la rivoluzione senza attesa" liberamente scaricabile insieme a tanta altra roba bellissima. Raggi di luce in un mondo di merda.
Grazie di cuore!

sid boosted

X.Org X server vulnerability affects CentOS, Debian, Ubuntu, Fedora and other Linux operating systems:

zdnet.com/article/new-security

– CVE-2018-14665
– attackers can elevate privileges and/or overwrite any files on the local system, even crucial OS data
– update to X.Org Server 1.20.3

#xorg #xserver #vulnerability #flaw #linux #debian #ubuntu #fedora #centos #infosec #cybersecurity #security

sid boosted

I've been messing with this for a few now, if you do #phishing tests, OGP is probably something you want to master zerofox.com/blog/open-graph-pr #socialengineering #redteam

sid boosted

Download HTTPS Everywhere and make sure no encrypted connections slip through the cracks. eff.org/https-everywhere

sid boosted
sid boosted
sid boosted

Do you know common security- and privacy-related HTTP headers?

infosec-handbook.eu/blog/wss3-

– Content Security Policy
– Referrer
– HTTP Strict Transport Security
– X-Frame-Options
– X-Xss-Protection
– X-Content-Type-Options
– Subresource Integrity
– HTTP Public Key Pinning (deprecated)
– Expect-Staple
– Expect-CT
– Feature Policy

#http #security #headers #securityheaders #security #infosec #webserver #cybersecurity #csp #hsts #referrer #sri

sid boosted

A volte su Facebook succedono cose strane.
te vogliamo pure su Mastodon!

sid boosted

Music as a Weapon : The Contentious Symbiosis of Punk Rock and Anarchism dlvr.it/Qp8P7x

sid boosted

Recap: Mastodon :mastodon: security and privacy tips.

infosec-handbook.eu/blog/masto

– enable two-factor authentication
– monitor sessions activity
– regularly check your authorized apps
– check your "post privacy" settings
– use "authorized followers" feature
– host your own Mastodon instance if necessary

#mastodon #security #privacy #2fa #monitoring #infosec #cybersecurity

politically incorrect and offensive language 

sid boosted
sid boosted

Report about crypto algorithms, key sizes and protocols published by ECRYPT-CSA (funded by the EU) (PDF file):

ecrypt.eu.org/csa/documents/D5

– they suggest RSA is more secure than ECC in the early
days of quantum computing
– this document also discusses TLS and SSH algorithms

#ecrypt #cryptography #crypto #algorithms #rsa #aes #tls #ssh #infosec #encryption #cybersecurity

sid boosted
sid boosted

Tracking Users across the Web via TLS Session Resumption (PDF file):

arxiv.org/pdf/1810.07304.pdf

– average users can be tracked for up to eight days
– configuration of 48 popular browsers and one million of the
most popular websites were evaluated
– researches recommend to use JonDoBrowser and Tor Browser
– this also affects TLS 1.3

#tls #tls13 #tracking #privacy #security #infosec #cybersecurity

sid boosted

I should learn another language... like French or Ruby.

sid boosted
sid boosted

#LibSSH vulnerable to an attack where the actor sends a successful #authentication message to the server instead of sending an authentication request. #GitHub are not affected apparently. Neither is the famous #OpenSSH. Rest easy folks #infosec #security
arstechnica.com/information-te

Show more
Mastodon Bida.im

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!