Discover and read the best of Twitter Threads about #itsecurity

Most recents (9)

Got an alert on my #applenews that made me look twice... Looks like @FastCompany got hacked some bit ago, and it's still in caches and what went out via alerts, but the live site appears clean... #hacked #itsecurity #uhoh
Live scrape looks clean, so either they got control again or this was some sort other activity that caused the #Google and #Apple scraping/alerting to trigger.
Poked to see what their infra looks like, but it is behind @fastly, so tougher to get a good look at what's going on.
>dog --short fastcompany.com
151.101.1.54
151.101.193.54
151.101.129.54
151.101.65.54
> whois 151.101.129.54 | grep OrgName
OrgName: Fastly, Inc.
Read 4 tweets
Ok, so I took a look at detecting the LDAP bruteforcer ldapnomnom (github.com/lkarlslund/lda… by @lkarlslund) with vanilla Zeek (@Zeekurity) and vanilla @Suricata_IDS (w. ET Open). (Thanks to @boller for PCAPs)

Short conclusion: Zeek can detect it, Suricata can't.

#itsecurity
1/12
Zeek unfortunately doesn't have a LDAP protocol decoder in the vanilla install. One is available as a package though, but that's for another thread.

2/12
Zeek's conn.log gives enough data to detect this attack. Normal, unencrypted LDAP traffic consists of both UDP and TCP. Common for this traffic is that it's relatively few bytes being transferred - significantly fewer than when ldapnomnom starts bruteforcing.

3/12
Read 13 tweets
Cryptography studies secure communication techniques that only allow the sender and the receiver to view the message by using a secret key.
Cryptography applications involve digital signatures or authentication, electronic or digital money, SIM card authentication, encrypting devices, sensitive emails, protecting confidential data, securing websites, WhatsApp encryption, etc.
In the coming years, encryption will go mainstream, if it has not already, and blockchains will be used more prominently for data storage, in which case hacking the system is close to impossible due to its decentralized nature.
Read 6 tweets
Noch was: Mit 25 Millionen Steuergeldern, nem Rapper, den Medien, der Politik und Haebmau hätte man die Besten der Besten an Codern anheuern können. Wenn man gewollt hätte. Aber man hat sich lieber Trump-PR gefahren, gelogen und Nebelkerzen geworfen. Jetzt ... 1/ #lucaapp
... ist das Image kaputt und die Erde verbrannt. Niemand, der Ansehen und Qualifikationen hat in der IT-Branche wird einer Firma helfen, die den Ruf hat, Mist zu bauen, nicht dazu zu stehen, aggressives Marketing mit Schuldzuweisungen bei dilettantischem Code zu machen. 2/
Die #opensource-Welt hat geholfen, die #ITsecurity-Welt hat geholfen, der @chaosupdates hat geholfen, die Medien haben geholfen, die #Datenschützer haben geholfen, das @BSI_Bund hat geholfen. Alle gratis. Viel mehr geht nicht. Die einzige Reaktion? Anderen die Schuld geben. 3/
Read 5 tweets
Thread -> Meine schriftliche Frage an die Bundesregierung deckte Erschreckendes auf: Jede 4. Stelle zu IT-Sicherheit in Bundesministerien u nachgeordneten Behörden ist unbesetzt! Im BMI fast jede 3. Nachher beim @heutejournal, jetzt schon online beim @ZDF: zdf.de/nachrichten/po…
Mein Statement für das @ZDF zu Seehofers 577 unbesetzten IT Sicherheitsstellen... ⬇️ /2
Von 2.822 IT-Sicherheitsstellen im Bund sind 731 (😱) unbesetzt, 26%! Eine Information, die vermutlich viele verunsichert. Wie wenig Ahnung von der Notwendigkeit sicherer IT muss man haben, um das zu tolerieren? Zur Erinnerung: /3
Read 12 tweets
This thread includes all my #infographics so far, they present different terms related to Information Security 🔐

It's an easy way to learn new things 📖 I hope it will be useful to the community. RT appreciated 🌐

Follow me @Guillaume_Lpl for more about #infosec #cybersecurity
What is a Botnet & How ti works?
Follow me @Guillaume_Lpl for more about #infosec #cybersecurity #dataprivacy #ITsecurity #technology
What is a Bug Bounty?
Follow me @Guillaume_Lpl for more about #infosec #cybersecurity #dataprivacy #ITsecurity #technology
Read 29 tweets
For those who want to learn about #infosec 🔐 here is a #thread that includes all my #infographics.
An easy way to learn new things 📖Feel free to share with your community🌐

Follow @Guillaume_Lpl for more things about #CyberSecurity #startup #ITsecurity #security #technologies
Some good tools useful in Infosec

Follow @Guillaume_Lpl for more things about #infosec #cybersecurity
Some good tools useful for OSINT

Follow @Guillaume_Lpl for more things about #infosec #cybersecurity
Read 20 tweets
Thread updated of my infograhics : To make things more convenient and to help beginners in #infosec , I decided to regroup my #infographics with this tweet ! #Cybersecurity #Startups #IoT #ITsecurity #Security #tools
Some good tools useful in Infosec : by @Guillaume_Lpl #infosec #cybersecurity #Infographic
Some good tools for Mobile APP Security Testing : by @Guillaume_Lpl #infosec #cybersecurity #Infographic
Read 13 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!