. Skip to main content

(ˈpiːtə(r)), n, Dutch Computer geek, Father of 3, Living together with @Chrizzzz, security specialist at @Atos, CISSP, Opinions are my own.

srcr.nl

twitter.com/srcr

instagram.com/srcr/

reddit.com/u/srcr/

paypal.me/srcr

snapchat.com/add/srcr

keybase.io/srcr

Kom ik net tot de ontdekking dat zoon lief de OpenDNS FamilyShield DNS instellingen omzeilt met de Tor Browser. Dat was niet de bedoeling 🤓

Nice writeup by @GossiTheDog, I watched this unfold this afternoon, seeing 215 ETH siphoned off via various Ethereum wallets. https://doublepulsar.com/hijack-of-amazons-internet-domain-service-used-to-reroute-web-traffic-for-t...

Vanmorgen in dichte 🌫 naar werk gereden. Zeker 20 auto's gezien met alleen dagrijverlichting. Mensen wees toch zichtbaar. /cc @POL_DeMarne

CPE Webcasts and Podcasts

1 min read

Since I'm a certified CISSP I need to reach my yearly CPE goal. For this I watch and listen to various web- and podcast. At the moment this is what is on my diet.

Stormcast, Daily Information Security Podcast - Stormcasts are daily 5-10 minute information security threat updates from the SANS Internet Storm Center.

Digital Shadows ShadowTalk - Digital Shadows monitors and manages an organization’s digital risk, providing relevant threat intelligence across the widest range of data sources within the open, deep, and dark web to protect their brand, and reputation.

Troy Hunt's Weekly update - Troy Hunt is the owner of Have I been pwned? (HIBP), blogger, Microsoft regional director and MVP and speaks at security events and give security training.

Paul’s Security Weekly - Weekly security roundup by the security weekly team discussing the security high- and lowlights.

FireEye State of The Hack - Weekly (?) show by FireEye with your update of the various APT and FIN groups.

Hi @UbisoftSupport, concerning the disabling of pasting my password into the iOS app, I want to point you to the following site https://www.ncsc.gov.uk/blog-post/let-them-paste-passwords

Dear @SophosSupport and @FSecure for your endpoint protection products do you set the required registry key to patch ?

Inside

1 min read

  

Can't resist putting these on my site, much better attempt than my picture below.
These pictures are created by @paul_pearce

Filmpje gehuurt bij @Pathe -thuis. Moet je €10,- minimaal storten voor de huur van €3,99 of met @PayPal maar dan weer een pre-approved, vinger in mijn portemonnee houden. Laatste maar gedaan en de pre-approver er weer afgesloopt, ook niet makkelijk bij @PayPal. Nog steeds een stuk makkelijker, maar ja mag niet.

Listening to @troyhunt's Weekly update 66 and 67 and created a at https://srcr.nl/security.txt not that it makes much sense for my mini-site but there it is.

Mirai botnet attackers plead guilty for roles in 2016 internet cyberattack http://www.zdnet.com/article/justice-dept-indicts-mirai-botnet-attackers/

Nice article @xme, I created my own (derived) script and already had a small success with it. - https://isc.sans.edu/forums/diary/Tracking+Newly+Registered+Domains/23127/

Any BIND guru's? Why do the @OpenDNS server work in nslookup from CLI but not as forwarders in my bind.conf?

The City of @Marseille tests Auxylium, @Atos advanced military communication solution https://atos.net/en/2017/press-release/general-press-releases_2017_11_21/city-marseille-tests-auxyli...

Security Breach and Spilled Secrets Have Shaken the N.S.A. to Its Core - The New York Times https://www.nytimes.com/2017/11/12/us/nsa-shadow-brokers.html

HIDDEN COBRA – North Korean Remote Administration Tool: FALLCHILL | US-CERT https://www.us-cert.gov/ncas/alerts/TA17-318A

Nearly half of companies have suffered a data breach in the past year: Survey https://www.cisomag.com/nearly-half-companies-suffered-data-breach-past-year-survey

Russian 'Fancy Bear' Hackers Using (Unpatched) Microsoft Office DDE Exploit https://thehackernews.com/2017/11/apt28-office-dde-malware.html