Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
veganism.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Veganism Social is a welcoming space on the internet for vegans to connect and engage with the broader decentralized social media community.

Administered by:

Server stats:

293
active users

veganism.social: AboutStatusPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.0-alpha.5+vegan

#infosec

465 posts252 participants35 posts today
Public
BeyondMachines :verified:

Critical authentication vulnerability reported in Yokogawa Recorder Products
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

BeyondMachinesCritical authentication vulnerability reported in Yokogawa Recorder ProductsA critical security vulnerability (CVE-2025-1863, CVSS 9.3) in Yokogawa industrial recorder products allows unauthorized remote access to all settings and operations functions due to authentication being disabled by default on networked devices. The flaw affects multiple Yokogawa recorder product lines and versions. Yokogawa recommends mitigating the risk by enabling authentication and changing default passwords.
Public
Kim Crawley (she/her) 😷🍉

The Kickstarter for Digital Safety in a Dangerous World is now live!

Check it out here:

kickstarter.com/projects/kimcr

- Advice for ordinary people and political activists for good opsec during politically unpredictable times.
- Reduce your big tech espionage footprint.
- Choose operating systems, applications, and online services that have better encryption and better privacy practices.
- When Microsoft, Google, etc. cannot be avoided, how to use their services and applications more securely.
- Lawful advice, written to be more accessible to laypeople. Technological concepts are defined and explained.
- Learn about Clearview AI, Boston Dynamics, Planitir, and other espionage platforms.
- Research sources include other cybersecurity researchers, at least one human rights lawyer, activists, and organizations such as the EFF.

My previous Kickstarter funded self published book project, the Ultimate Cybersecurity Careers Guide, was successful. I started working on it in December and the Kickstarter was launched at the same time. It was fully funded by February 2025. Most of my research and writing was done between January and March 2025. The eBook came out in March, and the paperback came out just a few weeks ago in April.

That was an overwhelming learning experience! It's a bit intense to do a new book Kickstarter immediately afterward. But current events have made this book more necessary than ever. I should be done the full draft by July or August.

All of my work is made by my own thinking and creativity. (Yes, even my dorky book cover art is made by myself in GIMP.) There is absolutely zero Gen AI in anything that I do. I take pride in my work.

Support human research and creativity!

Kickstarter link: kickstarter.com/projects/kimcr

Pledge awards start at only $20 CAD (approximately $15 USD).

Thank you so much, everyone! If you can't back my second Kickstarter, that's fine. But in that case, please share my new Kickstarter on your social media. If my second Kickstarter is at least as successful as my first, I will be giving eBooks away to some political activists and activism groups as a public service. This cybersecurity and opsec knowledge should be shared with as many people as possible.

Digital Safety in a Dangerous World cover art. Solid black background, multi coloured rainbow lettering and Japanese kanji characters that roughly translate to "Digital Safety in a Dangerous World."
ALT
Kickstarter goals. Goal: $2,500 CAD. eBook in multiple formats, Amazon paperback. Stretch goal 1: $6,000 to add an audiobook Stretch goal 2: $10,000 to add a human translated version of the eBook in a non-English language.
ALT
#Kickstarter#infosec
Public *
Michał "rysiek" Woźniak · 🇺🇦

Boosting with hashtags:
grapheneos.social/@GrapheneOS/

> One of our two senior developers has been forcibly detained and conscripted to participate in a war. When they first went missing, we revoked their repository access as a precaution. (...) Our priority has been keeping them safe.
>
> (...)
>
> If you're an experienced AOSP developer interested in working full time on GrapheneOS in a fully remote position, see grapheneos.org/hiring.

(please boost original toot)

GrapheneOS MastodonGrapheneOS (@GrapheneOS@grapheneos.social)One of our two senior developers has been forcibly detained and conscripted to participate in a war. When they first went missing, we revoked their repository access as a precaution. We soon learned their disappearance was completely unrelated to GrapheneOS. Our priority has been keeping them safe.
#InfoSec#GrapheneOS#Android
Public
0x40k

Wow, this Node.js malware situation is pretty wild, isn't it? 🤯 It's a stark reminder of how quickly attackers pivot and adapt their methods.

Sure, Node.js is incredibly handy, there's no denying that. But, let's be real, it can also be an open door for trouble if you're not careful with implementation. Things like PowerShell exclusions and sneaky obfuscated code are popping up – yeah, staying vigilant is absolutely key these days.

It really drives home what we're always telling our clients: Security by Design is non-negotiable! ☝️ Honestly, getting it right from the very beginning definitely beats scrambling to fix nasty surprises later on.

So, curious to hear from you all: What are *your* go-to tools for managing risks like these? And what strategies do you use to train your teams so they don't get caught out by these tactics? 🤔 Let's share some knowledge!

#infosec#nodejs#malware
Public
Lockdownyourlife

Want to feel better, help keep a Domestic Violence family housed. This month we're supporting a family to get safe housing and new devices (in the works). We're 51% to the goal already (and yes, I take refurbed devices). ko-fi.com/lockdownyourlife

Ko-fiSupport Lock Down Your Life on Ko-fi! ❤️. ko-fi.com/lockdownyourlifeSupport Lock Down Your Life On Ko-fi. Ko-fi lets you support the people and causes you love with small donations
#tech#infosec#MutualAid
Public
shellsharks

Volume twelve of Scrolls is live - it's a magical one! 🧙‍♂️

https://shellsharks.com/scrolls/scroll/2025-04-18

Everyone below contributed in some way either through content they created, or stuff they found and boosted 😃. Thank you thank you! 🙏

@disassociated @shankulkarny @hyde @askDNA @andyandy @e11e @artlung @ruben@social.kedera.nl @KurisuVanEdge @hongminhee @jbaty @hryggrbyr @axxuy @joxean @thejaymo @flan @sylvia @deadsuperhero @QueerMatters @mauricerenck @ImaginaryKarin @digitalsnow @jana @nichteric @justincox @avlcharlie @anubiarts @reiver @bradenslen @hamatti @mike_k @lianna @wafrn @mariobianchi @cwebber @selfcaregentle @jerry @bouletcorp2 @gretared @ApisNecros

shellsharks · Scroll duodecimArcane curation from the IndieWeb, Fediverse and Cybersecurity realms
#indieweb#fediverse#infosec
Public
ZeroDaily

🚨 A new XORDDoS Trojan campaign is targeting Linux systems globally, with U.S. orgs hit hardest. Attackers use SSH brute-force and Docker exploits, evolving C2 tactics to evade detection. Discover infection chains, persistence tricks, and actionable defense tips!

Learn more: zerodaily.me/blog/2025-04-18-x

ZeroDaily - Cybersecurity News · XORDDoS Trojan: 2023–2025 Global Linux DDoS Campaigns, Evolving Infrastructure, and U.S. TargetingA new wave of XORDDoS Trojan attacks has targeted Linux systems worldwide, with a dramatic rise in U.S. victims and evolving command-and-control infrastructure. Here’s what defenders need to know about infection vectors, persistence, and mitigation.
#CyberSecurity#Linux#Malware
Public
BeyondMachines :verified:

CISA reports active exploitation of SonicWall SMA 100 Series vulnerability
#cybersecurity #infosec #attack #activeexploit
beyondmachines.net/event_detai

BeyondMachinesCISA reports active exploitation of SonicWall SMA 100 Series vulnerabilityGlobal cybersecurity authorities have confirmed active exploitation of CVE-2021-20035, a command injection vulnerability in SonicWall SMA 100 Series devices that allows authenticated attackers to execute code despite having limited "nobody" user privileges. CISA has mandated federal agencies patch affected SMA 200, 210, 400, 410, and 500v devices by May 7, 2025, as threat actors are actively targeting organizations that failed to apply the fixes released in 2021.
VegansExploreLive feeds
About