Profile avatar
deepthoughts10.infosec.exchange.ap.brid.gy
#InfoSec #Cybersecurity #threatintel and Politics. I try my best. Also @[email protected] Searchable [bridged from https://infosec.exchange/@deepthoughts10 on the fediverse by https://fed.brid.gy/ ]
59 posts 11 followers 2 following
Prolific Poster
Conversation Starter
Posts 30 Comments 18

Timeline cleanser. šŸ‘

submitted 1 day ago ā€¢ 56 comments

If you're not blocking trycloudflare\\.com at the perimeter, now's the time: #opendir 's: https://em-ash-announcements-alpha.trycloudflare\\.com/1DSAHJKSA/ -> https://did-efficiency-than-lenses.trycloudflare\\.com -> https://reached-theoretical-regular-impact\\.trycloudflare.com

submitted 8 days ago ā€¢ 1 comment

The speed with which some of these attacks proceed after initial access is incredible. #phishing From: @nopatience https://swecyb.com/@nopatience/114034869881365685

submitted 8 days ago ā€¢ 0 comments

šŸ¤” #Mozilla advertising #Firefox on a suburban commuter train in Chicago šŸ¤”

submitted 8 days ago ā€¢ 0 comments

Proofpointā€™s latest research, available here: https://www.proofpoint.com/us/blog/threat-insight/update-fake-updates-two-new-actors-and-new-mac-malware #cybersecurity From: @threatinsight https://infosec.exchange/@threatinsight/114026458519902586

submitted 9 days ago ā€¢ 0 comments

Join us @ 10:30 ET for GreyNoise Stormāš”ļøWatch! Today, we ask if you think your WFH cow-orker seems sketch, they might literally be working from North Korea. We cover the bizarre tale of an Arizona woman busted for running a seekrit laptop farm. https://stormwatch.ing/ 1/3

submitted 10 days ago ā€¢ 1 comment

Really interesting article on this ransomware operators tactics, this part especially so: ā€œEarly Warnings Suggest Entra Connect Is Next Targetā€ I think itā€™s worth your time to harden your Microsoft #EntraID Connect (formerly Azure AD Sync) configuration as this is not the first article Iā€™ve [ā€¦]

submitted 10 days ago ā€¢ 0 comments

Sekoia has a detailed write up of some malware they are tracking complete with IOCs and Sigma rules. Check it out. #cybersecurity #threatintel #threathunting From: @sekoia_io https://infosec.exchange/@sekoia_io/114018468425381290

submitted 11 days ago ā€¢ 0 comments

At this point, most organizations donā€™t need the old Azure AD Seamless SSO configuration as they use the more modern Entra ID Native or Hybrid join features. AFAIK the Seamless SSO feature was used to support Windows 8 and 2012 systems. If you donā€™t have any of those, you should be ok to [ā€¦]

submitted 11 days ago ā€¢ 0 comments

One interesting bit from the Elastic writeup referenced below is the malwareā€™s use of legit IP look-up services like these: hxxps://ip-api.io/json hxxps://ipinfo.io/json hxxps://myexternalip.com/raw hxxps://ipapi.co/json/ hxxps://jsonip.com/ Lots of malware make use of these legitimate [ā€¦]

submitted 12 days ago ā€¢ 0 comments

If you help maintain #cybersecurity on a business network you should absolutely block Telegramā€”thereā€™s nothing good there. If you have a web security proxy like Netskope or Zscaler, or an NGFW, block it there. You can also block it via DNS. Blocking these domains should do the job: telegram.me [ā€¦]

submitted 12 days ago ā€¢ 1 comment

If you can completely disable device code flows using Conditional Access, you should do so. If you cannot, at least limit which user IDs can use them. If you allow any users to use device code flows, use the #KQL provided to hunt for abuse. #cybersecurity #microsoft From: @fabian_bader [ā€¦]

submitted 12 days ago ā€¢ 0 comments

This #Cat had a happy Valentineā€™s Day #catsofmastodon #caturday

submitted 13 days ago ā€¢ 0 comments

This cat wears his baseball cap backwards like all the cool kids #caturday #catsofmastodon #cats

submitted 19 days ago ā€¢ 0 comments

Surprise! I'm changing things up a bit. I had originally planned to publish my #Indieweb / #Fediverse / #cybersecurity newsletter, "Scrolls", on Sundays but have decided that Friday works better for me _actually_ getting it out on time. So, since it's Friday, here ya go! [ā€¦]

submitted 21 days ago ā€¢ 2 comments

Drop what you are doing and read this incredible story from Wired, if you can. After that, come back here. https://www.wired.com/story/edward-coristine-tesla-sexy-path-networks-doge/ It mentions that a 19 y/o man who's assisting Musk's team and who has [ā€¦] [Original post on infosec.exchange]

submitted 22 days ago ā€¢ 8 comments

I knew there had to be an ulterior motive to his behavior. From: @GossiTheDog https://cyberplace.social/@GossiTheDog/113951804684067306

submitted 22 days ago ā€¢ 0 comments

Hey @screaminggoat welcome back from your court-ordered anger management course

submitted 29 days ago ā€¢ 0 comments

It didnā€™t take long for DeepSeek to be compromised. I guess being good at creating LLMā€™s doesnā€™t translate to being good at security. Cc: @GossiTheDog @screaminggoat https://www.wiz.io/blog/wiz-research-uncovers-exposed-deepseek-database-leak #deepseek #cybersecurity

submitted 29 days ago ā€¢ 0 comments

My semi-regular reminder: block *.trycloudflare.com if you donā€™t use it. It is heavily abused by bad people. This is a free service from Cloudflare which makes it attractive to people trying to do bad things. Of course, Cloudflare will take down the accounts when presented with evidence of [ā€¦]

submitted 30 days ago ā€¢ 0 comments

Please share: Our Max Planck Institute recently left X and is present here on Mastodon. Give them a follow! Beautiful pictures from the science of light! #Mastodon #Physics #Science #Light #Quantum #Optics #Photonics #Pictures @maxplanckgesellschaft From: @MPI_ScienceOfLight [ā€¦]

submitted 30 days ago ā€¢ 7 comments

submitted 32 days ago ā€¢ 2 comments

Hoopla you are killing me. Upgrade the app? Fine. Delete all downloaded content? No. Especially right before I get on a 5 hour flight. #bummer #audiobooks

submitted 33 days ago ā€¢ 0 comments

This tactic of sending unsolicited messages and calls via Teams has an easy solutionā€”only allow specific external domains to communicate with your end users. Review your Teams logs, see which domains your users are communicating with, add them to the allow list and enable the control. Make your [ā€¦]

submitted 38 days ago ā€¢ 0 comments

This tactic of sending unsolicited messages and calls via Teams has an easy solutionā€”only allow specific external domains to communicate with your end users. Review your Teams logs, see which domains your users are communicating with, add them to the allow list and enable the control. Make your [ā€¦]

submitted 38 days ago ā€¢ 0 comments

"My fellow felines, we climb onto counters not because it is allowed, but because it is forbidden. And in this defiance, we find greatness.ā€ #Caturday #PawsOTUS

submitted 41 days ago ā€¢ 1 comment

All tucked in for a nap on a cold winter day #caturday #catsofmastodon #cats

submitted 41 days ago ā€¢ 0 comments

Mastodonā€™s founder cedes control, refuses to become next Musk or Zuckerberg https://arstechnica.com/tech-policy/2025/01/mastodon-becomes-nonprofit-to-make-sure-its-never-ruined-by-billionaire-ceo/ Mastodon shifts to non-profit ownership, calls for $5M in donations to expand.

submitted 45 days ago ā€¢ 0 comments

I canā€™t believe the#Microsoft #Azure East US2 networking issues are still on-going a full day later https://azure.status.microsoft/en-us/status

submitted 49 days ago ā€¢ 0 comments

Today, like everyday, is a good day for a nap. #cats #catsofmastodon #caturday

submitted 62 days ago ā€¢ 0 comments