Ian K. Rogers ikr?╭ರ_ಠ<p>Hey Canadians, our digital sovereignty is under threat. Carney talks a good game, but this is where he really stands.</p><p><a href="https://mstdn.social/tags/CanPol" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CanPol</span></a> <a href="https://mstdn.social/tags/C2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>C2</span></a> <a href="https://mstdn.social/tags/Carney" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Carney</span></a> <a href="https://mstdn.social/tags/Canada" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Canada</span></a></p><p><a href="https://www.eff.org/deeplinks/2025/07/canadas-bill-c-2-opens-floodgates-us-surveillance" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">eff.org/deeplinks/2025/07/cana</span><span class="invisible">das-bill-c-2-opens-floodgates-us-surveillance</span></a></p>
photog.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A place for your photos and banter. Photog first is our motto
Please refer to the site rules before posting.
Administered by:
Server stats:
246active users
photog.social: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.3
#c2
0 posts · 0 participants · 0 posts today
PrivacyDigest<p>Canada’s Bill C-2 Opens the Floodgates to U.S. <a href="https://mas.to/tags/Surveillance" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Surveillance</span></a> </p><p>The Canadian government is preparing to give away Canadians’ digital lives—to U.S. police, to the Donald <a href="https://mas.to/tags/Trump" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Trump</span></a> administration, and possibly to foreign <a href="https://mas.to/tags/spy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>spy</span></a> agencies.</p><p>Bill C-2, the so-called <a href="https://mas.to/tags/StrongBordersAct" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>StrongBordersAct</span></a>, is a sprawling <a href="https://mas.to/tags/surveillance" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>surveillance</span></a> bill with multiple privacy-invasive provisions. But the thrust is clear: it’s a roadmap to aligning Canadian surveillance with U.S. demands. <br><a href="https://mas.to/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> <a href="https://mas.to/tags/Canada" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Canada</span></a> <a href="https://mas.to/tags/c2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>c2</span></a></p><p><a href="https://www.eff.org/deeplinks/2025/07/canadas-bill-c-2-opens-floodgates-us-surveillance" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">eff.org/deeplinks/2025/07/cana</span><span class="invisible">das-bill-c-2-opens-floodgates-us-surveillance</span></a></p>
Miguel Afonso Caetano<p>"If Prime Minister Mark Carney's election was meant to be a rejection of authoritarian trends south of the Canadian border, things are not off to a good start.</p><p>That’s Robert Diab’s conclusion given what’s been rolled into Bill C-2, the government’s Strong Borders Act, tabled in June.</p><p>While past governments have unsuccessfully attempted to make it easier for police to access Canadians' private data, specifically the subscriber information attached to an internet service provider account or an internet protocol address, he says the current government’s kick at the legal access can is in a league of its own.</p><p>“(The provisions) do more to expand the state’s power to access private data in Canada than any law in the past decade,” Diab, a professor of law at Thompson Rivers University, specializing in law and technology, and constitutional rights, wrote in a piece for Tech Policy.</p><p>In an interview with National, he says he was surprised by how many new search powers have been rolled into the omnibus bill, how extensive they are and how many are unrelated to border security.</p><p>Among the lawful access provisions buried among border security measures, the bill proposes expanding the legal definition of subscriber information. While there’s currently no definition in the Criminal Code, in 2014, the Supreme Court of Canada in R v Spencer defined it as “the name, address, and telephone number” of a customer associated with an internet protocol (IP) address. </p><p>Last year, in R v Bykovets, the Court went a bit further, defining subscriber information as “the name, address, and contact information” associated with an individual IP address."</p><p><a href="https://www.nationalmagazine.ca/en-ca/articles/law/in-depth/2025/a-big-brother-bill" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">nationalmagazine.ca/en-ca/arti</span><span class="invisible">cles/law/in-depth/2025/a-big-brother-bill</span></a></p><p><a href="https://tldr.nettime.org/tags/Canada" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Canada</span></a> <a href="https://tldr.nettime.org/tags/C2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>C2</span></a> <a href="https://tldr.nettime.org/tags/Privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Privacy</span></a> <a href="https://tldr.nettime.org/tags/Surveillance" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Surveillance</span></a> <a href="https://tldr.nettime.org/tags/DataProtection" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataProtection</span></a></p>
sleepy62🍁🛠️ 🖥️ 🔬 🌞<p>Hey look, Open Media now has a "Share on Mastodon" option!</p><p>Donate to fight against bill C2 if you can.</p><p><span class="h-card" translate="no"><a href="https://mastodon.social/@OpenMediaOrg" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>OpenMediaOrg</span></a></span> </p><p><a href="https://action.openmedia.org/page/173242/action/1" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">action.openmedia.org/page/1732</span><span class="invisible">42/action/1</span></a></p><p><a href="https://social.vivaldi.net/tags/surveillance" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>surveillance</span></a> <a href="https://social.vivaldi.net/tags/cdnpoli" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cdnpoli</span></a> <a href="https://social.vivaldi.net/tags/carney" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>carney</span></a> <a href="https://social.vivaldi.net/tags/C2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>C2</span></a></p>
Linux ✅<p>📲 Jolla C2 on Linux -älypuhelinten googleton kärkivalinta. Nyt ilahduttavia uutisia heille jotka eivät fanittaneet vuosimaksullisuutta: Sailfish OS -päivitykset toimitetaan tästä lähtien ilmaiseksi kaikille! ✅ </p><p>👉 <a href="https://forum.sailfishos.org/t/long-term-sailfish-os-updates-free-of-charge-for-all-jolla-c2/23491" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">forum.sailfishos.org/t/long-te</span><span class="invisible">rm-sailfish-os-updates-free-of-charge-for-all-jolla-c2/23491</span></a></p><p><a href="https://mementomori.social/tags/Jolla" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Jolla</span></a> <a href="https://mementomori.social/tags/C2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>C2</span></a> <a href="https://mementomori.social/tags/SailfishOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SailfishOS</span></a> <a href="https://mementomori.social/tags/mobiili" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mobiili</span></a> <a href="https://mementomori.social/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> <a href="https://mementomori.social/tags/Suomi" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Suomi</span></a> <a href="https://mementomori.social/tags/puhelimet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>puhelimet</span></a> <a href="https://mementomori.social/tags/smartphone" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>smartphone</span></a> <a href="https://mementomori.social/tags/Tampella" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tampella</span></a> <a href="https://mementomori.social/tags/Tampere" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tampere</span></a> <span class="h-card" translate="no"><a href="https://techhub.social/@jolla" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>jolla</span></a></span></p>
Miguel Afonso Caetano<p>"While Bill C-2 does not explicitly state that it is paving the way for new and expanded data-sharing with the United States or other countries, the legislation contains references to the potential for “agreement[s] or arrangement[s]” with a foreign state, and references elsewhere the potential that persons in Canada may become compelled by the laws of a foreign state to disclose information.2 Other data and surveillance powers in Bill C-2 read like they could have been drafted by U.S. officials. </p><p>Furthermore, in response to questions at a technical briefing on Bill C-2 by Justice Canada on June 9, 2025, Justice Canada officials acknowledged to the persons present at the briefing that the intent of certain provisions within Bill C-2 is to enable Canada to implement and ratify a new data-sharing treaty, publicly known as the “Second Additional Protocol” to the Budapest Convention (“2AP”). The briefing acknowledged that other cross-border “cooperation” tools were foreseeable.</p><p>The federal government’s quiet acknowledgement that new provisions in Bill C-2 are being introduced to implement the 2AP treaty raises broader questions about the full extent of Bill C-2’s impacts as it concerns data-sharing with U.S. law enforcement authorities."</p><p><a href="https://citizenlab.ca/2025/06/a-preliminary-analysis-of-bill-c-2/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">citizenlab.ca/2025/06/a-prelim</span><span class="invisible">inary-analysis-of-bill-c-2/</span></a></p><p><a href="https://tldr.nettime.org/tags/Canada" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Canada</span></a> <a href="https://tldr.nettime.org/tags/DataSharing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataSharing</span></a> <a href="https://tldr.nettime.org/tags/USA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>USA</span></a> <a href="https://tldr.nettime.org/tags/C2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>C2</span></a> <a href="https://tldr.nettime.org/tags/DataProtection" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataProtection</span></a> <a href="https://tldr.nettime.org/tags/Privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Privacy</span></a> <a href="https://tldr.nettime.org/tags/Surveillance" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Surveillance</span></a></p>
🌈 ☯️Teresita🐧👭<p><a href="https://techhub.social/tags/Tech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tech</span></a> <a href="https://techhub.social/tags/C2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>C2</span></a></p>
Stephan Lichtenauer | נח סתו<p>I am using my <span class="h-card" translate="no"><a href="https://techhub.social/@jolla" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>jolla</span></a></span> <a href="https://mastodon.africa/tags/SailfishOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SailfishOS</span></a> <a href="https://mastodon.africa/tags/Jolla" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Jolla</span></a> <a href="https://mastodon.africa/tags/C2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>C2</span></a> phone for a few days now as my main daily driver (nearly since the day I have received it) and I need to my <a href="https://mastodon.africa/tags/iPhone" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>iPhone</span></a> only for a few things anymore (I am leaving it at home already though).</p><p>A more detailed report will come in a few days and I still might come across deal breakers, but so far: While there are a number of unexpected shortcomings, overall the experience so far was a lot better than I had expected.</p><p>This is the first <a href="https://mastodon.africa/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> based device I am testing that really seems to have the potential for a lot of people to get rid of <a href="https://mastodon.africa/tags/Google" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Google</span></a> and <a href="https://mastodon.africa/tags/Apple" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Apple</span></a> - if they actually want. </p><p><a href="https://mastodon.africa/tags/ByeAmerica" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ByeAmerica</span></a> <a href="https://mastodon.africa/tags/ElbowsUp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ElbowsUp</span></a></p>
Paul-Vincent Roll (he/him)<p>Selling my <a href="https://whisper.tf/tags/Jolla" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Jolla</span></a> <a href="https://whisper.tf/tags/C2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>C2</span></a> <a href="https://whisper.tf/tags/SailfishOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SailfishOS</span></a> <a href="https://whisper.tf/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> <a href="https://whisper.tf/tags/phone" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>phone</span></a> as it is too big for me unfortunately <a href="https://whisper.tf/tags/PleaseBoost" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PleaseBoost</span></a> </p><p><a href="https://www.kleinanzeigen.de/s-anzeige/jolla-c2-community-phone-sailfishos-/3028379041-173-3477" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">kleinanzeigen.de/s-anzeige/jol</span><span class="invisible">la-c2-community-phone-sailfishos-/3028379041-173-3477</span></a></p>
Paul-Vincent Roll (he/him)<p>Hat jemand Interesse an einem <a href="https://whisper.tf/tags/Jolla" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Jolla</span></a> <a href="https://whisper.tf/tags/C2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>C2</span></a> Community Phone? Ich habe das Telefon <span class="h-card" translate="no"><a href="https://chaos.social/@nblr" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>nblr</span></a></span> abgekauft und würde es für den selben reduzierten Preis von 250€ wieder abgeben (bei Bedürftigkeit - müsst ihr nicht nachweisen - für 200€).</p><p><a href="https://sailfishos.org" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">sailfishos.org</span><span class="invisible"></span></a></p><p><a href="https://whisper.tf/tags/SailfishOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SailfishOS</span></a> gefällt mir ganz gut aber das Telefon ist mir leider einfach zu groß für den Alltag. <a href="https://whisper.tf/tags/jollac2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>jollac2</span></a> <a href="https://whisper.tf/tags/gerneboosten" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>gerneboosten</span></a></p>
FreddyB Aviation Photography<p>USN C-2 COD takes the option at Palmdale, July 2018 <a href="https://sfba.social/tags/photography" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>photography</span></a> <a href="https://sfba.social/tags/militaryaviation" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>militaryaviation</span></a> <a href="https://sfba.social/tags/aviationphotography" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>aviationphotography</span></a> <a href="https://sfba.social/tags/planespotting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>planespotting</span></a> <a href="https://sfba.social/tags/AvGeek" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AvGeek</span></a> <a href="https://sfba.social/tags/spotter" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>spotter</span></a> <a href="https://sfba.social/tags/photography" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>photography</span></a> <a href="https://sfba.social/tags/aircraft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>aircraft</span></a> <a href="https://sfba.social/tags/milair" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>milair</span></a> <a href="https://sfba.social/tags/nikon" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nikon</span></a> <a href="https://sfba.social/tags/palmdale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>palmdale</span></a> <a href="https://sfba.social/tags/USN" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>USN</span></a> <a href="https://sfba.social/tags/C2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>C2</span></a> <a href="https://sfba.social/tags/COD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>COD</span></a></p>
Infoblox Threat Intel<p>Mastodon communities, be vigilant! Bad actors are creating accounts within the Fediverse and then using them to distribute malware. We identified one such case in which the threat actor had gone undetected since 2022. That Mastodon instance was one with a climate change focus. The threat actor was distributing an information stealer through their account. <br> <br>We are happy to have helped the instance owner figure out why they have been on blocklists intermittently for the last few years, but also get that particular threat out of their Mastodon instance and safe for users. <br> <br>There are undoubtedly many more of these across the Fediverse. Hopefully more awareness can get them detected and shut down faster. <br> <br>For our fellow security nerds... this was <a href="https://infosec.exchange/tags/vidar" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vidar</span></a> malware with sha256 975932eeda7cc3feea07bc1f8576e1e73e4e001c6fe477c8df7272ee2e0ba20d <br>and a c2 IP 78[.]47[.]227[.]68 from the instance. <br>there is still at least one more Mastodon instance impacted that we are trying to reach. <br> <br><a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a> <a href="https://infosec.exchange/tags/stealer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>stealer</span></a> <a href="https://infosec.exchange/tags/mastodon" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mastodon</span></a> <a href="https://infosec.exchange/tags/threatintel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>threatintel</span></a> <a href="https://infosec.exchange/tags/cybercrime" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybercrime</span></a> <a href="https://infosec.exchange/tags/threatintelligence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>threatintelligence</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/infoblox" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infoblox</span></a> <a href="https://infosec.exchange/tags/infobloxthreatintel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infobloxthreatintel</span></a> <a href="https://infosec.exchange/tags/fakeaccounts" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fakeaccounts</span></a> <a href="https://infosec.exchange/tags/c2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>c2</span></a></p>
Infoblox Threat Intel<p>We just released a landscape review of Registered DGAs. We review the many ways threat actors are leveraging these algorithms -- including malware, phishing, scams, porns, you name it. Our RDGA detectors find tens of thousands of domains every day, and we've seen the use continue to rise over the last several years. Most folks aren't even aware since actors are doing this in DNS and it often isn't obvious. <a href="https://infosec.exchange/tags/dns" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dns</span></a> <a href="https://infosec.exchange/tags/threatintel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>threatintel</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/cybercrime" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybercrime</span></a> <a href="https://infosec.exchange/tags/infoblox" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infoblox</span></a> <a href="https://infosec.exchange/tags/RDGA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RDGA</span></a> <a href="https://infosec.exchange/tags/DGA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DGA</span></a> <a href="https://infosec.exchange/tags/DDGA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DDGA</span></a> <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a> <a href="https://infosec.exchange/tags/phishing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>phishing</span></a> <a href="https://infosec.exchange/tags/scams" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>scams</span></a> <a href="https://infosec.exchange/tags/infoblox" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infoblox</span></a> <a href="https://infosec.exchange/tags/infobloxthreatintel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infobloxthreatintel</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/threatactor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>threatactor</span></a> <a href="https://infosec.exchange/tags/c2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>c2</span></a> <a href="https://infosec.exchange/tags/revolverrabbit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>revolverrabbit</span></a> <a href="https://infosec.exchange/tags/threatintelligence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>threatintelligence</span></a> <a href="https://infosec.exchange/tags/cyber" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cyber</span></a> <a href="https://infosec.exchange/tags/cyberintelligence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cyberintelligence</span></a> <a href="https://infosec.exchange/tags/xloader" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>xloader</span></a> <a href="https://infosec.exchange/tags/formbook" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>formbook</span></a> <a href="https://infosec.exchange/tags/abusedtld" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>abusedtld</span></a> <a href="https://insights.infoblox.com/resources-research-report/infoblox-research-report-registered-dgas-the-prolific-new-menace-no-one-is-talking-about" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">insights.infoblox.com/resource</span><span class="invisible">s-research-report/infoblox-research-report-registered-dgas-the-prolific-new-menace-no-one-is-talking-about</span></a></p>
Julian-Ferdinand Vögele<p>After researchers reported on SolarMarker in 2021, the threat actor rapidly rebuilt a multi-tiered <a href="https://infosec.exchange/tags/C2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>C2</span></a> infrastructure, and the central core has remained active since its inception.</p>
Sophos X-Ops<p>We found that many of the samples were variants of <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a> alternately called <a href="https://infosec.exchange/tags/Redline" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Redline</span></a> Stealer or <a href="https://infosec.exchange/tags/Vidar" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vidar</span></a> Stealer. They connect to <a href="https://infosec.exchange/tags/Telegram" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Telegram</span></a> to get their <a href="https://infosec.exchange/tags/C2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>C2</span></a> address, then transmit stolen data to it.</p>
@infosec_jcp 🐈🃏 done differently<p>Did you know that your ☣️ <a href="https://infosec.exchange/tags/infotainmentsystem" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infotainmentsystem</span></a> ☣️ was 💯 <a href="https://infosec.exchange/tags/compromised" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>compromised</span></a> because <a href="https://infosec.exchange/tags/bluetooth" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bluetooth</span></a> ?</p><p><a href="https://infosec.exchange/tags/CANBus" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CANBus</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/Facebook" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Facebook</span></a> <a href="https://infosec.exchange/tags/GangStalkersForum" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GangStalkersForum</span></a> <a href="https://infosec.exchange/tags/C2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>C2</span></a> <a href="https://infosec.exchange/tags/MFAForumsLeaked" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MFAForumsLeaked</span></a></p><p><a href="https://infosec.exchange/tags/C2Servers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>C2Servers</span></a> @ <a href="https://infosec.exchange/tags/AWS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AWS</span></a> <a href="https://infosec.exchange/tags/CloudFront" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CloudFront</span></a> <a href="https://infosec.exchange/tags/Google" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Google</span></a> <a href="https://infosec.exchange/tags/GCP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GCP</span></a> <a href="https://infosec.exchange/tags/CALEAProxiesCompromised" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CALEAProxiesCompromised</span></a> <a href="https://infosec.exchange/tags/infoseclicenseauditingdepartment" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infoseclicenseauditingdepartment</span></a></p>
Renée Burton<p>A few months ago I posted about a DNS malware C2 we had discovered— Decoy Dog — that was based on Pupy, had been undetected for over a year, and had some inexplicable behavior. We hoped the community would easily find the infected devices based on the info we provided. No suck luck. Since then we have used DNS to learn and an astonishing amount about the operations. Once we realized Decoy Dog was more advanced than Pupy, and we saw how the actors responded to our original relesases, we went back to the binaries. Today we released an indepth technical analysis of Decoy Dog, a Pupy research data set, and a new Yara rule. This is the exec summary. Link to the full technical paper and other tidbits in the comments. <a href="https://infosec.exchange/tags/dns" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dns</span></a> <a href="https://infosec.exchange/tags/theatintel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>theatintel</span></a> <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a> <a href="https://infosec.exchange/tags/decoydog" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>decoydog</span></a> <a href="https://infosec.exchange/tags/rat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>rat</span></a> <a href="https://infosec.exchange/tags/c2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>c2</span></a> <a href="https://infosec.exchange/tags/infoblox" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infoblox</span></a> <a href="https://infosec.exchange/tags/datascience" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>datascience</span></a> <a href="https://infosec.exchange/tags/threatresearch" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>threatresearch</span></a> <a href="https://blogs.infoblox.com/cyber-threat-intelligence/decoy-dog-is-no-ordinary-pupy-distinguishing-malware-via-dns/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blogs.infoblox.com/cyber-threa</span><span class="invisible">t-intelligence/decoy-dog-is-no-ordinary-pupy-distinguishing-malware-via-dns/</span></a></p>
JB<p>I never made an <a href="https://mastodon.sdf.org/tags/introduction" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>introduction</span></a>, so:<br><a href="https://mastodon.sdf.org/tags/Boston" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Boston</span></a> (MA)-ish area <a href="https://mastodon.sdf.org/tags/tech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tech</span></a> geek (<a href="https://mastodon.sdf.org/tags/sysadmin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sysadmin</span></a>), working in academia.<br><a href="https://mastodon.sdf.org/tags/SquareDancer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SquareDancer</span></a> (<a href="https://mastodon.sdf.org/tags/mwsd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mwsd</span></a>)(<a href="https://mastodon.sdf.org/tags/c2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>c2</span></a>)(<a href="https://mastodon.sdf.org/tags/TechSquares" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechSquares</span></a> )<br><a href="https://mastodon.sdf.org/tags/Narrowboat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Narrowboat</span></a> and (UK) canal obsessive.<br><a href="https://mastodon.sdf.org/tags/sciencefiction" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sciencefiction</span></a> fan. (<a href="https://mastodon.sdf.org/tags/arisia" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>arisia</span></a>).<br>Not going anywhere near Line, despite being too damned ensconced in FB. Trying to quit Reddit for Lemmy.</p>
securityskeptic :donor: :verified:<p>MSFT obtains court order to sinkhole Cobalt Strike C&C traffic. </p><p>The order lists 16 John Does as </p><p>Appendix A of the order identifies the Hosting Companies/Data <br>Centers Where Defendants <br>Placed the Command and <br>Control Servers and the 1000 or so C&C IP addresses. </p><p>It also includes the Whois for the ~110 C&C domains. </p><p>The contact data for these are redacted or unavailable from the ccTLD operator. </p><p>So...</p><p> _none_ of the domain registrations yielded the name and contact of a party that could be named as a defendant in the action?</p><p>Microsoft's attorneys have filed dozens of orders like this one. Surely they asked for a Whois reveal or asked for billing data.</p><p>So...</p><p> _none_ of the domain registration BILLING DATA yielded the name and contact of a party that could be named as a defendant in the action?</p><p><a href="https://www.databreachtoday.com/microsoft-gets-court-order-to-sinkhole-cobalt-strike-traffic-a-21650" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">databreachtoday.com/microsoft-</span><span class="invisible">gets-court-order-to-sinkhole-cobalt-strike-traffic-a-21650</span></a></p><p><a href="https://infosec.exchange/tags/ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ransomware</span></a> <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a> <a href="https://infosec.exchange/tags/cobaltstrike" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cobaltstrike</span></a> <a href="https://infosec.exchange/tags/c2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>c2</span></a> <a href="https://infosec.exchange/tags/whois" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>whois</span></a> <a href="https://infosec.exchange/tags/itsalwaysdns" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>itsalwaysdns</span></a> <a href="https://infosec.exchange/tags/exceptwhenitsIPs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>exceptwhenitsIPs</span></a></p><p>Set aside privacy protection (it can be managed for all natural person's complete and accurate contact data) but share with me:</p>
Eric Capuano<p>The <a href="https://github.com/BishopFox/sliver" rel="nofollow noopener" target="_blank">Sliver</a> <a href="https://infosec.exchange/tags/C2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>C2</span></a> framework from <span class="h-card"><a href="https://infosec.exchange/@BishopFox" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>BishopFox</span></a></span> has a built-in function for monitoring <a href="https://infosec.exchange/tags/ThreatIntel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThreatIntel</span></a> platforms for the presence of IOCs relevant to the operator. 👀</p>
Live feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
LoginDrag & drop to upload