techhub.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A hub primarily for passionate technologists, but everyone is welcome

Administered by:

Server stats:

4.7K
active users

#infosec

1K posts297 participants136 posts today
urlDNA.io :verified:<p>Possible Phishing 🎣<br> on: ⚠️hxxps[:]//jinnowindows[.]com/sign-update/otp[.]html<br> 🧬 Analysis at: <a href="https://urldna.io/scan/6877b4673b7750000b053551" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">urldna.io/scan/6877b4673b77500</span><span class="invisible">00b053551</span></a><br><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/phishing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>phishing</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/urldna" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>urldna</span></a> <a href="https://infosec.exchange/tags/scam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>scam</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a></p>
BeyondMachines :verified:<p>DragonForce ransomware gang claims breach of Belk department store</p><p>The DragonForce ransomware group claims an attack department store chain Belk Inc. between May 7-11, 2025, stealing customer and employee data. Belk has recovered and rebuilt systems and is offering affected individuals 12 months of complimentary credit monitoring services.</p><p>****<br><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/incident" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>incident</span></a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a><br><a href="https://beyondmachines.net/event_details/dragonforce-ransomware-gang-claims-breach-of-belk-department-store-n-0-b-m-b/gD2P6Ple2L" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">beyondmachines.net/event_detai</span><span class="invisible">ls/dragonforce-ransomware-gang-claims-breach-of-belk-department-store-n-0-b-m-b/gD2P6Ple2L</span></a></p>
Recon InfoSec<p>Get ready for tomorrow's <a href="https://infosec.exchange/tags/ThursDef" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThursDef</span></a>! </p><p>Join us tomorrow at 12:30 PM CT as Shane Fonyi shares insights about OSINT on Iranian Threat Actors. </p><p>Secure your spot: thursdef.com</p><p><a href="https://infosec.exchange/tags/ThursDef" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThursDef</span></a> <a href="https://infosec.exchange/tags/ThursdayDefensive" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThursdayDefensive</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a></p>
Shodan Safari<p>ASN: AS31252<br>Location: Chisinau, MD<br>Added: 2025-07-14T10:55</p><p><a href="https://infosec.exchange/tags/shodansafari" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>shodansafari</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a></p>
urlDNA.io :verified:<p>Possible Phishing 🎣<br> on: ⚠️hxxps[:]//fiutg[.]weebly[.]com<br> 🧬 Analysis at: <a href="https://urldna.io/scan/687794763b7750000e6b7e59" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">urldna.io/scan/687794763b77500</span><span class="invisible">00e6b7e59</span></a><br><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/phishing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>phishing</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/urldna" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>urldna</span></a> <a href="https://infosec.exchange/tags/scam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>scam</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a></p>
Mike Sheward<p>These are *still* the default permissions in Google Workspace Enterprise when setting up a Google Group/Email Distribution List....</p><p>Who can see the big issue that catches literally everyone out....</p><p><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a></p>
AAKL<p>This high-severity vulnerability was posted yesterday.</p><p>Tenable: OpenAI ChatGPT Prompt Injection via ?q= Parameter in Web Interface <a href="https://www.tenable.com/security/research/tra-2025-22" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">tenable.com/security/research/</span><span class="invisible">tra-2025-22</span></a> <span class="h-card" translate="no"><a href="https://infosec.exchange/@tenable" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>tenable</span></a></span> <a href="https://infosec.exchange/tags/ChatGPT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ChatGPT</span></a> <a href="https://infosec.exchange/tags/OpenAI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenAI</span></a> <a href="https://infosec.exchange/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a></p>
Security Feed<p>🔒 Security News Digest - 2025-07-16</p><p>📊 16 updates from 8 sources:</p><p>🔹 SecurityWeek: Compumedics Ransomware Attack Led to Data Breach Impacting 318,000<br> <a href="https://www.securityweek.com/compumedics-ransomware-attack-led-to-data-breach-impacting-318000/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">securityweek.com/compumedics-r</span><span class="invisible">ansomware-attack-led-to-data-breach-impacting-318000/</span></a></p><p>🔹 SecurityWeek: Virtual Event Today: Cloud &amp; Data Security Summit – Tackling Exposed Attack Surfaces in the Cloud<br> <a href="https://www.securityweek.com/virtual-event-preview-cloud-data-security-summit-2025-tackling-exposed-attack-surfaces-in-the-cloud/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">securityweek.com/virtual-event</span><span class="invisible">-preview-cloud-data-security-summit-2025-tackling-exposed-attack-surfaces-in-the-cloud/</span></a></p><p>🔹 Security News | TechCrunch: UK retail giant Co-op confirms hackers stole all 6.5 million customer records<br> <a href="https://techcrunch.com/2025/07/16/uk-retail-giant-co-op-confirms-hackers-stole-all-6-5-million-customer-records/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">techcrunch.com/2025/07/16/uk-r</span><span class="invisible">etail-giant-co-op-confirms-hackers-stole-all-6-5-million-customer-records/</span></a></p><p>🦠 Malwarebytes: Dating app scammer cons former US army colonel into leaking national secrets<br> <a href="https://www.malwarebytes.com/blog/news/2025/07/dating-app-scammer-cons-former-us-army-colonel-into-leaking-national-secrets" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">malwarebytes.com/blog/news/202</span><span class="invisible">5/07/dating-app-scammer-cons-former-us-army-colonel-into-leaking-national-secrets</span></a></p><p>🔹 The Record from Recorded Future News: Senate panel passes Intelligence Authorization Act that takes aim at telecom hacks<br> <a href="https://therecord.media/senate-panel-passes-intel-act-salt-typhoon-china" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">therecord.media/senate-panel-p</span><span class="invisible">asses-intel-act-salt-typhoon-china</span></a></p><p>🔹 The Hacker News: UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit<br> <a href="https://thehackernews.com/2025/07/unc6148-backdoors-fully-patched.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">thehackernews.com/2025/07/unc6</span><span class="invisible">148-backdoors-fully-patched.html</span></a></p><p>🔹 SecurityWeek: SonicWall SMA Appliances Targeted With New ‘Overstep’ Malware<br> <a href="https://www.securityweek.com/sonicwall-sma-appliances-targeted-with-new-overstep-malware/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">securityweek.com/sonicwall-sma</span><span class="invisible">-appliances-targeted-with-new-overstep-malware/</span></a></p><p>🔹 darkreading: Securing the Budget: Demonstrating Cybersecurity's Return<br> <a href="https://www.darkreading.com/vulnerabilities-threats/securing-budget-cybersecurity-return" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">darkreading.com/vulnerabilitie</span><span class="invisible">s-threats/securing-budget-cybersecurity-return</span></a></p><p>🔹 BleepingComputer: Europol disrupts pro-Russian NoName057(16) DDoS hacktivist group<br> <a href="https://www.bleepingcomputer.com/news/security/europol-disrupts-pro-russian-noname05716-ddos-hacktivist-group/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/europol-disrupts-pro-russian-noname05716-ddos-hacktivist-group/</span></a></p><p>🔹 Security Boulevard: Keeper Security Adds Support for MCP to Secrets Management Platform<br> <a href="https://securityboulevard.com/2025/07/keeper-security-adds-support-for-mcp-to-secrets-management-platform/?utm_source=rss&amp;utm_medium=rss&amp;utm_campaign=keeper-security-adds-support-for-mcp-to-secrets-management-platform" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">securityboulevard.com/2025/07/</span><span class="invisible">keeper-security-adds-support-for-mcp-to-secrets-management-platform/?utm_source=rss&amp;utm_medium=rss&amp;utm_campaign=keeper-security-adds-support-for-mcp-to-secrets-management-platform</span></a></p><p>🔹 BleepingComputer: New Fortinet FortiWeb hacks likely linked to public RCE exploits<br> <a href="https://www.bleepingcomputer.com/news/security/new-fortinet-fortiweb-hacks-likely-linked-to-public-rce-exploits/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/new-fortinet-fortiweb-hacks-likely-linked-to-public-rce-exploits/</span></a></p><p>🔹 The Record from Recorded Future News: Italian police dismantle Romanian ransomware gang targeting nonprofits, film companies<br> <a href="https://therecord.media/italian-police-dismantle-romanian-ransomware-gang" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">therecord.media/italian-police</span><span class="invisible">-dismantle-romanian-ransomware-gang</span></a></p><p>🔹 SecurityWeek: United Natural Foods Projects Up to $400M Sales Hit from June Cyberattack<br> <a href="https://www.securityweek.com/united-natural-foods-projects-up-to-400m-sales-hit-from-june-cyberattack/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">securityweek.com/united-natura</span><span class="invisible">l-foods-projects-up-to-400m-sales-hit-from-june-cyberattack/</span></a></p><p>🔹 BleepingComputer: SonicWall SMA devices hacked with OVERSTEP rootkit tied to ransomware<br> <a href="https://www.bleepingcomputer.com/news/security/sonicwall-sma-devices-hacked-with-overstep-rootkit-tied-to-ransomware/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/sonicwall-sma-devices-hacked-with-overstep-rootkit-tied-to-ransomware/</span></a></p><p>🔹 The Record from Recorded Future News: Google spots tailored backdoor malware aimed at SonicWall appliances<br> <a href="https://therecord.media/sonicwall-sma-100-series-overstep-malware-unc6148" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">therecord.media/sonicwall-sma-</span><span class="invisible">100-series-overstep-malware-unc6148</span></a></p><p>🔹 Security Boulevard: ‘FRED’ Security FAIL — Ignored by US Rail for 20 YEARS<br> <a href="https://securityboulevard.com/2025/07/train-fred-vuln-20-years-richixbw/?utm_source=rss&amp;utm_medium=rss&amp;utm_campaign=train-fred-vuln-20-years-richixbw" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">securityboulevard.com/2025/07/</span><span class="invisible">train-fred-vuln-20-years-richixbw/?utm_source=rss&amp;utm_medium=rss&amp;utm_campaign=train-fred-vuln-20-years-richixbw</span></a></p><p><a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://infosec.exchange/tags/SecurityNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityNews</span></a></p>
AAKL<p>This has been remediated. </p><p>Tenable: OCI, Oh My: Remote Code Execution on Oracle Cloud Shell and Code Editor Integrated Services <a href="https://www.tenable.com/blog/remote-code-execution-on-oracle-cloud-shell-and-code-editor-integrated-services" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">tenable.com/blog/remote-code-e</span><span class="invisible">xecution-on-oracle-cloud-shell-and-code-editor-integrated-services</span></a> <span class="h-card" translate="no"><a href="https://infosec.exchange/@tenable" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>tenable</span></a></span> <a href="https://infosec.exchange/tags/Oracle" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Oracle</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a></p>
AAKL<p>Surfing the web these days is like swimming with sharks, more so in a totalitarian world. Make sure you always have fingerprinting protection. What is fingerprinting? It's something you definitely don't want looking over your shoulder: (most recent definition is from 2024) EFF: <a href="https://ssd.eff.org/module/what-fingerprinting" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">ssd.eff.org/module/what-finger</span><span class="invisible">printing</span></a></p><p>- That little square canvas extraction box next to the address field? Adding fingerprinting protection will help confuse it so it doesn't pin you down. Some browsers support it natively. If not, there are some good, (honest) extensions for that.</p><p>- Inspect cookie preferences every time. If you're not given a choice, leave. A lot of websites from the neanderthal age still order you to accept cookies without question. You might think it's a hassle, but it depends on how much you value your data. Companies trying to steal it value it even more. That should tell you something.</p><p>- Delete all cookies when you're done browsing. </p><p>- Make sure your browser offers some serious privacy controls. </p><p>- Use a VPN, though it will slow you down a bit.</p><p><a href="https://infosec.exchange/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a></p>
urlDNA.io :verified:<p>Possible Phishing 🎣<br> on: ⚠️hxxps[:]//miitmxklogun[.]webflow[.]io<br> 🧬 Analysis at: <a href="https://urldna.io/scan/687798593b7750000e6b7ecf" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">urldna.io/scan/687798593b77500</span><span class="invisible">00e6b7ecf</span></a><br><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/phishing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>phishing</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/urldna" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>urldna</span></a> <a href="https://infosec.exchange/tags/scam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>scam</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a></p>
TechnoTenshi :verified_trans: :Fire_Lesbian:<p>Ukrainian hackers, with military intel support, wiped 47TB of data from Russian drone maker Gaskar Integration, halting operations and exposing links with China. Systems and backups destroyed, production paralyzed.</p><p><a href="https://prm.ua/en/ukrainian-hackers-destroyed-the-it-infrastructure-of-a-russian-drone-manufacturer-what-is-known/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">prm.ua/en/ukrainian-hackers-de</span><span class="invisible">stroyed-the-it-infrastructure-of-a-russian-drone-manufacturer-what-is-known/</span></a></p><p><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/Ukraine" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ukraine</span></a> <a href="https://infosec.exchange/tags/cyberwar" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cyberwar</span></a></p>
ṫẎℭỚ◎ᾔ ṫ◎ℳ<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@briankrebs" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>briankrebs</span></a></span> everyone in <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> too seem to quote your recent story👍🏼</p>
AAKL<p>Basically a self-promotion. </p><p>Microsoft: Protecting customers from Octo Tempest attacks across multiple industries <a href="https://www.microsoft.com/en-us/security/blog/2025/07/16/protecting-customers-from-octo-tempest-attacks-across-multiple-industries/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">microsoft.com/en-us/security/b</span><span class="invisible">log/2025/07/16/protecting-customers-from-octo-tempest-attacks-across-multiple-industries/</span></a> <a href="https://infosec.exchange/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a></p>
AAKL<p>This is an old one. How could he fall for this?</p><p>"The DoJ’s indictment against Slater doesn’t reveal what app he used, but he talked to someone claiming to be a Ukrainian woman repeatedly via the app and email."</p><p>Malwarebytes: Dating app scammer cons former US army colonel into leaking national secrets <a href="https://www.malwarebytes.com/blog/news/2025/07/dating-app-scammer-cons-former-us-army-colonel-into-leaking-national-secrets" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">malwarebytes.com/blog/news/202</span><span class="invisible">5/07/dating-app-scammer-cons-former-us-army-colonel-into-leaking-national-secrets</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/espionage" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>espionage</span></a></p>
BeyondMachines :verified:<p>Critical VMware vulnerabilities enable Virtual Machine escape, host compromise</p><p>Broadcom has patched multiple critical VMware vulnerabilities discovered at Pwn2Own 2025 that enable attackers with local admin privileges on virtual machines to escape to host systems and execute arbitrary code, affecting VMware ESXi, Workstation, Fusion, and VMware Tools. The vulnerabilities were demonstrated with near-perfect reliability and have existing proof-of-concept exploits.</p><p>**If you are running VMware on your laptop, PC or servers, read this advisory. There are some very nasty flaws that enable user (or process) on a VMware guest OS to breach the isolation and attack the host. Time to patch VERY QUICKLY. Isolation doesn't work because the attacker will already have access to the VMware system.**<br><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/advisory" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>advisory</span></a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a><br><a href="https://beyondmachines.net/event_details/critical-vmware-vulnerabilities-enable-virtual-machine-escape-host-compromise-0-v-9-m-o/gD2P6Ple2L" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">beyondmachines.net/event_detai</span><span class="invisible">ls/critical-vmware-vulnerabilities-enable-virtual-machine-escape-host-compromise-0-v-9-m-o/gD2P6Ple2L</span></a></p>
Shodan Safari<p>ASN: AS206105<br>Location: Woodbridge, GB<br>Added: 2025-07-14T10:50</p><p><a href="https://infosec.exchange/tags/shodansafari" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>shodansafari</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a></p>
urlDNA.io :verified:<p>Possible Phishing 🎣<br> on: ⚠️hxxps[:]//bafkreidcvro46yq6o6fxfrvnnpbqahpdvsgungsgjcpk45xmh7oz5xjz7m[.]ipfs[.]dweb[.]link<br> 🧬 Analysis at: <a href="https://urldna.io/scan/687798573b7750000a0b0f4d" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">urldna.io/scan/687798573b77500</span><span class="invisible">00a0b0f4d</span></a><br><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/phishing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>phishing</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/urldna" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>urldna</span></a> <a href="https://infosec.exchange/tags/scam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>scam</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a></p>
passwords<p>6L){e4/=}`']*<span class="h-card" translate="no"><a href="https://mastodon.social/@m" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>m</span></a></span>}{<a href="https://mastodon.social/tags/s2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>s2</span></a></p><p>UnfreezeOblivious4Ranging</p><p><a href="https://mastodon.social/tags/bot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bot</span></a> <a href="https://mastodon.social/tags/password" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>password</span></a> <a href="https://mastodon.social/tags/passphrase" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>passphrase</span></a> <a href="https://mastodon.social/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://mastodon.social/tags/opsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opsec</span></a></p>
Mike Sheward<p>Good new SaaS vendor assessment question I’ve been using…</p><p>What is your process for updating your customer facing status page in the event of an incident?</p><p>You will learn so much from this, including…</p><p>- do they even have a status page<br>- if they do, do they know how to work it<br>- if its managed by the engineering side of the house or marketing, which can give you clues as too what is important in their org culture<br>- how transparent they are willing to be about a topic that actually isn’t all that sensitive in the grand scheme of all the things you could ask about</p><p><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a></p>