For those pointing out the #racism & #misogyny against #MeghanMarkIe, there’s a word for this that describes the intersectional disadvantage of race & gender called #Misogynoir (coined by Moya Bailey). Use it please. A high profile example helps cement the concept in people’s mind. Now imagine if she was poor & didn’t get the opportunity to have an elite education how those systems of oppression could interlock even further towards stigma, alienation & disadvantage.
#Intersectionality matters.
A reminder, if you own your own domain you can quickly setup webfinger like this https://www.hanselman.com/.well-known/webfinger (can just be a static file, or dynamic) so that if someone searches mastodon (use me as an example) for @shanselman then it will call out to my domain, find me, and tell you my aliases, which is my account at hachyderm.io. Cool eh? Should take you just a few min to implement!
Policymakers gonna nerf #encryption for private messaging purposes - where it does a lot of vital good - while mandating it for #ICS internal network traffic, where it's not very useful and arguably harms actionable security. Fun times.
#introduction Hey Folks,
I'm Duane. I am currently an Associate Professor of Cybersecurity at #ChamplainCollege in Burlington, VT. I have been in infosec for 25 years this year. My experience comes from the government and education sector for 15 years and 10 years in Academia (full-time and 20, total, as an adjunct previously). In just over a month, I will be leaving Academia and working in the private industry. I will miss teaching, though I can’t deal with the traditional model of education in higher education.
Instead I’m teaching in a different form at Cloud Range (where I’ll be working Full Time in January ’23) and am the Senior Adversarial Engineer. I create the cyberattacks and then automate them to run in a live cyber range. We then train existing security teams or folks transitioning to security to identify the attacks. I get to play with some cool products, perform attacks I’ve only read about or did on my own time, create debriefing guides, and perform forensics on my own attacks. It’s an amazing job due to the amount of learning and forensic skills I’m honing. I’m exposed to industries I’ve only learned about in passing about their infosec needs like #ICS. I’m currently learning more and more about #ICS and one of my former students will be my mentor once I’m able to get into in more depth when I’m full-time. I have created two fun attack trainings for ICS and one for PLCs…the automation script for that one is sooo long. :D
I tend to post about the basics of infosec, be an ally for newcomers and those transitioning into the field, and remind folks to perform security control tests.
I’m getting back into metasmithing, but due to arthritis in my neck and managing my chronic pain, I can’t do much anymore so I’m learning to work with precious metal clay…easy on my neck. :). I also like pencil drawing and will be learning procreate on my iPad soon too.
Despite the migration to Mastodon, I’m going to continue promoting using the Matrix protocol and happy to test it with others. I just setup my first Matrix server too. :D
@hacks4pancakes @neurovagrant you could write the book we need Leslie!
If I answered some questions about Industrial Control System cybersecurity and cyberattacks during my downtime today, what would you like to know?
Some background - my expertise is in incident response and digital forensic investigation of hacking of infrastructure systems - like power, water, manufacturing, oil and gas, transportation, agriculture, etc. There aren’t a lot of people who specialize in this. My company provides consulting and products to do cybersecurity for weird stuff that powers critical infrastructure like PLCs and SCADA. These networks are quite different than enterprise IT, and doing security in them can be challenging.
My own background is pretty left field as expected, with degrees in Networks, Electronics, and Avionics. I’ve been doing this for a while now. What would you like to know?
#cybersecurity #DFIR #ics #CriticalInfrastructure #ICSCybersecurity #IndustrialControl
FYI - Starting in January, I will be teaching a live online training course on Cybersecurity Risk Management Using the NIST Framework for O'Reilly.
One thing I plan to do is cite real-world examples of cybersecurity incidents that can be traced back to obvious shortfalls in risk management practices. I've got my own ideas but if any of the infosec peeps who follow me here want to offer up their suggestions where bad risk management led to hacks, breaches, data leaks, or other unfortunate outcomes, I'm all ears.
Happy to give a big hat tip to you if I use your examples. Let me know and thanks!
If you're #new (or have been here a few weeks), and you haven't started following #hashtags or incorporating them into your #toots, you're missing out on a vital piece of #Mastodon.
Following hashtags you like will help you find people with similar #interests, and adding them to your toots will help them find you. #Boosts are great, but this is how you can really #curate your #feed.
Why #RSS isn't more popular, I've no idea. If you want to keep on top of new posts on your favourite sites, without clogging up your inbox with newsletters, a decent RSS aggregator / reader is a great alternative.
My choice is FreshRSS: https://www.freshrss.org/
I use the web UI for reading my feeds on computers, and FeedMe on my Android phone.
I runs nicely on a Raspberry Pi.
Several Mastodon instances (including Newsie) have come under cyber-attack recently by state-level actors.
If you are the admin of a Mastodon Instance that overlaps arts, human rights, civil society, journalism, or democracy and would like FREE cyber security protection from Cloudflare as part of Project Galileo please reach out as Fourth Estate is a long-time Project Galileo partner
@donmelton
I'm following journalists like mad, but at the same time, I'm not sure they will necessarily provide the greatest value to being here. My favorite social network was the original Google+, and I don't recall many journalists there, just lots of interesting people sharing thoughts. I think we will be fine with or without them.
Are you angry at @SpaceKaren for banning, unbanning and re-banning journalists? And want all the journalists on the #Hellsite to abandon it now and come here?
You're mad as Hell and you're not going to take it anymore, right? But what can you do?
Simple. Follow every journalist on #Mastodon. Now.
Why? So the journalists that *are* here can show those who aren't---and their organizations---how big the audience is. What they understand is numbers.
We made #JohnMastodon happen. We can do this.
What is the future of Black Twitter? Will Black users stick around as Musk ejects those that annoy him/his ego? Is it possible to rebuild this community elsewhere? Do we even need to ask this question? 🤔
Here's a thread of critical, curious, and contextual articles by some smart folks: 1/#
I only just read @mmasnick ’s piece on the “content moderation learning curve”from November, but it feels like an instant classic. Go read it. https://www.techdirt.com/2022/11/02/hey-elon-let-me-help-you-speed-run-the-content-moderation-learning-curve/ #lawfedi #Twitter
🚨 SAVE YOUR STUFF 🚨
If you post research to Twitter and have not had a chance to archive or save your posts, now is a good time to do so. I expect the recent TOS updates to disproportionately affect activists even more than we've already experienced.
Here are some tools for archiving:
Download friend lists and last 3200 tweets:
https://tweetbeaver.com
Extensions for grabbing all the media off of Twitter accounts for Firefox and Chrome:
https://addons.mozilla.org/en-US/firefox/addon/tw-media-downloader/
Archive important threads here:
https://web.archive.org/save
Most tweets after late 2019 are automatically saved to the Wayback Machine and can be retrieved with tools like this (requires API access): https://github.com/travisbrown/cancel-culture
Older threads will need additional attention.
If anyone is migrating to Mastodon and wants a list of your friends from Twitter to auto connect with: https://www.movetodon.org/
I also recommend using Fedifinder or Debirdify and exporting the CSV just for account verification later even if you don't plan on following people today.
Note: you can look up Mastodon friends of accounts other than your own with Debirdify.
We do have some research account backups saved from a few weeks ago but if you have posted anything important that needs to be preserved externally please grab it.
I realized I never introduced myself.
Hi I am Rae.
I am an OSINT Analyst who loves Maritime #OSINT
I am also an executive board member of #osintcurious, a volunteer for #NCPTF and #OperationSafeEscape
My website is raebaker.net
I have a new book coming out in 2023 with Wiley Tech called 'Exploring the Real-World Value of Open Source Intelligence'
I just released the trailer for #KaseScenarios an immersive OSINT Training experience you can learn more about at KaseScenarios.com
Overall I just love all things OSINT and look forward to contributing on this new platform!
🔰Beginner at Mastodon.