Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
mathstodon.xyz is one of the many independent Mastodon servers you can use to participate in the fediverse.
A Mastodon instance for maths people. We have LaTeX rendering in the web interface!

Administered by:

Server stats:

2.8K
active users

mathstodon.xyz: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.7

#apt

7 posts7 participants0 posts today
Public *
⠠⠵ avuko

npr.org/2025/04/15/nx-s1-53558

This story should be front and centre in all of #infosec

DOGE either wittingly or unwittingly* gives highest level access to Russian actors. See the whistleblower documentation added below.

“In fact, in the minutes after DOGE accessed the NLRB's systems, someone with an IP address in Russia started trying to log in, according to Berulis' disclosure. Those attempts were blocked, but they were especially alarming. Whoever was attempting to log in was using one of the newly created DOGE accounts — and the person had the correct username and password, according to Berulis.”

*) unwittingly only because they have no wit. Wanna bet they create the same user/password combos every place they pillage and burn? Wanna bet RU has these credentials? Wanna bet RU has a real-time view on which accesses the DOGE boys create (probably because these traitors broadcast them over insecure channels)?

whistlebloweraid.org/wp-conten

[Edit] Reading carefully through the whistleblower documentation now. My current analysis: Holy shit.

#cybersecurity#APT
Replied in thread
Public *
smxi

@freddy then to realize you have to do it all again because you forgot to set #apt config item no install recommends before apt install anything. That basically nullifies the entire point of using netinstall since the cascading chain of recommends pulling in recommends ruins a stripped down system.

There used to be a much leaner install method, businesscard if I remember right, which made netinstall look positively bloated, that's what most of my original #Debian installs are based on.

Public
Verfassungklage@troet.cafe

#APT3.0 #Paketmanager erschienen – das ist neu - #fosstopia:

Die #Linux-Welt verzeichnet einen bedeutenden Schritt: Der beliebte Paketmanager #APT geht in Version 3.0 an den Start. Die Veröffentlichung markiert den Beginn einer neuen stabilen Serie, gewidmet Steve Langasek, einem prägenden Mitgestalter von #Debian und #Ubuntu, der am 1. Januar 2025 verstarb.

fosstopia.de/apt-3-0-paketmana

fosstopia · APT 3.0 Paketmanager erschienen – das ist neu - fosstopiaTechnik-Blog für Linux, Unix, Open Source, Cloud Computing, Nachhaltigkeit und Co.
Public
Christoffer S.

(google.com / Mandiant) Windows Remote Desktop Protocol: Remote to Rogue - Analysis of Novel Russian APT Campaign

cloud.google.com/blog/topics/t

As always a very good write-up and detailed analysis of some novel use of RDP by Russian APTs. Involves signed RDP, and interesting proxy-behaviour.

Worth reading (as always!)

#Cybersecurity #ThreatIntel #Russia #APT #RDP #

Google Cloud BlogWindows Remote Desktop Protocol: Remote to Rogue | Google Cloud BlogA novel phishing campaign by Russia-nexus espionage actors targeting European government and military organizations.
SearchLive feeds
About