⚠️ Do not be HACKED !! 😱

Software updates include not only new features but also critical security fixes. To keep your site secure and stable, ensure you always use the latest version.

We frequently observe numerous sites across the Fediverse running very outdated versions of Mastodon or Misskey. Some sites are even using versions over a year old.

Be the smart administrator and keep your site up to date.

#Mastodon #Misskey #Fediverse #ActivityPub #PixelFed #PeerTube #InfoSec #Security

⚠️ Aktualisiere deine Website

Mir ist aufgefallen, dass viele Seiten im Fediverse sehr veraltete Versionen von Mastodon oder Misskey verwenden – teilweise älter als ein Jahr.

Software-Updates bringen nicht nur neue Funktionen, sondern enthalten auch wichtige Sicherheitsupdates. Um deine Seite sicher und stabil zu betreiben, solltest du unbedingt darauf achten, die neueste Version deiner Plattform zu verwenden.

#Mastodon #Misskey #Fediverse #ActivityPub #PixelFed #PeerTube #Loops #InfoSec #Security #InfoSecurity

⚠️ Actualiza tu sitio web

He notado que muchos sitios en el Fediverso están utilizando versiones muy antiguas de Mastodon o Misskey — en algunos casos, de más de un año.

Las actualizaciones de software no solo traen nuevas funciones, sino también importantes correcciones de seguridad. Para mantener tu sitio seguro y funcionando correctamente, asegúrate de usar siempre la versión más reciente de tu plataforma.

#Mastodon #Misskey #Fediverse #ActivityPub #PixelFed #PeerTube #Loops #InfoSec #Security #InfoSecurity

What do you use to securely store and manage private #SSH keys?

#Linux #BSD #FOSS #security

⚠️ Please update your site

We frequently observe numerous sites across the Fediverse running very outdated versions of Mastodon or Misskey. Some sites are even using versions over a year old.

Software updates include not only new features but also critical security fixes. To keep your site secure and stable, ensure you always use the latest version.

#Mastodon #Misskey #Fediverse #ActivityPub #PixelFed #PeerTube #Loops #InfoSec #Security #InfoSecurity

Proper FreeBSD system hardning :)
(all for sysctl)

security.bsd.see_other_uids
security.bsd.see_other_gids
--> Don't show other users processes

security.bsd.unprivileged_read_msgbuf
--> Don't allow unprivileges to read kernel buffer (dmesg)

security.bsd.unprivileged_proc_debug
--> Don't allow unprivileged to use debugging

security.bsd.hardlink_check_uid
security.bsd.hardlink_check_gid
--> restrict hardlinks to same user/group

kern.elf64.aslr.enable
kern.elf32.aslr.enable
--> Enable kernel address randomization (ASLR)

security.bsd.unprivileged_mlock
--> Restrict unprivileged users from loading kernel modules

sysctl kern.securelevel=1
--> Cannot lower securelevel
--> Cannot write directly to mounted disks
--> Cannot write to /dev/mem or /dev/kmem
--> Cannot load/unload kernel modules
--> Cannot change firewall rules (if compiled with IPFIREWALL_STATIC)
--> System immutable and append-only file flags cannot be removed

This can make a FreeBSD system more secure, especially on multi-user systems. Securelevel ca even go higher, but those restrictions generally need care.

#runbsd #freebsd #security #hardening #goodpractice #devops #sysadmin

Moin #IT und #Security Fedis! Ich suche immer noch nach einer schönen Lösung zur #Passwortverwaltung für Ressourcen, auf die wir als Team zugreifen müssen. Ich habe immer noch nix gefunden was mir gefällt. Das sind die Anforderungen:

- 100% selfhosting OnPrem
- Aufbau einer Ordnerstruktur
- Darstellung von TOTP-Codes
- Benutzer- und Rechteverwaltung
- individuelle Hardwareschlüssel als 2FA pro User
- webbasierte Lösung oder plattformunabhängige Lösung

Habt ihr eine heiße #Empfehlung?

LibreSSL 4.1.2 and 4.2.1 released https://www.undeadly.org/cgi?action=article;sid=20251102090208 #openbsd #libressl #tls #ssl #security #networking #cryptography #crypto #realcrypto #libresoftware #freesoftware

#Cellebrite can apparently extract data from most #Pixel phones, unless they’re running #GrapheneOS.

https://arstechnica.com/gadgets/2025/10/leaker-reveals-which-pixels-are-vulnerable-to-cellebrite-phone-hacking/

#Privacy #Security #Android #Google #Encryption

I submitted a few Pull Requests as follows:

libressl 4.2.1 for MacPorts here:
https://github.com/macports/macports-ports/pull/29892

opensmtpd 7.8.0p0 for MacPorts here:
https://github.com/macports/macports-ports/pull/29893

libressl-devel 4.2.1 for MacPorts here:
https://github.com/macports/macports-ports/pull/29894

(the distinction between libressl and libressl-devel comes from a time before I became a MacPorts maintainer when the -stable and -development branches were tracked separately. While LibreSSL did also announce a 4.1.2 release? For now, it seems saner to just have libressl and libressl-devel within MacPorts be the same, if upstream tags their branches as -stable and -development again, we'll follow their lead)

GitHub Continuous Integration checks passed for all of them, it's up to someone else with commit access to merge them.

I also submitted announcements to undeadly.org, but I will let some of the other editors sanity check my submissions and publish them.

It's currently 22:18 more or less Pacific time, and I bought a ticket to a party that supposedly starts at 22:00 and goes until 05:00 tomorrow morning, so while maybe I am being "fashionably late"? I am happy to actually tend to some libre/free open source software maintenance before attempting to have much fun, because even though it's a Friday and "no pushes on Friday" I am not currently employed in those realms and for me? Coding is fun already! Not to mention, I rented a car and driving with all the folks in costumes crossing where ever seems to be posing additional hazards and I am in no rush.

I've got a lot going on tomorrow and Sunday too, before I fly to BCN for Mira Festival. So much going on, but mostly interesting things I think?

#HappyHalloween #LibreSSL #OpenSMTPD #MacPorts #OpenSource #TLS #Security #Email #MTAs

If CIS hardening is not available for Trixie yet, then what am I supposted to use? (I mean besides passing --allow-unsupported-distribution to hardening script or modifying config)

#debian #debian13 #cis #debian_trixie #proxmox #pve #cybersecurity #hardening #security #cybsec #cybersec

This morning I was checking on a client who happens to use CrowdSec. You’d imagine that, given their model, especially if actively contributing to the network, the AI bot list would naturally be part of the community blocklist, right?
Wrong!, apparently turns out that particular privilege lives behind a $900/month Premium label.

#security #crowdsec

Someone Snuck Into a #Cellebrite #Microsoft #Teams Call and Leaked Phone #Unlocking Details

Someone recently managed to get on a Microsoft Teams call with representatives from phone #hacking company Cellebrite, and then leaked a screenshot of the company’s capabilities against many #GooglePixel phones, according to a forum post about the leak
#privacy #security

https://www.404media.co/someone-snuck-into-a-cellebrite-microsoft-teams-call-and-leaked-phone-unlocking-details/

Weil gerade #OpenDesk die verdiente Anerkennung bekommt. Bevor es das @zendis gab durfte ich das hier für das @bmi schreiben

https://bmi.usercontent.opencode.de/opendesk-architekturkonzept/D_technologiearchitektur/

Das war mein sichtbarer Beitrag zum Thema #security #FOSS in #Kubernetes

👊

Eine ganze Reihe von Leuten hat hier auch daran mitgewirkt.

https://www.handelsblatt.com/dpa/digitale-souveraenitaet-strafgerichtshof-software-aus-deutschland-statt-microsoft/100169812.html

How privacy can save your life | Carissa Véliz | TEDxPorto

https://youtu.be/xSPRouBvgFE?si=BhhyKVKiomXgGZ7r

#privacy #security #freedom #democracy #control #fascism

Enable BPF filtering on sockets https://www.undeadly.org/cgi?action=article;sid=20251030110053 #openbsd #bpf #filtering #sockets #networking #security #development #poc #proofofconcept #earlydays #freesoftware #libresoftware

My request for the 14emeliaterracewestroxburyma02132 [.] su
domain associated with the Aisuru #botnet to be terminated has been granted.

The DNS provider removed it as of approx. 11:34pm EST last night, but that does not mean the botnet is dead. Not by a long shot.

I'm working on the overload [.] su domain. It's whack-a-mole, but it's worth it! #cybersecurity #security #infosec

Alt...

botnet

Even stranger - the domain name is an address:

14emeliaterracewestroxburyma02132 [dot] su

14 Emelia Ter, West Roxbury, MA 02132

Is this just a string scraped from the web that was chosen randomly by an algorithm, or a clue / reference of some kind?

https://radar.cloudflare.com/domains/domain/14emeliaterracewestroxburyma02132.su

#cybersecurity #security #outage #Azure #AWS #cloud #cloudcomputing

🚨 There's an enormous amount of traffic at a .su domain (old Soviet Union TLD), per #Cloudflare Radar. It's outranking every other big domain out there (#Google, #Microsoft, #Facebook, etc.) I assume this is related to a botnet controller and the #Azure outage, but if anyone out there in #infosec knows more, please comment. The host machine(s) are at Softlayer in Texas.

#cybersecurity #security #outage #Azure #AWS #cloud #cloudcomputing

Alt...

Soviet Union TLD

GrapheneOS version 2025102800 released:

https://grapheneos.org/releases#2025102800

See the linked release notes for a summary of the improvements over the previous release.

Forum discussion thread:

https://discuss.grapheneos.org/d/27702-grapheneos-version-2025102800-released

#GrapheneOS #privacy #security

> Website offers "Multifactor authentication"
> Look inside
> It's SMS

#security #cybersecurity #no

Alt...

"Looks inside" cat meme. A zoomed in, wide-lens photo of a cat. The cat looks skeptical, and the unusual photography exaggerates their face extremely.

Data brokerage is a billion-dollar industry built on selling your personal information without your knowledge or consent.

In our latest video, we uncover the shady world of data brokers with the help of investigative reporter Yael Grauer (Consumer Reports) to find out how they operate and what you can do about it.

https://neat.tube/w/tMmNH9zj4dLv6titzr5F9j
https://www.youtube.com/watch?v=Monbu9bh6nY
🌐 https://www.privacyguides.org/videos/2025/10/28/data-brokers-know-everything-about-you/

#DataBrokers #OptOut #PeopleSearch #PeopleSearchingWebsites #DataBroker #DataBrokerOptOut #Stalker #Abuse #Privacy #Security #DigitalSafety #Safety #PrivacyGuides #Video

Please for the love of fuck, do not under any circumstances give a surveillance app access to your address book/contacts. You are snitching out all of our personal information that we trusted you with.

Why am I reminded of this once again? Because I went on FB for one of the few groups that's only there and noticed the People You May Know had a suggestion for someone I went on two dates with a couple years ago. There is no other way they could've made that connection unless she granted access to their app.

I think from now on, I'm only going to give date matches my Signal username. If they don't or won't use Signal, we're probably not a match anyway. Or maybe I'll just get an anonymous virtual SIM for things like that.

#security #privacy #infosec

#ChatControl is OFF the table for now. 💪

But the Danish Minister of Justice and chief architect of the current Chat Control proposal, Peter Hummelgaard, wants to bring it back in December.

😡 He now even claims your activism was paid for by Big Tech! 😡

We must keep fighting for #encryption and our right to #privacy 🔒️

Source: https://netzpolitik.org/2025/absurd-und-respektlos-daenischer-justizminister-diskreditiert-chatkontrolle-proteste/

#No2Backdoors #CyberSecurityMonth #CyberSecurity #Security

Alt...

Danish Minister of Justice and chief architect of the current Chat Control proposal, Peter Hummelgaard, wants to bring it back in December

OpenBSD 7.8 // SYSPATCH // ERRATA 001

Date: October 26, 2025
Name: 001_syspatch.patch
Description: syspatch(8) is confused by aliased /dev/*rootdisk nodes in the database generated by dev_mkdb(8).
Link: https://cdn.openbsd.org/pub/OpenBSD/patches/7.8/common/001_syspatch.patch.sig

#OpenBSD #Security #Update