Search
Items tagged with: infosec
France Just Created Its Own Open Source Alternative to Microsoft Teams and Zoom
Not only for them, but any other non-European videoconferencing software.Sourav Rudra (It's FOSS)
You can do the following to remove the scheduled task that executes the vulnerable AMDAutoUpdate:
1. Run cmd.exe as administrator
2. schtasks /delete /TN AMDAutoUpdate /F
This prevents the AMDAutoUpdate from executing.
#infosec #cybersecurity #amd #ryzenmaster
Apparently AMD's AutoUpdate downloads the updates over HTTP and executes them without any validation (presumably as SYSTEM user). AMD was notified of the vulnerability but according to them "attack requiring physical access to victim's computer/device, man in the middle or compromised user accounts" are out of scope.
Madness.
source: web.archive.org/web/2026020615ā¦
#vulnerability #infosec #cybersecurity
The RCE that AMD won't fix!
After reporting a RCE in AMD's auto-update software, they decided to not patch it due to it requiring a man-in-the-middle attack to perform.web.archive.org
RE: freeradical.zone/@tek/11602044ā¦
Expired SSL Certificates remain undefeated
#certificates #ssl #tls #infosec
Sectigo, who signs about 25% of all SSL certificates, updated their root certificate in December 2025. Old versions of Android donāt have the new cert. This is making Mastodon apps running on those devices fail to connect to servers that have updated their SSL certs recently.Update your phone or client to fix the connection. For instance, Tusky is working to bundle the new root cert directly into the app.
Holy shit. TIL that Janet Jackson is the only Grammy-winning artist with a CVE.
CVE-2022-38392 indicates that playing Rhythm Nation near certain hard drives will cause a crash, because the song contains a resonate frequency with a 5400RPM spinning disk of a certain diameter and construction.
Neat.
Feeling deeply disillusioned with the state of tech (andāletās be realāeverything else) these days.
Anyone have recs for a book that will help displace this despair in favor of hope, specifically as it pertains to technology?
#infosec #books #bookstodon #technology #ai
notepad-plus-plus.org/news/hijā¦
GNU InetUtils telnetd Authentication Bypass Exploited in the Wild
A critical authentication bypass in GNU InetUtils telnetd (CVE-2026-24061) is actively exploited only days after the public reporting of the flaw. It's urgent that you block any telnet server you are using from the Internet.
**THIS IS URGENT! Check if you are using Telnet anywhere in your network. IMMEDIATELY isolate the Telnet interface to trusted networks and patch the code. Then stop using Telnet and switch to SSH.**
#cybersecurity #infosec #attack #activeexploit
beyondmachines.net/event_detaiā¦
If you use #GMAIL, you should be aware that as of this post's timestamp, their spam detection is down and it is likely your emails aren't being scanned for spam, unverified senders, or harmful software.
"We are aware that some Gmail users are experiencing misclassification of emails in their inbox and additional spam warnings. We are actively working to resolve the issue. As always, we encourage users to follow standard best practices when engaging with messages from unknown senders."
"We advise the users to be extra diligent in lieu of missing spam checks." #Spam #Google #InfoSec #Security #Phishing
Google Status:
google.com/appsstatus/dashboarā¦
Letās be honest, Ring was already some technocratic, dystopian BS, but if you needed a reason to finally, finally kill it with fire, hereās your reason: Ring is partnering with Flock to help ICE spy on you and your neighbors for the government š
#Technology #InfoSec
techcrunch.com/2025/10/16/amazā¦
Amazon's Ring to partner with Flock, a network of AI cameras used by ICE, feds, and police | TechCrunch
Agencies that use Flock can request that Ring doorbell users share footage to help with "evidence collection and investigative work."Amanda Silberling (TechCrunch)
With agentic AI embedded at the OS level, databases storing entire digital lives accessible to malware, tasks whose reliability quickly breaks down at each step, and being opted-in without consent, @signalapp leadership, @Mer__edith and Udbhav Tiwari, are sounding the alarm for the industry to pull back until threats can be mitigated.
coywolf.com/news/productivity/ā¦
āSignalā President and VP warn agentic AI is insecure, unreliable, and a surveillance nightmare
With agentic AI embedded at the OS level, databases storing entire digital lives accessible to malware, tasks whose reliability quickly breaks down at each step, and being opted-in without consent, Signal leadership is sounding the alarm for the induā¦Jon Henshaw (Coywolf)
