Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
cyberplace.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Cybersecurity, fandom, video games, technology, dog photos and most importantly, you.

Administered by:

Server stats:

965
active users

cyberplace.social: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.7

jagjag6 boosted
Public
Sam Litzinger

It remains a complete mystery to me why Democratic party leaders STILL haven’t created a briefing/press conference to follow the daily White House lie fest.

Have two or three Dems hammer away at a couple of key points, take some questions, keep it tight.

Good road test for future presidential candidates.

News organizations would fall over themselves to cover these.

It would cost Democrats nothing - it’s literally free advertising.

Did no Democrat take a comms or PR course in school?

jagjag6 boosted
Public
Kevin Beaumont

The new version of Copilot announced today can automatically create podcasts.

You no longer have to wait to listen to old white men talking about subjects they don’t understand, you can have endless AI content trained on them too!!

jagjag6 boosted
Public
Kevin Beaumont

We have an update. Reuters and Bloomberg confirm my blog, that’s there’s a security incident going on at Oracle cloud. Oracle declined to comment, after lying to @BleepingComputer and other outlets on the record.

CrowdStrike is the IR company.

“Oracle staff acknowledged to some clients this week that an attacker had gotten into a legacy environment, Bloomberg News report said.”

reuters.com/technology/cyberse

jagjag6 boosted
Public
Kevin Beaumont

“The company informed customers that the system has not been in use for eight years and that the stolen client credentials therefore pose little risk, the report added. The stolen data included Oracle customer log-in credentials from as recently as 2024, the report said.”

This would be Oracle Classic, aka Gen1. I’ve been told the systems were left online after migration.. unpatched.

Oracle are trying to play legacy angle - but what else was stolen? What else did the attacker do? Why cover up?

jagjag6 boosted
Public
MITRE ATT&CK

🚪🗝️ Let’s sneak in through the backdoor to peek at more adversary techniques.

Today, we focus on T1059.001: Command-Line Interface: PowerShell, which is being used by a notable APT group to deploy their -- you guessed it -- signature backdoor.

jagjag6 boosted
Public *
Kevin Beaumont

100% on this one, seen all the time on real world incidents.

Problem: somebody got a password for an account and nobody knows how.

How: the business user signed into their personal Google account in Chrome at work, which synced all their bookmarks and saved passwords to Google. Then they switched on their home PC, Chrome synced, and infostealer took all the details

Solution: Google Chrome ADMX, and set Group Policy to turn off personal account sign in with Chrome.

infosec.exchange/@Walker/11426

Infosec ExchangeWalker (@Walker@infosec.exchange)@GossiTheDog@cyberplace.social The larger problem for corporations is browser sync for passwords, login cookies and tokens, and other sensitive data. Home PCs do not have advanced EDR and if it gets compromised that could expose corporate resources.
jagjag6 boosted
Public
Amy Diehl, Ph.D.

While male billionaires (Musk, Zuckerberg, Bezos) line up to kiss Trump's ring & sacrifice the integrity of their media publications, Laurene Powell Jobs (owner of The Atlantic) has not & has stood behind the journalism of her publication.
thewrap.com/laurene-powell-job

TheWrap · In Praise of Laurene Powell Jobs, Owner of The Atlantic, Superhero of SignalgateThough a billionaire, The Atlantic owner Laurene Powell Jobs has not found a reason to kiss Trump’s ring and has backed the publication during Signalgate.
ExploreLive feeds
About