After over 15 years of using #google, my account has been permanently disabled without any reason given. All my emails, contacts, photos, docs, accounts connecting with google, etc.... Everything is gone. Without warning or chance of recovery. I'm at a complete loss...

https://twitter.com/Cleroth/status/1318911490863337472

**Daniel Cid** · Oct 21, 2020, 16:18

Daniel Cid boosted

**Mast Security** @mastsec@noc.social · Oct 21, 2020, 16:18

Oct 21, 2020, 16:18

Mast Security @mastsec@noc.social

Loginizer < 1.6.4 - Unauthenticated SQL Injection

https://wpscan.com/vulnerability/10441

This is serious. Over 1m WordPress sites have this plugin running.

If you are using WordPress, check if this plugin is installed - and update now.

**Daniel Cid** @dcid@noc.social · Oct 19, 2020, 18:44

**Daniel Cid** @dcid@noc.social · Oct 19, 2020, 18:44

Oct 19, 2020, 18:44

Daniel Cid @dcid@noc.social

Scary growth of the DDoS attacks size through the years...

https://cloud.google.com/blog/products/identity-security/identifying-and-protecting-against-the-largest-ddos-attacks

Good read to understand how Google thinks and handles DDoS attacks.

2e9469780e65f618.jpg?1603133037

**Daniel Cid** · Oct 17, 2020, 17:41

Daniel Cid boosted

**Eric Chadbourne** @sillystring@infosec.exchange · Oct 17, 2020, 17:41

Oct 17, 2020, 17:41

Eric Chadbourne @sillystring@infosec.exchange

The absolutely fascinating story of the JP Morgan Chase hack. #infosec #podcast

https://darknetdiaries.com/episode/76/

**Daniel Cid** @dcid@noc.social · Oct 16, 2020, 05:28

**Daniel Cid** @dcid@noc.social · Oct 16, 2020, 05:28

Oct 16, 2020, 05:28

Daniel Cid @dcid@noc.social

@ScottMortimer Love learning about new tools to try. thanks for sharing.

**Daniel Cid** · Oct 16, 2020, 04:41

Daniel Cid boosted

**Scott Mortimer** @ScottMortimer@infosec.exchange · Oct 16, 2020, 04:41

Oct 16, 2020, 04:41

Scott Mortimer @ScottMortimer@infosec.exchange

~Open Source Security Tool of the Day~

#osstotd

Fully automated offensive security framework for reconnaissance and vulnerability scanning

https://j3ssie.github.io/Osmedeus/

**Daniel Cid** · Oct 15, 2020, 19:14

Daniel Cid boosted

**Tony Perez** @perezbox@noc.social · Oct 15, 2020, 19:14

Oct 15, 2020, 19:14

Tony Perez @perezbox@noc.social

The level of blatant censorship occurring on all social platforms, regardless of where you sit on the political spectrum, should worry us all. Social platforms should not be arbiters of truth, and it's just getting worse.

**Daniel Cid** · Oct 15, 2020, 22:48

Daniel Cid boosted

**Misty** @oolongstains@cybre.space · Oct 15, 2020, 22:48

Oct 15, 2020, 22:48

Misty @oolongstains@cybre.space

My “we have no evidence this outage is caused by a security breach or hack” shirt has people asking a lot of questions already answered by my shirt.

3cb39b2de81b6ecd.png

**Daniel Cid** · Oct 15, 2020, 13:56

Daniel Cid boosted

**r000t** @r000t@infosec.exchange · Oct 15, 2020, 13:56

Oct 15, 2020, 13:56

r000t @r000t@infosec.exchange

Outlook RCE bug is much more serious, but the bug you have to be on the same physical network to exploit got a name, so it's the one people (read: media and managers) think is serious.

cfb5fcfcc8bfa3bf.png

**Daniel Cid** · Oct 15, 2020, 18:20

Daniel Cid boosted

**Tony Perez** @perezbox@noc.social · Oct 15, 2020, 18:20

Oct 15, 2020, 18:20

Tony Perez @perezbox@noc.social

Ok, let's move on to more pressing issues..

What's your highest score: http://www.trex-game.skipser.com/

**Daniel Cid** · Oct 08, 2020, 19:13

Daniel Cid boosted

**Mast Security** @mastsec@noc.social · Oct 08, 2020, 19:13

Oct 08, 2020, 19:13

Mast Security @mastsec@noc.social

-2m scanned websites contained outdated software which could potentially lead to an exploit.

-70k sites were infected with SEO spam, accounting for 39.59% of website infections.

-19k scanned websites contained malicious scripts or iframes from blacklisted domains.

-11% of infected sites were found to include scripts and iframes from blacklisted domains.

Pretty good report from Sucuri:

https://blog.sucuri.net/2020/10/sitecheck-malware-report-september-summary.html

**Daniel Cid** · Oct 08, 2020, 19:55

Daniel Cid boosted

**Krebs on Security Feed** @krebs_on_security_feed@noc.social · Oct 08, 2020, 19:55

Oct 08, 2020, 19:55

Krebs on Security Feed @krebs_on_security_feed@noc.social

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work.

There's an old adage in information security: "Every company gets penetration tested, whether or not they pay someone for the pleasure." Many organizations that do hire professionals to test their network security posture unfortunately tend to focus on fixing vulnerabilities hackers could use to ...
https://krebsonsecurity.com/?p=53255

**Daniel Cid** @dcid@noc.social · Oct 06, 2020, 03:55

**Daniel Cid** @dcid@noc.social · Oct 06, 2020, 03:55

Oct 06, 2020, 03:55

Daniel Cid @dcid@noc.social

Did you know that back in 2003, Verisign thought that it was a good idea to hijack NXDOMAIN answers for all .com and .net domains?

And pushed all those domain typos to their sitefinder product?

http://antonym.org/2003/10/verisign-vs-the-rest-of-the-world.html

http://jdebp.uk./FGA/verisign-internet-coup.html

Glad that did not last.

**Daniel Cid** · Oct 01, 2020, 10:34

Daniel Cid boosted

**Duponette Udonge — A Moon Rabbit Survivor** @duponin@udongein.xyz · Oct 01, 2020, 10:34

Oct 01, 2020, 10:34

Duponette Udonge — A Moon Rabbit Survivor @duponin@udongein.xyz

If you are on mastodon.social please go on another instance
Not because it's a bad one but because it's ruining the federation point by concentrating too many users on a single instance

Many Mastodon, Pleroma, GNU Social, Honk and so on instances would be glad to welcome new users
And those are cool and generally extremely friendly

**Daniel Cid** · Oct 01, 2020, 13:15

Daniel Cid boosted

**Wetrix** @Wetrix@social.privacytools.io · Oct 01, 2020, 13:15

Oct 01, 2020, 13:15

Wetrix @Wetrix@social.privacytools.io

DuckDuckGo slams Google’s Android search engine auction as “fundamentally flawed” - The Verge - https://www.theverge.com/2020/9/29/21494316/microsoft-bing-android-google-search-alternative-option-download

**Daniel Cid** · Sep 30, 2020, 19:07

Daniel Cid boosted

**Kev Quirk** @kev@fosstodon.org · Sep 30, 2020, 19:07

Sep 30, 2020, 19:07

Kev Quirk @kev@fosstodon.org

My thoughts on the Apple walled garden after spending a couple of years in the iOS ecosystem.

https://kevq.uk/the-apple-walled-garden/

#Apple #iOS

**Daniel Cid** · Sep 29, 2020, 22:55

Daniel Cid boosted

**Krebs on Security Feed** @krebs_on_security_feed@noc.social · Sep 29, 2020, 22:55

Sep 29, 2020, 22:55

Krebs on Security Feed @krebs_on_security_feed@noc.social

Who’s Behind Monday’s 14-State 911 Outage?.

Emergency 911 systems were down for more than an hour on Monday in towns and cities across 14 U.S. states. The outages led many news outlets to speculate the problem was related to Microsoft's Azure web services platform, which also was struggling with a widespread outage at the time. However, mu...
https://krebsonsecurity.com/?p=53121

**Daniel Cid** · Sep 30, 2020, 15:54

Daniel Cid boosted

**ʝσɳ** @jonw@hackers.town · Sep 30, 2020, 15:54

Sep 30, 2020, 15:54

ʝσɳ @jonw@hackers.town

I went totally the wrong way with #LinkChomp

ShadyURL - Don't just shorten your URL, make it suspicious and frightening.
http://www.shadyurl.com/

Country: Canada

Website: https://dcid.me

Admin

Founder of CleanBrowsing, Sucuri and OSSEC. Former VP Engineering, GoDaddy - CTO, Sucuri. Builder and breaker by heart.

#security #cleanbrowsing #dns #cdn #opensource

Joined Jun 2020

Daniel Cid @dcid@noc.social

Trending now

Resources

Developers

What is Mastodon?

noc.social

More…