Notices by infosec-handbook.eu (infosechandbook@mastodon.at), page 2

infosec-handbook.eu (infosechandbook@mastodon.at)'s status on Saturday, 05-Jan-2019 04:50:16 UTC infosec-handbook.eu

Most consumer routers don't make use of modern security features of Linux:
https://cyber-itl.org/assets/papers/2018/build_safety_of_software_in_28_popular_home_routers.pdf (PDF file)
– 28 popular routers don't make use of ASLR (Address Space Layout Randomization), DEP (Data Execution Prevention), RELRO (RELocation Read-Only), and stack guards
– report contains Asus, D-Link, Linksys, Netgear, Synology, TP-Link, and Trendnet routers
#router #security #infosec #cybersecurity #aslr #dep #relro #linux #stack

In conversation Saturday, 05-Jan-2019 04:50:16 UTC from mastodon.at permalink
infosec-handbook.eu (infosechandbook@mastodon.at)'s status on Monday, 24-Dec-2018 05:24:08 UTC infosec-handbook.eu

Nearly 19,500 Orange LiveBox ADSL modems are leaking WiFi credentials:
https://www.zdnet.com/article/over-19000-orange-modems-are-leaking-wifi-credentials/
– vulnerability (CVE-2018-20377) allows a remote attacker to obtain the WiFi password and SSID for the modem's internal WiFi network just by accessing the modem's get_getnetworkconf.cgi
– nearly all modems are located in France and Spain
– see also https://github.com/zadewg/LIVEBOX-0DAY
#modem #adsl #orange #livebox #vulnerability #infosec #cybersecurity #security
In conversation Monday, 24-Dec-2018 05:24:08 UTC from mastodon.at permalink
Attachments
1. Untitled attachment
infosec-handbook.eu (infosechandbook@mastodon.at)'s status on Sunday, 25-Nov-2018 15:10:28 UTC infosec-handbook.eu

Benefits of our experimental Dat mirror:
– you don't need to connect to a centralized hosting provider
– you can seed all files of our blog by yourself and support P2P hosting
– you can download a full local copy of our blog
– you can read our content even if our blog is down (e.g. due to maintenance)
#p2p #dat #datproject #blog #decentralized #infosechandbook #infosec #cybersecurity

In conversation Sunday, 25-Nov-2018 15:10:28 UTC from mastodon.at permalink
infosec-handbook.eu (infosechandbook@mastodon.at)'s status on Monday, 01-Oct-2018 18:09:18 UTC infosec-handbook.eu

Mastodon :mastodon: security:
864 out of 2050 Mastodon instances (which report their version according to instances.social) are still running vulnerable Mastodon server software (< 2.4.4).
See also:
https://mastodon.at/@infosechandbook/100597698990522530
#mastodon #security #vulnerability #infosec #security #cybersecurity

In conversation Monday, 01-Oct-2018 18:09:18 UTC from mastodon.at permalink
infosec-handbook.eu (infosechandbook@mastodon.at)'s status on Tuesday, 25-Sep-2018 16:43:32 UTC infosec-handbook.eu

Ad-blocker uBlock Origin got per-site JavaScript master switch:
https://github.com/gorhill/uBlock/releases/tag/1.17.0
#ublockorigin #ublock #adblock #adblocker #javascript #js #privacy

In conversation Tuesday, 25-Sep-2018 16:43:32 UTC from mastodon.at permalink
infosec-handbook.eu (infosechandbook@mastodon.at)'s status on Saturday, 19-May-2018 14:39:17 UTC infosec-handbook.eu

"A Formal Security Analysis of the Signal Messaging Protocol", Extended Version November 2017 (University of Oxford, MacMaster University)
https://eprint.iacr.org/2016/1013.pdf
#signal #protocol #infosec #cybersecurity #security
In conversation Saturday, 19-May-2018 14:39:17 UTC from mastodon.at permalink
Attachments
1. Untitled attachment
infosec-handbook.eu (infosechandbook@mastodon.at)'s status on Monday, 30-Apr-2018 19:24:08 UTC infosec-handbook.eu

Critical security vulnerability in XMPP messenger Conversations 2.
Conversations 2.x users should immediately update to 2.1.4.
Conversations 1.x and Conversations Legacy are officially not affected.
Source: iNPUTmice via Twitter
#conversations #xmpp #vulnerability

In conversation Monday, 30-Apr-2018 19:24:08 UTC from mastodon.at permalink

Public

Notices by infosec-handbook.eu (infosechandbook@mastodon.at), page 2

User actions

Following 0

Followers 0

Groups 0

Statistics

Feeds