Public
- Public
- Network
- Groups
- Popular
- People

Notices by Jerry Bell :verified_paw: (jerry@infosec.exchange)

Jerry Bell :verified_paw: (jerry@infosec.exchange)'s status on Tuesday, 15-Nov-2022 23:56:03 JST Jerry Bell :verified_paw:

This message for everyone on the fediverse:
First, please ensure you go into your account settings and enable two/multi factor authentication. No, I mean do it right now. I’ll wait till you’re done.
…
…
Ok, thank you.
Now, if you are the admin of a mastodon instance, please go upgrade to 4.0.2 ASAP.
Background: https://portswigger.net/research/stealing-passwords-from-infosec-mastodon-without-bypassing-csp
In conversation Tuesday, 15-Nov-2022 23:56:03 JST from infosec.exchange permalink
Attachments
1. Domain not in remote thumbnail source whitelist: portswigger.net
  
  Stealing passwords from infosec Mastodon - without bypassing CSP
  
  The story of how I could steal credentials on Infosec Mastodon with a HTML injection vulnerability, without needing to bypass CSP. Everybody on our Twitter feed seemed to be jumping ship to the infose
Jerry Bell :verified_paw: (jerry@infosec.exchange)'s status on Sunday, 02-Dec-2018 01:44:41 JST Jerry Bell :verified_paw:

My herd.
In conversation Sunday, 02-Dec-2018 01:44:41 JST from infosec.exchange permalink
Attachments
1. Untitled attachment
  https://rainyman.jp/system/media_attachments/files/000/343/751/original/a667c8ec04d0e157.jpeg
Jerry Bell :verified_paw: (jerry@infosec.exchange)'s status on Monday, 01-Oct-2018 06:18:13 JST Jerry Bell :verified_paw:

Cyber Security Awareness Month
Tomorrow starts national cyber security awareness month (NCSAM). I'm going to take a break from my normal complaining about what does not work and attempt to write a post per day for the next month with suggestions for making improvements based on things I've learned the hard way. NCSAM normally focuses on the "user" experience,…[...]
https://infosec.engineering/cyber-security-awareness-month-2/
In conversation Monday, 01-Oct-2018 06:18:13 JST from infosec.exchange permalink
Attachments
1. No result found on File_thumbnail lookup.
  
  Cyber Security Awareness Month
  
  By jerry from Infosec Engineering
  
  Tomorrow starts national cyber security awareness month (NCSAM). I’m going to take a break from my normal complaining about what does not work and attempt to write a post per day for the nex…
Jerry Bell :verified_paw: (jerry@infosec.exchange)'s status on Tuesday, 18-Sep-2018 07:52:59 JST Jerry Bell :verified_paw:

Just look at what we can do with this technology!
In conversation Tuesday, 18-Sep-2018 07:52:59 JST from infosec.exchange permalink
Attachments
1. Untitled attachment
  https://files.mastodon.social/media_attachments/files/006/419/952/original/593658ddeac8c733.jpeg

User actions

Cloud CISOPodcast: https://defensivesecurity.orgBlog: https://infosec.engineeringTwitter: @maliciouslinkhttps://Infosec.Exchange Admin#infosec #security #cybersecurity #risk #fedi22…and for fucks sake, be nice to each other. We are only here for a brief time. Make it enjoyable.

Tags