Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
nerdculture.de is one of the many independent Mastodon servers you can use to participate in the fediverse.
Be excellent to each other, live humanism, no nazis, no hate speech. Not only for nerds, but the domain is somewhat cool. ;) No bots in general. Languages: DE, EN, FR, NL, ES, IT

Administered by:

Server stats:

1.2K
active users

nerdculture.de: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.7

#cybersec

9 posts6 participants1 post today
Public
RDP Snitch

2025-03-28 RDP #Honeypot IOCs - 181569 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
138.199.24.6 - 91545
156.146.57.110 - 42849
156.146.57.52 - 10716

Top ASNs:
AS60068 - 93561
AS212238 - 64269
AS135161 - 10653

Top Accounts:
hello - 181455
Test - 33
eltons - 15

Top ISPs:
DataCamp Limited - 93561
Datacamp Limited - 64269
GMO-Z.COM PTE. LTD. - 10653

Top Clients:
Unknown - 181569

Top Software:
Unknown - 181569

Top Keyboards:
Unknown - 181569

Top IP Classification:
hosting & proxy - 160374
hosting - 10710
Unknown - 10440

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
pastebin.com/BiF6s8Jh

Pastebin2025-03-28_stats.json - Pastebin.comPastebin.com is the number one paste tool since 2002. Pastebin is a website where you can store text online for a set period of time.
#CyberSec#SOC#Blueteam
Public *
thereisnoanderson

NEW - ⛸️🧱🖥️

DCG Domain Blocklist available - last updated 2025/03/26

1692751 - Domains blocked with that build !

🦜
🐻
Supercharging your content blocker to increase privacy and security.

All available lists:
- uBlockOrigin
- Hosts format & Hosts format with wildcards
- dnsmasq with wildcards

🌳
Ready to use lists combined from many permissively licensed sources.

divested.dev/pages/dnsbl

#divested #DivestedComputingGroup

#DCG

#fsf #FUTO #Fedora #codeberg #hardening #linuxtech #cybersec #cybersecurity #infosec #antivirus #hackernews
#opensource #linuxsecurity #vulnerabilities #vulnerability #alpinelinux #router #skynet #foss #freeyourmind

divested.devDnsbl - Divested Computing
Public
Bích-Mây Nguyễn :verified:

"23andMe customers who once turned over the most personal form of information to the company — their own genetic data — may want it back after the personal genomics and biotech startup declared bankruptcy on Sunday.

The 19-year-old company is seeking a buyer, which means that if it is not deleted, customer data could be transferred to any company that acquires 23andMe."

cbsnews.com/news/how-to-delete

CBS News · Here's how to delete your personal data and genetic sample from 23andMeBy Megan Cerullo
#data#InfoSec#CyberSec
Public
thereisnoanderson

NEW - ⛸️🧱🖥️

DCG Domain Blocklist available - last updated 2025/03/17

1697005 - Domains blocked with that build !

🦜
🐻
Supercharging your content blocker to increase privacy and security.

All available lists:
- uBlockOrigin
- Hosts format & Hosts format with wildcards
- dnsmasq with wildcards

🌳
Ready to use lists combined from many permissively licensed sources.

divested.dev/pages/dnsbl

#divested #DivestedComputingGroup

#DCG

#fsf #FUTO #Fedora #codeberg #hardening #linuxtech #cybersec #cybersecurity #infosec #antivirus
#opensource #android #linuxsecurity #vulnerabilities #vulnerability #alpinelinux #router #skynet #foss

divested.devDnsbl - Divested Computing
Public
nicole schwartz amazonv

We would love to hear your talk, and are very supportive of new speakers at The Diana Initiative happening 4 August 2025 in Las Vegas during "Hacker Summer Camp". Please submit to our Call for Presentations.

sessionize.com/tdi2025/

Submit before March 25 for the chance to get feedback on your CFP

Feb 22nd 2025: Call For Presentations Opens

Mar 25th 2025: Call For Presentations Round 1 Closes

April 8th 2025: Speaker Acceptance Notifications Sent for Round 1

May 19th 2025: Call for Presentations Round 2 Closes

June 9rd 2025: Final Speaker Acceptance Notifications Sent

sessionize.comTDI2025: Call for PresentationsBack for the 9th year,​ The Diana Initiative​ is hosting a one-day diversity-driven conference with the goal to create a more inclusive information se...
#CFP#informationsecurity#infosec
Public
beardedtechguy@infosec:~$

This news today about SAML is something everyone should be watching closely! I posted about it a little bit ago.

Nearly all apps and platforms use SAML for authentication and to have this breach can cause some serious ramifications.

Please be vigilant and security conscious all!

#InfoSec #Security #CyberSec infosec.exchange/@0x40k/114155

Infosec Exchange0x40k (@0x40k@infosec.exchange)Just stumbled across something kinda scary... SAML authentication issues! Now, I know it sounds super technical, but honestly, this affects ANYONE using Single Sign-On. Seriously! Think about logging into Netflix, Google, all that stuff – a lot of it uses SAML. What if someone could just waltz right in pretending to be you? SAML's basically the language websites use to confirm you are who you say you are. And Single Sign-On (SSO) makes it so you only log in once to access everything. Now, about CVEs, they're like wanted posters for security flaws. CVE-2025-25291, CVE-2025-25292, CVE-2025-25293 are the numbers to remember. The problem lies in how XML is being interpreted. Two programs, same code, totally different results – NOT GOOD. Imagine two bouncers checking the same ID, but one lets everyone in, and the other doesn't. Total chaos! As a pentester, I see these "parser differentials" way more often than I'd like. The devil's always in the details, right? Big deal? HUGE. Account Takeover is totally possible! Hackers could swipe your identity. This affects the ruby-saml library – which is frequently used in web applications. Affected versions: < 1.12.4 and >= 1.13.0, < 1.18.0. Huge shoutout to GitHub Security Lab for finding this! They're lifesavers. Good news, though! Updates are here: ruby-saml 1.12.4 and 1.18.0. So, check if your web apps are using ruby-saml. And if they are, UPDATE THEM. Like, NOW. This isn't a joke. Also, regular pentests are worth their weight in GOLD. Automated tools often miss stuff like this. Do you use SAML? What are your experiences with it? How do you secure your web applications? Ever run into similar parsing issues? Let's share info and help keep everyone safe! #infosec #pentesting #security
ExploreLive feeds
About