Information Security

236 readers
5 users here now

founded 1 year ago
MODERATORS
[email protected]
listing: all - local
1
1
AI-Powered Threat Hunting on Linux Servers: Honeypot Experiment and Privilege Escalation (safecontrols.blog)
submitted 2 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 

I tested using Google's Gemini as a helping hand in Linux log based threat hunting - and it is actually helpful, although not ready to take the security analyst's job (yet).

2
1
Teaching smart things cyber self defense: ships and cars that fight back (safecontrols.blog)
submitted 3 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 

A blog post I made based on discussions at a conference last week - we need to teach smart things like self driving cars and ships to defend themselves against cyber attacks. This outlines how we should approach it.

3
1
Do Users Write More Insecure Code with AI Assistants? (chaos.social)
submitted 7 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 

cross-posted from: https://programming.dev/post/8121843

~n (@[email protected]) writes:

This is fine...

"We observed that participants who had access to the AI assistant were more likely to introduce security vulnerabilities for the majority of programming tasks, yet were also more likely to rate their insecure answers as secure compared to those in our control group."

[Do Users Write More Insecure Code with AI Assistants?](https://arxiv.org/abs/2211.03622?

4
1
[Request] General tips and where to study? (infosec.pub)
submitted 8 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 

I am curious if anyone has advice on a good start to get into InfoSec. I just bought a car, used a separate phone number and somehow marketers found my actual number, so want to get a better handle on how to handle personal data.

5
1
Smart card/Yubikey labeling - yay/nay? (infosec.pub)
submitted 1 year ago by [email protected] to c/[email protected]
0 comments fedilink
 
 

Now ever since I got a label printer I made it a habit to... well... label everything. It's been the a gamechanger in organizing my stuff.

This habit includes having a tiny label with my street address and mail address on most any item that I loan away or tend to regularly lug around with me as a general reminder of ownership. I forget about and lose stuff all the time, so this gives me some piece of mind with most of my medium-value little gadgets. I believe (and have experienced) that people are generally decent and will return lost stuff to me if it's easy for them to find out to whom it belongs.

Now it has occurred to me that this practice might be detrimental when applied to a smart cards in general and my Yubikeys in particular. After all, shouldn't a lost Yubikey be considered "tampered with/permanently lost" anyway, whether it's returned or not? And wouldn't an Email address on the key just increase the risk of some immediate abuse of the key's contents, i.e. GPG private keys, that would otherwise not be possible?

Or am I overhtinking this?

6
1
WiFi routers can see people through walls. Here’s how it works (www.zmescience.com)
submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]
0 comments fedilink
 
 

cross-posted from: https://lemmy.kevitprojects.com/post/8452

What do you guys think about this?

7
1
Looking for a greentext meme from...a secret website that you can't talk about. (infosec.pub)
submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]
0 comments fedilink
 
 

It was a meme about a cyber security guy not giving out his personal information, not even to girls he likes. I can't find it on here anymore