Collaborate Disseminate
I have received many security emails from LinkedIn over the past few weeks. An example is shown below (redaction mine)
I do not live in the USA and I did not try to access LinkedIn at the times these were received.
Two things suggested to… Continue reading Is it bad practice to prompt users to reset password when there is no evidence of a breach?
I posted a question to SuperUser. I then walked away from my computer for ~15 minutes, and when I got back it appeared that someone was accessing my computer remotely, moving the cursor around, opening apps, and docs. I quickly switched to… Continue reading Remote access hack soon after posting portion of registry in a question [closed]
I have bunch of cat images whose names are sha1 of website where it was posted.
Here is an example: 3afec3b4765f8f0a07b78f98c07b83f013567a0a.jpg
website: http://www.example.com/image.jpg
If sha1 is simple/dumb function i.e. hash = sha1(‘te… Continue reading Why can’t we produce original text from sha1 if there is no random salt attached
CVE-2021-33909 AKA "Sequoia" is a vulnerability against the filesystem code within the Linux kernel. According to the description of the vulnerability from Qualys
Successful exploitation of this vulnerability allows any unprivil… Continue reading How does Sequoia allow unprivileged users to get root if it requires mounting a filesystem?
First off, this may not be the right community. If it’s not, I apologize and please close this and point me in the right direction.
Apple will start enforcing two-factor authentication for its developer accounts in February and we are tryi… Continue reading Shared Apple Dev Accounts Two Factor Auth
I am an Xbox gamer. I have been dealing with a person who has used his skill set to DDoS me. It’s proven via messages (reported messages MANY times and nothing has been done).
I believe the intensity of the attacks have increased to a much… Continue reading Am I dealing with a crafty DDOS attack? [closed]
I am running Kali Linux (2020.1b 64bit) via VirtualBox (6.1) on a macOS host (10.15.4) with a brand new Alfa AWUS036NH network card attached via USB.
The network card is recognised by Kali Linux and is set to monitoring mode:
$ iwconfig … Continue reading Alfa card scans networks for a few mins and only when replugging it into USB port [migrated]
I have a YubiKey 5c nano attached to my laptop used for 2FA, etc. It works great and is unobtrusive, but I feel like the small form factor encourages leaving it plugged into the laptop all the time, essentially weakening the two-factor nat… Continue reading Is there a way to "lock" a YubiKey after a period of inactivity?
I’m downloading a small sample tar file using curl and outputting verbose log to see the details:
curl -v -H ‘Connection: close’ https://ftp.gnu.org/gnu/gcc/gcc-2.95.1/gcc-objc-2.95.1.tar.gz > /dev/null
And this is the … Continue reading What is the meaning of this TLS output: TLSv1.2 (OUT), TLS alert, Client hello (1)
We have generated an internal root Certificate Authority for our organization and added X509v3 Name Constraints for our domain (example.com)
We issued a number of certificates for servers under that domain.
Now, we have a s… Continue reading Can I adjust the X509v3 Name Constraints on my internal CA after I have issued certificates?