Alex · @alex_02
20 followers · 339 posts · Server infosec.exchangeAnyone knows if it could be possible to take one of those specifically built crypto miners and repurpose them to crack password hashes? Just a random thought, but the way you mine crypto with those makes me wonder if you could do similar to cracking hashes? I'm also thinking more of stuff like a ASIC, not GPUs.
#infosec #infosecurity #information #informationsecuriy
Sean Whalen π¨πΌβπ¦Όπ³οΈβππΊπ¦ποΈ · @seanthegeek
436 followers · 458 posts · Server infosec.exchange
Hi everyone, I just released version 1.1.1 of my #Mastodon #DMARC Survey tool, updated survey results, and additional documentation. This release adds a DNSSEC check and SPF record validation. Error and warning fields are now included in the CSV for easy troubleshooting. This is to help administrators configure DMARC to help prevent attackers from spoofing a domain.
Even if you looked at the results from last Friday, it's worth taking a look at these new results.
https://github.com/seanthegeek/mastodon-dmarc-survey
#Infosec #InformationSecuriy #phish #phishing #spoofing #adminsofmastodon #OpenSource #OpenSourceSoftware #FLOSS #Python #CLI #API
#mastodon #dmarc #infosec #informationsecuriy #phish #phishing #spoofing #adminsofmastodon #opensource #opensourcesoftware #floss #python #cli #api
Sean Whalen π¨πΌβπ¦Όπ³οΈβππΊπ¦ποΈ · @seanthegeek
262 followers · 339 posts · Server infosec.exchangeIn the short time I've been the #Mastodon #Fediverse so far, I've talked a lot about how #DMARC can help prevent #spoofed #emails from being delivered to their targets, in light of a wave of Mastodon-themed phishing. That made me wonder, "How many Mastodon instances have a DMARC record on their domain? How many of those are set up to properly?" For their own security Users should join servers with an enforced DMARC policy, and instance admins should enforce DMARC on their domains to protect users and attract a security conscious userbase.
I wrote a script that queries instances.social for the 1000 top Mastodon instances based on the number of active users, feeds that list to #checkdmarc to query for, parse, and validate DMARC #DNS records. Here are the results.
https://github.com/seanthegeek/mastodon-dmarc-survey
As of earlier today, 148 instances with a combined 295, 975 active users had an enforced DMARC policy (p=quarantine or p=reject). 113 instances with a combined 168,965 active users have deployed a monitor only policy, 3 instances with a combined 577 active users have an invalid DMARC record, and 113 instances with a combined 486,972 active users don't have any DMARC record.
As I looked through the list of instances, I noticed that infosec.exchange is now the 7th largest Mastodon instance on the public internet, with 18,328 active users (and counting. Thanks @jerry!
#Infosec #InformationSecuriy #phish #phishing #spoofing #adminsofmastodon #OpenSource #OpenSourceSoftware #FLOSS #Python #CLI #API
#mastodon #fediverse #dmarc #Spoofed #emails #checkdmarc #dns #infosec #informationsecuriy #phish #phishing #spoofing #adminsofmastodon #opensource #opensourcesoftware #floss #python #cli #api