Infosec.Pub

4,699 readers
110 users here now

To support infosec.pub, please consider donating through one of the following services:

Paypal: jerry@infosec.exchange

Ko-Fi: https://ko-fi.com/infosecexchange

Patreon: https://www.patreon.com/infosecexchange

founded 2 years ago
ADMINS
jerry
shellsharks
modbot
listing: all - local
1076
5
Using lightweight LLMs to cut incident response times and reduce hallucinations (www.helpnetsecurity.com)
submitted 1 month ago by lemmydev2 to c/pulse_of_truth
0 comments fedilink
 
 

Researchers from the University of Melbourne and Imperial College London have developed a method for using LLMs to improve incident response planning with a focus on reducing the risk of hallucinations. Their approach uses a smaller, fine-tuned LLM combined with retrieval-augmented generation and decision-theoretic planning. The three steps of the method for incident response planning The problem they target is familiar: incident response is still largely manual, slow, and reliant on expert-configured playbooks. Many organisations … More → The post Using lightweight LLMs to cut incident response times and reduce hallucinations appeared first on Help Net Security.

1077
8
ghrc.io Appears to be Malicious (bmitch.net)
submitted 1 month ago by lemmydev2 to c/pulse_of_truth
0 comments fedilink
 
 

Comments

1078
10
Bro, ban me at the IP level if you don't like me (boston.conman.org)
submitted 1 month ago by lemmydev2 to c/pulse_of_truth
1 comments fedilink
 
 

Comments

1079
2
Profiling Sea Turtle: Tactics, History & Defenses - "Sea Turtle is a Türkiye-nexus threat actor known for conducting state-affiliated espionage operations since at least 2017." (www.invictus-ir.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
1080
5
Investigation Report: APT36 Malware Campaign Using Desktop Entry Files and Google Drive Payload Delivery (www.cloudsek.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
1081
6
🌀 Fast-Flux DNS: How Malware Uses DNS to Stay Invisible (medium.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
1082
2
From Campus to C2: Tracking a Persistent Chinese Operation Against Vietnamese Universities (ctrlaltint3l.github.io)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
1083
4
Uncovering the Chinese Proxy Service Used in APT Campaigns (spur.us)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
1084
5
Chinese National Sentenced to Prison for Deploying Destructive Computer Code on Ohio-based Company’s Global Network (www.justice.gov)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
1085
5
The head of a hacking group that also targeted BTS's Jungkook and the president has been arrested and extradited by the Ministry of Justice - " repatriated Chinese national" (www.yna.co.kr)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
 
 

https://www.sportskeeda.com/us/k-pop/news-head-hacking-ring-reportedly-stole-8-4-billion-won-hybe-shares-bts-jungkook-arrested

1086
7
You don’t find ManualFinder, ManualFinder finds you - "we’re seeing activity where PUPs are dropping highly suspicious files, executing unexpected commands, and turning hosts into residential proxies" (expel.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
1087
6
Bug bounties: The good, the bad, and the frankly ridiculous ways to do it (www.theregister.com)
submitted 1 month ago by lemmydev2 to c/pulse_of_truth
0 comments fedilink
 
 

For incentives remember the three Fs – finance, fame, and fixing it feature  Thirty years ago, Netscape kicked off the first commercial bug bounty program. Since then, companies large and small have bought into the idea, with mixed results.…

1088
7
ESP32 Sets Sail as a Modern Bus Pirate Powerhouse (hackaday.com)
submitted 1 month ago by lemmydev2 to c/pulse_of_truth
0 comments fedilink
 
 

Bus Pirate is nearly a household name in the hardware hacking world. The first version came out way back in 2008, and there have been several revisions since then. You …read more

1089
7
Revealing Taste (www.nytimes.com)
submitted 1 month ago by lemmydev2 to c/pulse_of_truth
0 comments fedilink
 
 

A clever leak exposed the music habits of some famous people — and two Times journalists.

1090
21
A German ISP tampered with their DNS - specifically to sabotage my website (lina.sh)
submitted 1 month ago by lemmydev2 to c/pulse_of_truth
3 comments fedilink
 
 

Comments

1091
6
AI crawlers user-agent strings? (lemmy.zip)
submitted 1 month ago by m33@lemmy.zip to c/ai_infosec
3 comments fedilink
 
 

Hi

Any recommandations for an actively maintained AI user-agent list please ?

This is not perfect but I use that trick to block or slow down some of them... If you have a better way I'm all ears.

1092
4
Detecting CVE-2025-43300: A Deep Dive into Apple's DNG Processing Vulnerability | Matt Suiche (www.msuiche.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
1093
6
EXPOSING The Billion Dollar SECRET VPN Companies Are Hiding (www.youtube.com)
submitted 1 month ago by dumnezero@piefed.social to c/infosec_news
2 comments fedilink
 
 

If you're using a VPN to stay safe, this will anger you.
You were told a VPN would shield you. Protect your data. Keep you anonymous. But what if the tool you downloaded for privacy was literally designed to watch you?

This video uncovers the full story behind the most dangerous VPN ever made—used by Facebook to spy on teenagers—and how today’s most trusted VPNs are following the same exact blueprint.

If you’ve ever felt unsure about who to trust online, this video will give you the receipts, the checklist, and the countermeasures you actually need.

Inside this video, you’ll learn:
• How Facebook turned a “privacy app” into a surveillance weapon
• The Israeli cyber intel unit behind Onavo and why it matters
• What Project Ghostbusters did to break HTTPS encryption
• Why 20+ top VPNs are secretly owned by spyware vendors
• The real story behind ExpressVPN, Kape Technologies, and fake “independent” review sites
• The 7-point checklist every VPN must pass to be trusted
• Better tools to protect yourself: DoH, hardened Firefox, Tor, browser isolation, and more

1094
18
Phishing Emails Are Now Aimed at Users and AI Defenses - "Clearly written in the style of Grok, Gemini or ChatGPT style prompts,. nothing to do with luring the users. Instead.. n AI prompt-injection" (malwr-analysis.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
1095
2
REcover: towards recovering object files from stripped binary executables (link.springer.com)
submitted 1 month ago* (last edited 1 month ago) by digicat to c/blueteamsec
0 comments fedilink
 
 

https://github.com/huku-/recover

1096
36
I Hacked Monster Energy and Uncovered Their Employee Training Material (bobdahacker.com)
submitted 1 month ago by lemmydev2 to c/pulse_of_truth
3 comments fedilink
 
 

Comments

1097
8
Colorado Democrats condemn sale of 9News’ parent company to owner of Fox31 (coloradosun.com)
submitted 1 month ago by cm0002@piefed.world to c/colorado
0 comments fedilink
1098
3
SynoScope is a python-based, lightweight, batteries-included analyzer that turns can provide valuable information regarding your DiskStation Manager (DSM) status within the undocumented Synology recov (github.com)
submitted 1 month ago by digicat to c/blueteamsec
1 comments fedilink
1099
2
Surprise AMA 08/22/2025 (www.youtube.com)
submitted 1 month ago by rss@ibbit.at to c/cardano
0 comments fedilink
 
 

From Charles Hoskinson via this RSS feed

1100
3
Countering EDRs With The Backing Of Protected Process Light (PPL) (www.zerosalarium.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
view more: ‹ prev next ›