cybersecurity - A little place on the Internet

Third-Annual >Shark Week. Come say Hi! ( shellsharks.com )

Hey everyone! My name is Mike and I write about #infosec, #tech and other things at https://shellsharks.com. I'm currently running an event this week I refer to as >Shark Week (https://shellsharks.com/sharkweek), which is essentially just me posting some sort of "content" each day for the entire week, coinciding with actual...

Android forces us to run a WiFi hotspot. Not good. OpenVPN workaround… ( fedia.io )

(article linked from m/Android)

What are You Working on Wednesday ( fedia.io )

Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.

Future of /m/cybersecurity and thoughts/suggestions for the community. ( fedia.io )

Hey Fedia-folk of /m/cybersecurity! Wanted to get a quick pulse-check and collect some thoughts from the community here regarding their usage both current and future. I'll...

Should I renew my CISSP? ( fedia.io )

Couldn't find a poll option so I guess people can just weigh in on their thoughts here. I've been a "CISSP-holder" since 2015/2016-ish and have always had the renewal fees paid for by my employer. My renewal date has come and unfortunately I don't think I'll be getting any employer assistance paying the fee this time around. Is...

Exploiting a Video Camera's Rolling Shutter to Recover Secret Keys from Devices Using Video Footage of Their Power LED ( www.nassiben.com )

Cybersec Cheat Sheets in all Flavors! (Huge List Inside) ( github.com )

"UGH! Whats the command to [insert function here]?"...

".Zip" top-level domains draw potential for information leaks ( blog.talosintelligence.com )

Some more context around adversaries registering actual “.zip” files as domains.

shellsharks: posts about infosec, technology and life itself. ( shellsharks.com )

Hey infosec/cyber/tech folks of the fediverse! With reddit being a mess coupled with my interest in becoming more fedi-active/aware, I wanted to share out my site/blog where I post mostly about cyber and tech but also venture into other non cyber/tech stuff. Check it out and find me on Mastodon if you want to connect or chat!...

What are You Working on Wednesday ( fedia.io )

Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.

Training Tuesday - Discussions for certs, training and learning-at-home ( fedia.io )

Weekly thread to discuss industry certifications, trainings and other courses/learning. Ask questions, share your experiences and help others!

Conducting a Crown Jewels Analysis (CJA) ( www.mitre.org )

Anyone familiar/have experience with conducting a Crown Jewels Analysis (CJA)? MITRE’s SEG (“Systems Engineering Guide”) has a process for doing this (page 167) but there are certainly other methodologies. Am working on something like this so any anecdotes would be cool to hear about!

Semgrep & Jupyter (Do you use either?) ( research.nccgroup.com )

Now here’s two tools I wish I was more experienced with - Semgrep and Jupyter. Beyond this cool article from NCC, I’m interested to hear from anyone who uses either one of these tools. How did you get started, what do you do with them, etc…