León Castillejos @L1Cafe@social.privacytools.io
- Keybase
- l1cafe
- 🏠 Homepage
- https://L1Cafe.blog
- 💬 Languages
- 🇪🇸 🇬🇧
- 📍 Location
- 🇪🇺 EU Soutwest
- 💸 Donations
- https://L1Cafe.blog/donate/
#ComputerScience & #Engineering student, #cybersecurity enthusiast, #privacy advocate.
I blog about CTFs and system administration. Sometimes a bit of reverse engineering as well.
Posts are my own and do not represent the views of my employer.
Joined Apr 2019
Spammers are getting too smart. I don't like this one bit.
I found something potentially interesting.
What does the Fediverse think about it? Let me know!
Crossposted from Twitter
RT @TheHackersNews@twitter.com
Heads Up! Most recent versions of #NGINX — one of the most popular web servers that powers huge portion of the Internet today — contains an unpatched remote code execution (RCE) vulnerability.
Keep an eye out for the advisory and critical patch update in next 1-2 months. https://twitter.com/alisaesage/status/1134400428899127296
🐦🔗: https://twitter.com/TheHackersNews/status/1134442673756987392
León Castillejos
boosted
RT @ASpittel@twitter.com
Following non-coders is so confusing. Couple definitions for some words you may see pop up on your time line:
📕 library: a place with books
📈 graph: a chart
🗺 map: used for navigation
🐍 python: snake
📚 heap: a pile of things
🌲 tree: a tall plant
🐞 bug: an insect
León Castillejos
boosted
Thing is... even though their Ubuntu Phone may never have seen widespread adoption, it's actually been a good product. I've seen it, I personally know people who worked on it. I held it in my hands. It was really good!
If Canonical didn't manage to pull off this feat, I have little hope anyone else will. That means we'll have only a few closed source options in the predominating computing market of the near future: mobiles.
Hooray.
Crossposted from Twitter
RT @anyrun_app@twitter.com
Now with http://ANY.RUN you can change locale to bypass malware geo evasion.
It includes changing of:
– Keyboard layout
– Country & currency
– Time zone & format
As example #GandCrab, doesn't work in ex-USSR
en-US: https://app.any.run/tasks/807a630d-79e9-4e83-81da-1b7f69d47086
ru-RU: https://app.any.run/tasks/7b98332c-a23f-4140-9d52-bd3b0be7f78a
🐦🔗: https://twitter.com/anyrun_app/status/1128561634211958784
León Castillejos
boosted
Jesus Roosevelt Christ... PATCH ETERNAL BLUE FOLKS!
@thegibson pure unadulterated BOFH.
But I understand. In also get very angry at these kinds of of oversights.
León Castillejos
boosted
look, let me help you.
https://gallery.technet.microsoft.com/scriptcenter/EternalBlue-Vulnerability-bf3ad11d
That .ps1 can scan your network and determine eternal blue vulns... then you have targets to fix.
I want to be clear. If you aren't fixing this, it is a ticking timebomb in your environment. When I see this, Evil Gibson gets real turned on...
Crossposted from Twitter
RT @epunset@twitter.com
En el día de hoy, 22 de mayo, ha fallecido en Barcelona, tras una una larga enfermedad, Eduard Punset.
Su familia, en estos momentos tristes para tantos, quiere compartir estas imágenes, recogidas por el equipo de su programa de divulgación científica Redes, en recuerdo
I just learned Eduard Punset passed away.
Many Spaniards know him as the host on a program called “Redes” on national television, with the intention of bringing science to everyone.
Punset was a very passionate and intelligent person, and even got involved in Spain’s politics in the 80s.
Thank you for all your efforts 🙏🏻, Punset. May you rest in peace, and may you be remembered for all eternity.
RIP 1936-2019
León Castillejos
boosted
>get spied on by chinese phones
BAD
>get spied on by american phones
GOOD 😎
BAD
>get spied on by american phones
GOOD 😎
Crossposted from Twitter
RT @MikD@twitter.com
HP outsourced their entire pen-testing team (~50 people) to Bangalore. If you’re looking to staff up your threat and vulnerability management team, now is the time! https://twitter.com/gillis57/status/1130576623420485637
Crossposted from Twitter
RT @Gillis57@twitter.com
Soooooo our entire team got laid off with no notice, on a monday- and they didn't even reach out to let us know it was coming. So there are some great people today looking for pentesting work. I'm among them, and looking to work with a skilled team. Retweets are appreciated.
León Castillejos
boosted
@xj9 I'm so tired of the extreme anti-privacy movement.
* Not caring if millions of accounts get leaked
* Considering lack of security as merely a cost of doing business
* Not caring whether people get doxed or harassed or outed
* Assuming that data created by people always belongs to the megacorp
* These cosy relationships with letter agencies are oh so predictable
* The culture of embedding off-site links into web software so that they give companies a lot of data about how people are using it
* Assuming its ok to have telemetry on by default without telling the user or having any kind of informed consent
* Not caring if millions of accounts get leaked
* Considering lack of security as merely a cost of doing business
* Not caring whether people get doxed or harassed or outed
* Assuming that data created by people always belongs to the megacorp
* These cosy relationships with letter agencies are oh so predictable
* The culture of embedding off-site links into web software so that they give companies a lot of data about how people are using it
* Assuming its ok to have telemetry on by default without telling the user or having any kind of informed consent
Really liking Ansible, especially when paired with Proxmox. Makes programmatically spinning up new VMs extremely easy. I will be using this to reimage some services periodically, so they're always running the latest version. I shut down and remove the VMs, and spin up new ones with the latest updates.
Maybe I should write a post on https://L1Cafe.blog about it, because for a beginner like me who never used Ansible, it was a bit rough to get the ball rolling at first. What do you think?
Crossposted from Twitter
RT @danidonovan@twitter.com
Been working on how I write emails:
“So sorry for the delay”
New: “Thanks for your patience”
(I FORGOT, BUT YOU CAN DEAL)
“What works best for you?“
New: “Could you do __:__?”
(MY TIME MATTERS TOO, OKAY)
“No problem!”
New: “Happy to help!”
(YEAH, YOU’RE WELCOME)
🐦🔗: https://twitter.com/danidonovan/status/1130693097401257984
Crossposted from Twitter
RT @thugcrowd@twitter.com
PSA
- It's okay to say "I don't know".
- It's okay to ask for clarity or further resources.
- It's okay to be unsure and take extra time to understand.
That is all for now.
🐦🔗: https://twitter.com/thugcrowd/status/1130252119838285824
- Keybase
- l1cafe
- 🏠 Homepage
- https://L1Cafe.blog
- 💬 Languages
- 🇪🇸 🇬🇧
- 📍 Location
- 🇪🇺 EU Soutwest
- 💸 Donations
- https://L1Cafe.blog/donate/
#ComputerScience & #Engineering student, #cybersecurity enthusiast, #privacy advocate.
I blog about CTFs and system administration. Sometimes a bit of reverse engineering as well.
Posts are my own and do not represent the views of my employer.
Joined Apr 2019
León Castillejos's choices:
