Ancestors

Toot

Written by kurtseifried (he/him) on 2025-01-15 at 18:20

Did anyone else get this weird #ISACA phishing email to log in to "isaca.my.site.com" and yes I know I'm exposing my ISACA username but I'm pretty sure you could have guessed it.

=> View attached media | View attached media

=> More informations about this toot | More toots from kurtseifried@infosec.exchange

Descendants

Written by kurtseifried (he/him) on 2025-01-16 at 02:06

EVERYTHING IS FINE. DO NOT PANIC. IGNORE THE LAST EMAIL!

IT WAS A (checks notes) SYSTEM UPGRADE!

=> View attached media

=> More informations about this toot | More toots from kurtseifried@infosec.exchange

Written by kurtseifried (he/him) on 2025-01-16 at 02:11

Disclaimer: I do not interact with the OpenBSD anymore due to abuse, however I will say on a technical level they have tried to squash entire classes of vulns, relatively effectively for the last 2 decades:

1.	W^X (Write XOR Execute):

URL: https://en.wikipedia.org/wiki/W%5EX

2.	ProPolice Stack Protector:

URL: https://en.wikipedia.org/wiki/OpenBSD_security_features

3.	Address Space Layout Randomization (ASLR):

URL: https://en.wikipedia.org/wiki/Address_space_layout_randomization

4.	RETGUARD:

URL: https://www.gobsd.org/viewtopic.php?t=3862

They invented some stuff or were an early implementor.

Good news: we're (CSA) working on something in this area and will hopefully have some interesting things to show off in a few weeks.

=> More informations about this toot | More toots from kurtseifried@infosec.exchange

Written by Ed Hurtley on 2025-01-15 at 18:22

@kurtseifried Yep. Assumed it was phishing, too.

=> More informations about this toot | More toots from ehurtley@infosec.exchange

Written by Eddie. on 2025-01-15 at 18:23

@kurtseifried yep. I just deleted it.

=> More informations about this toot | More toots from infoseclogger@infosec.exchange

Written by novelgazer :rebelverified: on 2025-01-15 at 18:45

@kurtseifried same here

=> More informations about this toot | More toots from novelgazer@infosec.exchange

Written by JK on 2025-01-15 at 19:04

@kurtseifried sames. Looks like one of their SharePoint devs might have been popped.

=> More informations about this toot | More toots from regulartacos@infosec.exchange

Written by Lemniscate on 2025-01-15 at 22:32

@kurtseifried I did. And more recently received an email from ISACA saying to disregard it and that it was due to an error while a system enhancement was being done.

=> More informations about this toot | More toots from Lemniscate@infosec.exchange

Written by s1f0w on 2025-01-15 at 22:54

@kurtseifried Yes, what a great lesson in how not to do it, by the experts.

=> More informations about this toot | More toots from s1f0w@infosec.exchange

Written by Xavier Ashe :donor: on 2025-01-16 at 02:06

@kurtseifried They should have blamed the intern.

=> More informations about this toot | More toots from Xavier@infosec.exchange