Brian Clark
@deepthoughts10.infosec.exchange.ap.brid.gy
#InfoSec #Cybersecurity #threatintel and Politics. I try my best.
Also @[email protected]
Searchable
[bridged from https://infosec.exchange/@deepthoughts10 on the fediverse by https://fed.brid.gy/ ]
Also @[email protected]
Searchable
[bridged from https://infosec.exchange/@deepthoughts10 on the fediverse by https://fed.brid.gy/ ]
Merry Christmas to all who celebrate! For those who don’t, I hope you had a great Thursday!
December 26, 2025 at 2:11 AM
Merry Christmas to all who celebrate! For those who don’t, I hope you had a great Thursday!
mastodon.social
December 22, 2025 at 6:38 PM
One of life’s great struggles—how to both stay in your cozy heated bed and still see what’s going on in the room #catsofmastodon #caturday
December 20, 2025 at 7:10 PM
One of life’s great struggles—how to both stay in your cozy heated bed and still see what’s going on in the room #catsofmastodon #caturday
RE: https://infosec.exchange/@threatinsight/115741598999422795
I highly recommend that you use Conditional Access to block Device Code Flows for this reason and many others. If you have some users who need to use it, put them in a group and exclude them from the policy. Most users will never […]
I highly recommend that you use Conditional Access to block Device Code Flows for this reason and many others. If you have some users who need to use it, put them in a group and exclude them from the policy. Most users will never […]
Original post on infosec.exchange
infosec.exchange
December 18, 2025 at 6:12 PM
RE: https://infosec.exchange/@threatinsight/115741598999422795
I highly recommend that you use Conditional Access to block Device Code Flows for this reason and many others. If you have some users who need to use it, put them in a group and exclude them from the policy. Most users will never […]
I highly recommend that you use Conditional Access to block Device Code Flows for this reason and many others. If you have some users who need to use it, put them in a group and exclude them from the policy. Most users will never […]
RE: https://mastodon.online/@parismarx/115735327339708811
I’d really like to say “these 8 are the worst people in tech — by far” and call it done
I’d really like to say “these 8 are the worst people in tech — by far” and call it done
mastodon.online
December 17, 2025 at 9:07 PM
RE: https://mastodon.online/@parismarx/115735327339708811
I’d really like to say “these 8 are the worst people in tech — by far” and call it done
I’d really like to say “these 8 are the worst people in tech — by far” and call it done
RE: https://mastodon.social/@campuscodi/115734379857503761
As usual, Catalin has an excellent round up of recent #cybersecurity news
As usual, Catalin has an excellent round up of recent #cybersecurity news
mastodon.social
December 17, 2025 at 7:04 PM
RE: https://mastodon.social/@campuscodi/115734379857503761
As usual, Catalin has an excellent round up of recent #cybersecurity news
As usual, Catalin has an excellent round up of recent #cybersecurity news
Picus Security, an interesting security vendor I only recently became aware of, has a report out on the Fog Ransomware group. An easy protective control to put in place based on this group's TTPs is to block *.netlify.app. This is the domain used by Netlify's free tier apps and is being abused […]
Original post on infosec.exchange
infosec.exchange
December 9, 2025 at 3:36 AM
Picus Security, an interesting security vendor I only recently became aware of, has a report out on the Fog Ransomware group. An easy protective control to put in place based on this group's TTPs is to block *.netlify.app. This is the domain used by Netlify's free tier apps and is being abused […]
This phishing content hosting technique described by Barracuda is very clever. I find that the anti-analysis features are especially so: "it prevents right-clicking the mouse, blocks the keyboard’s F12 key (used for developer tools), and prevents common keyboard shortcuts like Ctrl/Cmd and […]
Original post on infosec.exchange
infosec.exchange
December 9, 2025 at 2:44 AM
This phishing content hosting technique described by Barracuda is very clever. I find that the anti-analysis features are especially so: "it prevents right-clicking the mouse, blocks the keyboard’s F12 key (used for developer tools), and prevents common keyboard shortcuts like Ctrl/Cmd and […]
RE: https://infosec.exchange/@netresec/115667037971483700
This brings a really interesting prevention opportunity for businesses with web security proxies in place (Zscaler, Netskope, NGFW's, etc.) Enforce the use of TLS 1.2 or higher. This might be a big lift for some organizations, but for […]
This brings a really interesting prevention opportunity for businesses with web security proxies in place (Zscaler, Netskope, NGFW's, etc.) Enforce the use of TLS 1.2 or higher. This might be a big lift for some organizations, but for […]
December 6, 2025 at 10:57 PM
RE: https://infosec.exchange/@netresec/115667037971483700
This brings a really interesting prevention opportunity for businesses with web security proxies in place (Zscaler, Netskope, NGFW's, etc.) Enforce the use of TLS 1.2 or higher. This might be a big lift for some organizations, but for […]
This brings a really interesting prevention opportunity for businesses with web security proxies in place (Zscaler, Netskope, NGFW's, etc.) Enforce the use of TLS 1.2 or higher. This might be a big lift for some organizations, but for […]
December 6, 2025 at 10:19 PM
I met a new #dog yesterday named Tucker. He’s a bit shy but decided to risk it and say hello in exchange for pats. #dogsofmastodon
November 29, 2025 at 7:38 PM
I met a new #dog yesterday named Tucker. He’s a bit shy but decided to risk it and say hello in exchange for pats. #dogsofmastodon
November 29, 2025 at 7:35 PM
Happy Thanksgiving to my American friends. To everyone else, I hope you have a great Thursday!
November 26, 2025 at 11:06 PM
Happy Thanksgiving to my American friends. To everyone else, I hope you have a great Thursday!
RE: https://infosec.exchange/@worldwatch_ocd/115605281408605932
Unless your org uses Bubble.io and their low-code developer platform, you can likely block their app-hosting domain bubbleapps.io. Put in an allow list for vetted BubbleApps URLs if you need to.
Also, I think this one is already […]
Unless your org uses Bubble.io and their low-code developer platform, you can likely block their app-hosting domain bubbleapps.io. Put in an allow list for vetted BubbleApps URLs if you need to.
Also, I think this one is already […]
Original post on infosec.exchange
infosec.exchange
November 24, 2025 at 4:55 PM
RE: https://infosec.exchange/@worldwatch_ocd/115605281408605932
Unless your org uses Bubble.io and their low-code developer platform, you can likely block their app-hosting domain bubbleapps.io. Put in an allow list for vetted BubbleApps URLs if you need to.
Also, I think this one is already […]
Unless your org uses Bubble.io and their low-code developer platform, you can likely block their app-hosting domain bubbleapps.io. Put in an allow list for vetted BubbleApps URLs if you need to.
Also, I think this one is already […]
RE: https://mastodon.social/@eff/115601485570143504
Please submit your comments on this proposed change, which takes away an important method for challenging patents. This seems like a clear give-away to big business and patent troll firms. Let’s not let them slip this change in easily or quietly.
Please submit your comments on this proposed change, which takes away an important method for challenging patents. This seems like a clear give-away to big business and patent troll firms. Let’s not let them slip this change in easily or quietly.
mastodon.social
November 23, 2025 at 11:26 PM
RE: https://mastodon.social/@eff/115601485570143504
Please submit your comments on this proposed change, which takes away an important method for challenging patents. This seems like a clear give-away to big business and patent troll firms. Let’s not let them slip this change in easily or quietly.
Please submit your comments on this proposed change, which takes away an important method for challenging patents. This seems like a clear give-away to big business and patent troll firms. Let’s not let them slip this change in easily or quietly.
RE: https://infosec.exchange/@lerg/115600897099332714
The Google post that Andrew shared notes the updates made re: Gainsight & Salesforce:
Update (Nov. 21): In response to the Salesforce advisory related to Gainsight applications, this blog post has been updated to include comprehensive […]
The Google post that Andrew shared notes the updates made re: Gainsight & Salesforce:
Update (Nov. 21): In response to the Salesforce advisory related to Gainsight applications, this blog post has been updated to include comprehensive […]
Original post on infosec.exchange
infosec.exchange
November 23, 2025 at 8:59 PM
RE: https://infosec.exchange/@lerg/115600897099332714
The Google post that Andrew shared notes the updates made re: Gainsight & Salesforce:
Update (Nov. 21): In response to the Salesforce advisory related to Gainsight applications, this blog post has been updated to include comprehensive […]
The Google post that Andrew shared notes the updates made re: Gainsight & Salesforce:
Update (Nov. 21): In response to the Salesforce advisory related to Gainsight applications, this blog post has been updated to include comprehensive […]
RE: https://mastodon.social/@scalzi/115594438646260803
New day, new scam — and AI makes these scammers more efficient. As Scalzi says, if someone sends you an unsolicited email asking for money, don’t send any.
New day, new scam — and AI makes these scammers more efficient. As Scalzi says, if someone sends you an unsolicited email asking for money, don’t send any.
mastodon.social
November 22, 2025 at 6:07 PM
RE: https://mastodon.social/@scalzi/115594438646260803
New day, new scam — and AI makes these scammers more efficient. As Scalzi says, if someone sends you an unsolicited email asking for money, don’t send any.
New day, new scam — and AI makes these scammers more efficient. As Scalzi says, if someone sends you an unsolicited email asking for money, don’t send any.
RE: https://mastodon.social/@arstechnica/115593241698803428
Really cool. Hopefully this starts showing up at other conferences like @BSidesLV and @defcon
Really cool. Hopefully this starts showing up at other conferences like @BSidesLV and @defcon
mastodon.social
November 22, 2025 at 5:29 PM
RE: https://mastodon.social/@arstechnica/115593241698803428
Really cool. Hopefully this starts showing up at other conferences like @BSidesLV and @defcon
Really cool. Hopefully this starts showing up at other conferences like @BSidesLV and @defcon
RE: https://infosec.exchange/@merill/115558028222133212
Free #microsoft Identity training! #cybersecurity
Free #microsoft Identity training! #cybersecurity
infosec.exchange
November 17, 2025 at 3:22 AM
RE: https://infosec.exchange/@merill/115558028222133212
Free #microsoft Identity training! #cybersecurity
Free #microsoft Identity training! #cybersecurity
These two #cats are very happy to have their heated beds available for the season #catsofmastodon #caturday
November 15, 2025 at 8:49 PM
These two #cats are very happy to have their heated beds available for the season #catsofmastodon #caturday
Reposted by Brian Clark
With respect to the gales of November
November 11, 2025 at 1:15 AM
With respect to the gales of November
November 5, 2025 at 5:39 PM
Happy Halloween! 🎃This #cat is SPOOKY but hopes you aren’t scared of him. #catsofmastodon
November 1, 2025 at 2:12 AM
Happy Halloween! 🎃This #cat is SPOOKY but hopes you aren’t scared of him. #catsofmastodon