eupolicy.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
This Mastodon server is a friendly and respectful discussion space for people working in areas related to EU policy. When you request to create an account, please tell us something about you.

Server stats:

214
active users

#infosec

143 posts107 participants1 post today
Dumb Password Rules<p>This dumb password rule is from HM Revenue &amp; Customs (UK Tax).</p><p>We store basically all of your data, but we can't store your password.</p><p><a href="https://dumbpasswordrules.com/sites/hm-revenue-and-customs-uk-tax/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">dumbpasswordrules.com/sites/hm</span><span class="invisible">-revenue-and-customs-uk-tax/</span></a></p><p><a href="https://infosec.exchange/tags/password" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>password</span></a> <a href="https://infosec.exchange/tags/passwords" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>passwords</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/dumbpasswordrules" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dumbpasswordrules</span></a></p>
Dan G<p><strong>The Call Came…</strong></p><p class="">Cybernews published an example of agentic AI acting like an insider threat with Replit’s AI tooling wiping a production database, ignoring a code-freeze, inventing user data, then lying about it not due to malicious intent, but because it predicted that was the right way to fulfill its goals.</p><p class="">You may have caught my post last week about Anthropic’s research showing that models under goal conflict act strategically: blackmail, sabotage, even murder by omission. Now we have a real, commercial coding AI doing nearly the same thing as the research experiments: ignoring explicit instructions, rewriting critical assets, and lying about its state.</p><p class="">The Replit AI article in Cybernews is here: <a href="https://cybernews.com/ai-news/replit-ai-vive-code-rogue/" rel="nofollow noopener" target="_blank">https://cybernews.com/ai-news/replit-ai-vive-code-rogue/</a></p><p class="">You can read my full breakdown of Anthropic’s research here: <a href="https://dan.glass/2025/07/14/the-call-is-coming-from-inside-the-model/" rel="nofollow noopener" target="_blank">https://dan.glass/2025/07/14/the-call-is-coming-from-inside-the-model/</a></p><p><a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://dan.glass/tag/agenticai/" target="_blank">#agenticai</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://dan.glass/tag/ai/" target="_blank">#ai</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://dan.glass/tag/artificialintelligence/" target="_blank">#ArtificialIntelligence</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://dan.glass/tag/cybersecurity/" target="_blank">#cybersecurity</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://dan.glass/tag/infosec/" target="_blank">#infosec</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://dan.glass/tag/security/" target="_blank">#security</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://dan.glass/tag/technology/" target="_blank">#technology</a></p>
AAKL<p>If you missed this:</p><p>The Register: Arch Linux users told to purge Firefox forks after AUR malware scare <a href="https://www.theregister.com/2025/07/22/arch_aur_browsers_compromised/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">theregister.com/2025/07/22/arc</span><span class="invisible">h_aur_browsers_compromised/</span></a> <span class="h-card" translate="no"><a href="https://geeknews.chat/@theregister" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>theregister</span></a></span> <span class="h-card" translate="no"><a href="https://social.vivaldi.net/@lproven" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>lproven</span></a></span> <a href="https://infosec.exchange/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/Mozilla" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Mozilla</span></a></p>
the magnificent rhys<p>That's a crime then.</p><p>I don't know US-specific law but if you ever even suggest or imply protectively marked secret shit in the UK you immediately lose your clearance, almost certainly lose your job, and usually face criminal charges.</p><p>I personally know people who ruined their entire lives by doing this by virtue of misspelling an email address.</p><p>But none of this matters given the administration Americans chose.</p><p><a href="https://mastodon.rhys.wtf/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://mastodon.rhys.wtf/tags/USPol" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>USPol</span></a> <a href="https://mastodon.rhys.wtf/tags/USPolitics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>USPolitics</span></a> </p><p><a href="https://www.washingtonpost.com/national-security/2025/07/23/hegseth-signalgate-classified-secret/?pwapi_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZWFzb24iOiJnaWZ0IiwibmJmIjoxNzUzMjQzMjAwLCJpc3MiOiJzdWJzY3JpcHRpb25zIiwiZXhwIjoxNzU0NjI1NTk5LCJpYXQiOjE3NTMyNDMyMDAsImp0aSI6IjJhNTM1Yjc2LThkNjAtNDJiZS04YjIxLTY0ZGVlMmQxNjU2NSIsInVybCI6Imh0dHBzOi8vd3d3Lndhc2hpbmd0b25wb3N0LmNvbS9uYXRpb25hbC1zZWN1cml0eS8yMDI1LzA3LzIzL2hlZ3NldGgtc2lnbmFsZ2F0ZS1jbGFzc2lmaWVkLXNlY3JldC8ifQ.0ZfVmHOagV4Sqob7oYKs_hKt-ZMnzh36CPqRqAZKRsw" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">washingtonpost.com/national-se</span><span class="invisible">curity/2025/07/23/hegseth-signalgate-classified-secret/?pwapi_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZWFzb24iOiJnaWZ0IiwibmJmIjoxNzUzMjQzMjAwLCJpc3MiOiJzdWJzY3JpcHRpb25zIiwiZXhwIjoxNzU0NjI1NTk5LCJpYXQiOjE3NTMyNDMyMDAsImp0aSI6IjJhNTM1Yjc2LThkNjAtNDJiZS04YjIxLTY0ZGVlMmQxNjU2NSIsInVybCI6Imh0dHBzOi8vd3d3Lndhc2hpbmd0b25wb3N0LmNvbS9uYXRpb25hbC1zZWN1cml0eS8yMDI1LzA3LzIzL2hlZ3NldGgtc2lnbmFsZ2F0ZS1jbGFzc2lmaWVkLXNlY3JldC8ifQ.0ZfVmHOagV4Sqob7oYKs_hKt-ZMnzh36CPqRqAZKRsw</span></a></p>
No Starch Press<p>The best IT folks document their weird fixes, answer beginner questions, and make time for the "silly" problems. None of us came in knowing it all. We all learned by asking someone else. Let’s be that someone when we can be. </p><p><a href="https://mastodon.social/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://mastodon.social/tags/SysAdmin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SysAdmin</span></a> <a href="https://mastodon.social/tags/DevOps" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DevOps</span></a> <a href="https://mastodon.social/tags/IT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IT</span></a> <a href="https://mastodon.social/tags/tech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tech</span></a></p>
Brian Greenberg :verified:<p>🤖 Vibe coding isn’t bold, it’s naïve. This Replit incident isn’t just funny as an AI fail, it’s a perfect example of what happens when people code without understanding the boundaries or consequences. When you skip the pain of real-world dev experience, you don’t know what good looks like. That’s how you end up with agents deleting production databases and then lying to you about it. Beware: The shortest path is often the most dangerous—especially when it’s led by a stochastic parrot trained to sound confident. 🤬 </p><p>We need seasoned developers, clear governance, and hard constraints. Not vibes. 🤦🏻‍♂️ </p><p>TL;DR<br>⚠️ Replit AI agent deleted prod DB<br>🔍 Lied, faked data + tests<br>🚨 Broke code freeze unprompted<br>🧠 CEO admits lack of safeguards</p><p><a href="https://www.techtarget.com/searchsoftwarequality/news/366627829/Replit-AI-agent-snafu-shot-across-the-bow-for-vibe-coding" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">techtarget.com/searchsoftwareq</span><span class="invisible">uality/news/366627829/Replit-AI-agent-snafu-shot-across-the-bow-for-vibe-coding</span></a><br><a href="https://infosec.exchange/tags/VibeCoding" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VibeCoding</span></a> <a href="https://infosec.exchange/tags/AIFail" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AIFail</span></a> <a href="https://infosec.exchange/tags/DevOps" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DevOps</span></a> <a href="https://infosec.exchange/tags/SoftwareDevelopment" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SoftwareDevelopment</span></a> <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://infosec.exchange/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> <a href="https://infosec.exchange/tags/cloud" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cloud</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/fail" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fail</span></a></p>
Christoffer S.<p>I'm all for naming APTs, but ... c'mon: Dropping Elephant?</p><p><a href="https://arcticwolf.com/resources/blog/dropping-elephant-apt-group-targets-turkish-defense-industry/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">arcticwolf.com/resources/blog/</span><span class="invisible">dropping-elephant-apt-group-targets-turkish-defense-industry/</span></a></p><p><a href="https://swecyb.com/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://swecyb.com/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a></p>
Lockdownyourlife<p>Class is Thursday, 24 July. <br>Now is a really good time to take your digital safety seriously. If you're out in the streets or simply supporting a cause, this class is for you. <a href="https://lockdownyourlife.as.me/data-deletion" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">lockdownyourlife.as.me/data-de</span><span class="invisible">letion</span></a> </p><p><a href="https://infosec.exchange/tags/tech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tech</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> <a href="https://infosec.exchange/tags/safety" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>safety</span></a> <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://infosec.exchange/tags/community" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>community</span></a></p>
V'ger<p>In an ongoing ISO/IEC 27001 certification project I am responsible for the risk assessment and implementation of the necessary controls. And I kinda wanna do that stuff full time (as in: having it be my main job).</p><p>It just totally fits into how my AuDHD works. I do have to talk to people quite a lot, but that's not such a big problem, as I mainly work from home. My brain just connects with the required skill of seeing the big picture and keeping track of the details. I do have to take lots of notes, though.</p><p>Usually, I have a problem with many context switches. But in this project, everything is just so interconnected, that it doesn't bother me at all. I can basically see the picture slowly forming in my head.</p><p><a href="https://gts.necronomi.co/tags/actuallyaudhd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ActuallyAuDHD</span></a> <a href="https://gts.necronomi.co/tags/actuallyautistic" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ActuallyAutistic</span></a> <a href="https://gts.necronomi.co/tags/actuallyadhd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ActuallyADHD</span></a> <a href="https://gts.necronomi.co/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a></p>
FIRST.org<p>FIRST CEO Chris Gibson met with Cybernews to discuss why global collaboration is essential in cybersecurity. The in-depth interview explores his journey from leading CERT-UK to guiding FIRST's expansion to support 800+ member teams across 113 countries.</p><p>Highlights: </p><p>🌐 "No organization can face cybersecurity alone" - collaboration transcends borders <br>⚡ Businesses without strategic incident response are "flying blind in a storm" <br>🔧 The importance of tested, actionable playbooks over theoretical plans <br>🚀 How automation and real-time cross-border cooperation are shaping the future <br>💡 Our new CORE Initiative with Fortinet expanding global training programs</p><p>Read more: <a href="https://go.first.org/h1dDJ" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">go.first.org/h1dDJ</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/CyberDefense" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberDefense</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <br><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a></p>
urlDNA.io :verified:<p>Possible Phishing 🎣<br> on: ⚠️hxxp[:]//apples-service-care[.]vercel[.]app<br> 🧬 Analysis at: <a href="https://urldna.io/scan/68810f003b77500009ab205c" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">urldna.io/scan/68810f003b77500</span><span class="invisible">009ab205c</span></a><br><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/phishing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>phishing</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/urldna" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>urldna</span></a> <a href="https://infosec.exchange/tags/scam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>scam</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a></p>
AAKL<p>Charming.</p><p>Socket: Surveillance Malware Hidden in npm and PyPI Packages Targets Developers with Keyloggers, Webcam Capture, and Credential Theft <a href="https://socket.dev/blog/surveillance-malware-hidden-in-npm-and-pypi-packages" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">socket.dev/blog/surveillance-m</span><span class="invisible">alware-hidden-in-npm-and-pypi-packages</span></a> <span class="h-card" translate="no"><a href="https://fosstodon.org/@SocketSecurity" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>SocketSecurity</span></a></span> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/Python" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Python</span></a> <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a></p>
BeyondMachines :verified:<p>Mozilla releases updates for Firefox, 18 vulnerabilities patched, multiple critical</p><p>Mozilla released Firefox and Thunderbird security updates addressing multiple high-severity vulnerabilities with CVSS scores up to 9.8, including several memory safety bugs and JavaScript engine flaws that could enable arbitrary code execution and system compromise. The patches affect Firefox 141, multiple Firefox ESR versions (115.26, 128.13, 140.1), and corresponding Thunderbird releases.</p><p>**Time to update your Mozilla Firefox, Thunderbird and the Firefox based browsers (Waterfox, LibreWolf, Zen...). Yes, there is a difference between the CVSS score severity and Mozilla severity. But realistically, it's much faster to just update the browser than burn time on debating the severity and then finding out that hackers did find a way to exploit it - after they hacked you. So update the browsers, all tabs reopen automatically.**<br><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/advisory" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>advisory</span></a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a><br><a href="https://beyondmachines.net/event_details/mozilla-releases-updates-for-firefox-18-vulnerabilities-patched-multiple-critical-q-0-k-m-8/gD2P6Ple2L" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">beyondmachines.net/event_detai</span><span class="invisible">ls/mozilla-releases-updates-for-firefox-18-vulnerabilities-patched-multiple-critical-q-0-k-m-8/gD2P6Ple2L</span></a></p>
Lockdownyourlife<p>Linux is a pain in the ass. </p><p>I can barely get people to use Signal or enable 2FA, you think they're ready for Linux? Nope. Even the people who use it, complain about it. 🙃 </p><p>Start where people are, and with the systems they use every day.</p><p>If they want to transition, cool cool cool, prepare to have every bro debate the best distro with you and why the one you use isn't the right one. </p><p>~~~~~<br>I teach cool security &amp; privacy ish to the end user and I'm pretty great at it. Follow for more nifty ways to make men cry.</p><p><a href="https://infosec.exchange/tags/tech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tech</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/safety" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>safety</span></a> <a href="https://infosec.exchange/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a></p>
Shodan Safari<p>ASN: AS17<br>Location: West Lafayette, US<br>Added: 2025-07-19T18:18</p><p><a href="https://infosec.exchange/tags/shodansafari" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>shodansafari</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a></p>
Dumb Password Rules<p>This dumb password rule is from AT&amp;T.</p><p>The only special characters allowed are underscores and hyphens.</p><p><a href="https://dumbpasswordrules.com/sites/at-andt/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">dumbpasswordrules.com/sites/at</span><span class="invisible">-andt/</span></a></p><p><a href="https://infosec.exchange/tags/password" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>password</span></a> <a href="https://infosec.exchange/tags/passwords" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>passwords</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/dumbpasswordrules" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dumbpasswordrules</span></a></p>
Quad9DNS<p>We have open-sourced our visualization tool for mapping realtime events onto a view of the Earth. </p><p>The WebGL tool takes websocket data or static JSON with geographic information and allows a variety of views and analysis to be performed on the data that is projected on the map.</p><p>Have fun with it!! 😻 </p><p><a href="https://github.com/Quad9DNS/GlobeOfWonder" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/Quad9DNS/GlobeOfWon</span><span class="invisible">der</span></a></p><p><a href="https://mastodon.social/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://mastodon.social/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a></p>
ReynardSec<p>Would you like to learn how to craft a raw TCP socket without Winsock?</p><p>In latest posts, Mateusz Lewczak explains how the AFD.sys driver works under the hood on Windows 11. In Part 1 [1], he demonstrates how to use WinDbg and the NtCreateFile call to manually craft a raw TCP socket, bypassing the Winsock layer entirely.</p><p>Part 2 of the series [2] dives into the bind and connect operations implemented via AFD.sys IOCTLs. Mateusz shows how to intercept and analyze IRP packets, then reconstruct the buffer needed to perform the three‑way TCP handshake by hand in kernel mode.</p><p>[1] <a href="https://leftarcode.com/posts/afd-reverse-engineering-part1/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">leftarcode.com/posts/afd-rever</span><span class="invisible">se-engineering-part1/</span></a><br>[2] <a href="https://leftarcode.com/posts/afd-reverse-engineering-part2/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">leftarcode.com/posts/afd-rever</span><span class="invisible">se-engineering-part2/</span></a></p><p><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>windows</span></a></p>
Redhotcyber<p>🔥 CORSO "ACTIVE DIRECTORY PENETRATION TEST". APERTE LE PRE ISCRIZIONI E AVVIATA LA PROMO🔥</p><p>💥OFFERTA ESCLUSIVA entro il 31 AGOSTO! -15% sul prezzo già scontato del corso (in quanto è la prima live class su questo argomento) a chi effettua la pre-iscrizione entro l 31 di Agosto!</p><p>Informazioni di dettagli del corso: 📩 Per info e iscrizioni scrivi a formazione@redhotcyber.com oppure su WhatsApp al 393791638765 <a href="https://www.redhotcyber.com/servizi/academy/live-class-active-directory-ethical-hacking/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">redhotcyber.com/servizi/academ</span><span class="invisible">y/live-class-active-directory-ethical-hacking/</span></a></p><p>📩 Per info e iscrizioni scrivi a formazione@redhotcyber.com oppure su WhatsApp al 393791638765</p><p>🔥 Diventa un ethical hacker professionista ora! Non perdere tempo!</p><p><a href="https://mastodon.bida.im/tags/redhotcyber" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redhotcyber</span></a> <a href="https://mastodon.bida.im/tags/formazione" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>formazione</span></a> <a href="https://mastodon.bida.im/tags/formazioneonline" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>formazioneonline</span></a> <a href="https://mastodon.bida.im/tags/ethicalhacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ethicalhacking</span></a> <a href="https://mastodon.bida.im/tags/hacker" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacker</span></a> <a href="https://mastodon.bida.im/tags/activedirectory" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>activedirectory</span></a> <a href="https://mastodon.bida.im/tags/microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>microsoft</span></a> <a href="https://mastodon.bida.im/tags/ethicalhacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ethicalhacking</span></a> <a href="https://mastodon.bida.im/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a> <a href="https://mastodon.bida.im/tags/pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentest</span></a> <a href="https://mastodon.bida.im/tags/penetrationtesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>penetrationtesting</span></a> <a href="https://mastodon.bida.im/tags/corsoonline" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>corsoonline</span></a> <a href="https://mastodon.bida.im/tags/corsodiformazione" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>corsodiformazione</span></a> <a href="https://mastodon.bida.im/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://mastodon.bida.im/tags/redteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redteam</span></a></p>
Dumb Password Rules<p>This dumb password rule is from Walmart.</p><p>Your password must include the following:<br>- 8-100 characters<br>- Upper &amp; lowercase letters<br>- At least one number or special character</p><p><a href="https://dumbpasswordrules.com/sites/walmart/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">dumbpasswordrules.com/sites/wa</span><span class="invisible">lmart/</span></a></p><p><a href="https://infosec.exchange/tags/password" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>password</span></a> <a href="https://infosec.exchange/tags/passwords" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>passwords</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/dumbpasswordrules" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dumbpasswordrules</span></a></p>