admin - mastodon.bida.im @admin

309 posts115 participants44 posts today

César Pose90% of code will be writen by AI, they say... And Bug Bounty Hunters... 😅😅😅😅😅😅<a href="https://infosec.exchange/tags/ai" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ai</a> <a href="https://infosec.exchange/tags/aicoding" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#aicoding</a> <a href="https://infosec.exchange/tags/programming" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#programming</a> <a href="https://infosec.exchange/tags/bugbounty" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bugbounty</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a>

Shodan SafariASN: AS31898 Location: Phoenix, US Added: 2025-03-26T16:17<a href="https://infosec.exchange/tags/shodansafari" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#shodansafari</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a>

Shodan SafariASN: AS3462 Location: Taipei, TW Added: 2025-03-27T21:46<a href="https://infosec.exchange/tags/shodansafari" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#shodansafari</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a>

BeyondMachines :verified:Critical security vulnerability in Verizon Call Filter App for iOS <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/advisory" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#advisory</a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#vulnerability</a> <a href="https://beyondmachines.net/event_details/critical-security-vulnerability-in-verizon-call-filter-app-for-ios-e-w-8-7-f/gD2P6Ple2L" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://beyondmachines.net/event_details/critical-security-vulnerability-in-verizon-call-filter-app-for-ios-e-w-8-7-f/gD2P6Ple2L</a>

Shodan SafariASN: AS4134 Location: Shenzhen, CN Added: 2025-03-24T12:17<a href="https://infosec.exchange/tags/shodansafari" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#shodansafari</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a>

OWASP FoundationGet ready for an exhilarating time at <a href="https://infosec.exchange/tags/OWASP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OWASP</a> Global <a href="https://infosec.exchange/tags/AppSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AppSec</a> EU this May! Imagine navigating between sessions, connecting with peers over coffee... Why not enhance your experience by becoming a Mentor? Sign up here: <a href="https://owasp.wufoo.com/forms/zk2cdkr1qla6o8/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://owasp.wufoo.com/forms/zk2cdkr1qla6o8/</a> 🚀 <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://infosec.exchange/tags/AI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AI</a> <a href="https://infosec.exchange/tags/threatmodeling" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#threatmodeling</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/devsecops" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#devsecops</a>

BeyondMachines :verified:Critical Pre-Authentication SQL Injection vulnerability reported in Halo ITSM <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/advisory" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#advisory</a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#vulnerability</a> <a href="https://beyondmachines.net/event_details/critical-pre-authentication-sql-injection-vulnerability-reported-in-halo-itsm-s-r-h-p-7/gD2P6Ple2L" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://beyondmachines.net/event_details/critical-pre-authentication-sql-injection-vulnerability-reported-in-halo-itsm-s-r-h-p-7/gD2P6Ple2L</a>

Shodan SafariASN: AS24940 Location: Falkenstein, DE Added: 2025-03-31T08:01<a href="https://infosec.exchange/tags/shodansafari" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#shodansafari</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a>

beardedtechguy@infosec:~$This makes for good education for clients!QR codes sent in attachments are the new favorite for phishers <a href="https://www.malwarebytes.com/blog/news/2025/04/qr-codes-sent-in-attachments-are-the-new-favorite-for-phishers" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.malwarebytes.com/blog/news/2025/04/qr-codes-sent-in-attachments-are-the-new-favorite-for-phishers</a><a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://infosec.exchange/tags/Phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Phishing</a>

NonilexA federal Judge Denise Cote in NY rejected the <a href="https://masto.ai/tags/Trump" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Trump</a> admin’s effort to dismiss lawsuit alleging <a href="https://masto.ai/tags/DOGE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DOGE</a> directed a massive breach of <a href="https://masto.ai/tags/OPM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OPM</a> data affecting millions of people.<a href="https://masto.ai/tags/law" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#law</a> <a href="https://masto.ai/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a> <a href="https://masto.ai/tags/NationalSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NationalSecurity</a> <a href="https://storage.courtlistener.com/recap/gov.uscourts.nysd.636793/gov.uscourts.nysd.636793.72.0.pdf" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://storage.courtlistener.com/recap/gov.uscourts.nysd.636793/gov.uscourts.nysd.636793.72.0.pdf</a>

0x40kFIN7 *again*? Seriously, these guys just don't quit, do they? 🙄Heads up – they've cooked up an Anubis backdoor using Python. And nope, *it's not* the Android Trojan people know. It's pretty wild what this thing packs: we're talking remote shell capabilities, file uploads, messing with the registry... 🤯 Basically, the keys to the kingdom!And let me tell you from a pentester's perspective: Just relying on AV? That's *definitely* not gonna cut it anymore. We all know that, right?Looks like they're slipping in through compromised SharePoint sites now? Yikes. The nasty part? A Python script decrypts the payload *directly in memory*, making it incredibly tough to spot! 🥴 Plus, their command and control chats happen over a Base64-encoded TCP socket.So, keep a *sharp eye* on those ZIP attachments! Double-check your SharePoint sites' integrity. You'll also want to monitor network traffic closely (especially that TCP activity!). And make sure your endpoint security is actually up to snuff – remember, they love finding ways to bypass defenses!How are *you* tackling threats like this one? What are your go-to tools and strategies for defense? 🤔 Let's share some knowledge!<a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pentesting</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/FIN7" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FIN7</a> <a href="https://infosec.exchange/tags/APT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APT</a> <a href="https://infosec.exchange/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Malware</a> <a href="https://infosec.exchange/tags/SharePoint" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SharePoint</a> <a href="https://infosec.exchange/tags/WindowsSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WindowsSecurity</a>

BeyondMachines :verified:"Gay Daddy" dating App leaks data of 50,000 User profiles and private messages <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/incident" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#incident</a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a> <a href="https://beyondmachines.net/event_details/gay-daddy-dating-app-leaks-data-of-50000-user-profiles-and-private-messages-d-i-1-6-9/gD2P6Ple2L" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://beyondmachines.net/event_details/gay-daddy-dating-app-leaks-data-of-50000-user-profiles-and-private-messages-d-i-1-6-9/gD2P6Ple2L</a>

**Shodan Safari** @shodansafari@infosec.exchange · 4h

Shodan Safari @shodansafari@infosec.exchange

ASN: AS200350
Location: Reutov, RU
Added: 2025-03-26T14:04

#shodansafari #infosec

**BeyondMachines** @beyondmachines1@infosec.exchange · 5h

BeyondMachines @beyondmachines1@infosec.exchange

UK Royal Mail third party breach exposes 144GB of customer information
#cybersecurity #infosec #incident #databreach
https://beyondmachines.net/event_details/uk-royal-mail-third-party-breach-exposes-144gb-of-customer-information-o-5-v-w-v/gD2P6Ple2L

BeyondMachinesUK Royal Mail third party breach exposes 144GB of customer informationThe Royal Mail is investigating a potential data breach after a threat actor named "GHNA" leaked 144GB of files allegedly containing customer information, with the breach traced to a security incident at third-party service provider Spectos GmbH. Attackers possibly used credentials stolen in a 2021 malware incident to access sensitive data including names, addresses, phone numbers, delivery information, and internal recordings.

**Shodan Safari** @shodansafari@infosec.exchange · 5h

Shodan Safari @shodansafari@infosec.exchange

ASN: AS396073
Location: Garland, US
Added: 2025-03-24T00:08

#shodansafari #infosec

**Shodan Safari** @shodansafari@infosec.exchange · 6h

Shodan Safari @shodansafari@infosec.exchange

ASN: AS16276
Location: Calais, FR
Added: 2025-03-25T21:54

#shodansafari #infosec

**BeyondMachines** @beyondmachines1@infosec.exchange · 7h

BeyondMachines @beyondmachines1@infosec.exchange

Bamford Skincare security breach exposes customer payment information
#cybersecurity #infosec #incident #databreach
https://beyondmachines.net/event_details/bamford-skincare-security-breach-exposes-customer-payment-information-p-j-r-3-e/gD2P6Ple2L

BeyondMachinesBamford Skincare security breach exposes customer payment informationLuxury skincare brand Bamford experienced a security breach in March 2025 that potentially exposed customers' credit and debit card information, prompting the company to notify affected customers to check their bank accounts and consider canceling their cards. The UK's Information Commissioner's Office has closed the case after providing data protection advice.

**Shodan Safari** @shodansafari@infosec.exchange · 7h

Shodan Safari @shodansafari@infosec.exchange

ASN: AS5617
Location: Warsaw, PL
Added: 2025-03-23T19:51

#shodansafari #infosec

**decio** @decio@infosec.exchange · 8h *

8h *

decio @decio@infosec.exchange

ah tiens, ce serait donc celle-là la mystérieuse vulnérabilité en exploitation observée par les honeypots ?

Vulnérabilité critique chez Ivanti Connect Secure (CVE-2025-22457)

Mandiant signale qu’une faille critique affectant certaines versions des VPN Ivanti est activement exploitée depuis mars 2025. Des acteurs liés à la Chine (UNC5221) ont déployé plusieurs malwares furtifs, comme TRAILBLAZE (dropper en mémoire) et BRUSHFIRE (porte dérobée passive), via cette faille.

Un patch est dispo depuis février, mais la menace a été sous-estimée au départ.
Si vous utilisez Ivanti ICS, mettez à jour rapidement vers la version 22.7R2.6 ou ultérieure.

(Utilisez les outils d'intégrité d'Ivanti pour détecter toute activité anormale.)

"Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457)"
https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-exploiting-critical-ivanti-vulnerability/?hl=en

#CyberVeille
#Ivanti #Mandiant #CVE_2025_22457 #infosec

Google Cloud BlogSuspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457) | Google Cloud Blog

**Ian Campbell** @neurovagrant@masto.deoan.org · 8h

Ian Campbell @neurovagrant@masto.deoan.org

I'm a sucker for behavior-based investigations, especially for stuff off the beaten path, so I love the insights we were able to come up with on this one. @DomainTools Investigations researchers found exposed criminal infrastructure and went down a rabbit hole.

#threatintel #infosec #cybersecurity

https://dti.domaintools.com/proton66-where-to-find-aspiring-hackers/

DomainTools Investigations | DTI · 9hWhere to Find Aspiring Hackers - DomainTools Investigations | DTIThis research analyzes Proton66, a bulletproof hosting network enabling cybercrime operations, serving as a hub for aspiring cybercriminals. It focuses on threat actor Coquettte and their ties to the Horrid hacking group.

Recent searches

Search options

Administered by:

Server stats:

#infosec

Recent searches

Search options

Administered by:

Server stats:

InfoSecBack

#infosec