ReynardSec<p>Would you like to learn how to craft a raw TCP socket without Winsock?</p><p>In latest posts, Mateusz Lewczak explains how the AFD.sys driver works under the hood on Windows 11. In Part 1 [1], he demonstrates how to use WinDbg and the NtCreateFile call to manually craft a raw TCP socket, bypassing the Winsock layer entirely.</p><p>Part 2 of the series [2] dives into the bind and connect operations implemented via AFD.sys IOCTLs. Mateusz shows how to intercept and analyze IRP packets, then reconstruct the buffer needed to perform the three‑way TCP handshake by hand in kernel mode.</p><p>[1] <a href="https://leftarcode.com/posts/afd-reverse-engineering-part1/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">leftarcode.com/posts/afd-rever</span><span class="invisible">se-engineering-part1/</span></a><br>[2] <a href="https://leftarcode.com/posts/afd-reverse-engineering-part2/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">leftarcode.com/posts/afd-rever</span><span class="invisible">se-engineering-part2/</span></a></p><p><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>windows</span></a></p>
shakedown.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A community for live music fans with roots in the jam scene. Shakedown Social is run by a team of volunteers (led by @clifff and @sethadam1) and funded by donations.
Administered by:
Server stats:
262active users
shakedown.social: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.1
#infosec
116 posts · 98 participants · 5 posts today
Julie Webgirl<p><span class="h-card" translate="no"><a href="https://mstdn.social/@elfin" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>elfin</span></a></span> </p><p><a href="https://mstdn.social/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a></p><p>See above 2 toots</p>
Lazarou Monkey Terror 🚀💙🌈<p>It's shit like this which convinces me the US does not secretly have evidence of Aliens, .....because it would have been leaked/hacked by now. </p><p><a href="https://mastodon.social/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a> <a href="https://mastodon.social/tags/USMilitary" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>USMilitary</span></a> <a href="https://mastodon.social/tags/Sharepoint" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Sharepoint</span></a> <a href="https://mastodon.social/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a></p>
Shodan Safari<p>ASN: AS31726<br>Location: Hovden, NO<br>Added: 2025-07-19T21:27</p><p><a href="https://infosec.exchange/tags/shodansafari" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>shodansafari</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a></p>
GeneralX ⏳<p>Low risk: malware overtaking a nuclear power plant</p><p>High risk: 82 year old permanent resident who misplaced his green card</p><p><a href="https://www.theregister.com/2025/07/22/lapsed_cisa_funding_cybersentry/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">theregister.com/2025/07/22/lap</span><span class="invisible">sed_cisa_funding_cybersentry/</span></a><br><a href="https://freeradical.zone/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://freeradical.zone/tags/cisa" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cisa</span></a></p>
rye<p>GrrCon!!! </p><p><a href="https://grrcon.com/presentations/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">grrcon.com/presentations/</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/grrcon" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>grrcon</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/conference" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>conference</span></a> <a href="https://infosec.exchange/tags/grandrapidsmi" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>grandrapidsmi</span></a></p>
K. Reid Wightman :verified: 🌻 :donor:<p>Here's a better Magic Quadrant. <a href="https://infosec.exchange/tags/magicquadrant" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>magicquadrant</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/shitposting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>shitposting</span></a></p>
ApplSec<p>🧪 NEW BETA RELEASES 🧪</p><p>📱 iOS 26 beta 4 (23A5297i)<br>📱 iPadOS 26 beta 4 (23A5297i)<br>💻 macOS 26 beta 4 (25A5316i)<br>📺 tvOS 26 beta 4 (23J5316g)<br>🥽 visionOS 26 beta 4 (23M5300g)<br>⌚ watchOS 26 beta 4 (23R5317g)<br>🔨 Xcode 26 beta 4 (17A5285i)</p><p><a href="https://infosec.exchange/tags/apple" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>apple</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://infosec.exchange/tags/ios" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ios</span></a></p>
AAKL<p>New. The Chinese did it. </p><p>Microsoft: Disrupting active exploitation of on-premises SharePoint vulnerabilities <a href="https://www.microsoft.com/en-us/security/blog/2025/07/22/disrupting-active-exploitation-of-on-premises-sharepoint-vulnerabilities/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">microsoft.com/en-us/security/b</span><span class="invisible">log/2025/07/22/disrupting-active-exploitation-of-on-premises-sharepoint-vulnerabilities/</span></a> <a href="https://infosec.exchange/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a> </p><p>Bleeping Computer: Microsoft links Sharepoint attacks to Chinese hacking groups <a href="https://www.bleepingcomputer.com/news/security/microsoft-sharepoint-toolshell-attacks-linked-to-chinese-hackers/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/microsoft-sharepoint-toolshell-attacks-linked-to-chinese-hackers/</span></a> <span class="h-card" translate="no"><a href="https://infosec.exchange/@BleepingComputer" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>BleepingComputer</span></a></span> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a> <a href="https://infosec.exchange/tags/SharePoint" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SharePoint</span></a></p>
AAKL<p>Security Week: Vulnerabilities Expose Helmholz Industrial Routers to Hacking <a href="https://www.securityweek.com/vulnerabilities-expose-helmholz-industrial-routers-to-hacking/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">securityweek.com/vulnerabiliti</span><span class="invisible">es-expose-helmholz-industrial-routers-to-hacking/</span></a> <span class="h-card" translate="no"><a href="https://infosec.exchange/@SecurityWeek" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>SecurityWeek</span></a></span> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a></p>
ReynardSec<p>Lately 🫠 has become my favorite emoji, not just because of the weather.</p><p>"Microsoft knew of SharePoint server exploit but failed to effectively patch it"</p><p><a href="https://www.reuters.com/sustainability/boards-policy-regulation/microsoft-knew-sharepoint-server-exploit-failed-effectively-patch-it-2025-07-22/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">reuters.com/sustainability/boa</span><span class="invisible">rds-policy-regulation/microsoft-knew-sharepoint-server-exploit-failed-effectively-patch-it-2025-07-22/</span></a> </p><p>"Microsoft subsequently said in a July 8 security update that it had identified, opens new tab the bug, listed it as a critical vulnerability, and released patches to fix it.</p><p>Around 10 days later, however, cybersecurity firms started to notice an influx of malicious online activity targeting the same software the bug sought to exploit: SharePoint servers".</p><p><a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>microsoft</span></a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a></p>
AAKL<p>Google posted this update yesterday. Russia, Turkey, China, Iran are all over the place with propaganda campaigns, but Russia took the cake. </p><p>Google: TAG Bulletin: Q2 2025 <a href="https://blog.google/threat-analysis-group/tag-bulletin-q2-2025/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.google/threat-analysis-gr</span><span class="invisible">oup/tag-bulletin-q2-2025/</span></a> <a href="https://infosec.exchange/tags/Google" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Google</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a></p>
BeyondMachines :verified:<p>PeopleCheck reports data breach caused by ransomware attack</p><p>PeopleCheck, an Australian background screening provider, suffered a data breach via compromised login credentials that was claimed by the Everest ransomware group. The hackers claim to have stolen 4.3 GB of SQL data including client profiles, payment details, and sensitive personal information of individuals processed between June 2024-June 2025. PeopleCheck is offering 24 months of complimentary identity monitoring services.</p><p>****<br><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/incident" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>incident</span></a> <a href="https://infosec.exchange/tags/ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ransomware</span></a><br><a href="https://beyondmachines.net/event_details/peoplecheck-reports-data-breach-caused-by-ransomware-attack-9-h-7-j-g/gD2P6Ple2L" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">beyondmachines.net/event_detai</span><span class="invisible">ls/peoplecheck-reports-data-breach-caused-by-ransomware-attack-9-h-7-j-g/gD2P6Ple2L</span></a></p>
Jonathan Kamens 86 47<p>Oh, also, the email <a href="https://federate.social/tags/HackerOne" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HackerOne</span></a> sent out this morning contradicts itself. In the subject it says people have to enable 2FA "to Avoid Account Lockout." Then in the body it says, "Without 2FA set up, you won’t be able to access your account after July 29."<br>But then elsewhere in the body it says, "If you don’t make this change by July 29, 2025, you’ll be prompted to complete the setup before you are able to access the platform and submit reports."<br>That's not "lockout," idiots.<br><a href="https://federate.social/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a></p>
Jonathan Kamens 86 47<p>All the positive <a href="https://federate.social/tags/userExperience" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>userExperience</span></a> points <a href="https://federate.social/tags/HackerOne" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HackerOne</span></a> earned for how they were rolling out mandatory <a href="https://federate.social/tags/2FA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>2FA</span></a> were just erased by them sending out reminder email to all of their users about configuring 2FA without filtering out the users who had already done it.<br>That's some lazy, user-hostile bullshit, is what that is.<br>When you know which users have already followed your instructions, you don't need to waste their time making them go back and check. <a href="https://federate.social/tags/smdh" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>smdh</span></a><br><a href="https://federate.social/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://federate.social/tags/MFA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MFA</span></a> <a href="https://federate.social/tags/UX" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UX</span></a></p>
Xavier «X» Santolaria :verified_paw: :donor:<p>AI vs. AI 🥊 </p><p><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> </p><p><a href="https://archive.is/MZ5ze" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">archive.is/MZ5ze</span><span class="invisible"></span></a></p>
happygeek :unverified: + :verified: = $0<p>This article @Forbes has now been updated with an interesting counterpoint from @Paul__Walsh.</p><p><a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a></p><p><a href="https://www.forbes.com/sites/daveywinder/2025/07/22/this-password-hack-jumps-from-laptop-to-smartphone---attacks-underway/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">forbes.com/sites/daveywinder/2</span><span class="invisible">025/07/22/this-password-hack-jumps-from-laptop-to-smartphone---attacks-underway/</span></a></p>
Dave Lewis :verified:<p>In this heartfelt and wide-ranging conversation on the Chasing Entropy Podcast, I get to sit down with my friend, legendary storyteller, and community-builder Jack Daniel</p><p>Link: <a href="https://www.buzzsprout.com/2497520/episodes/17535159" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">buzzsprout.com/2497520/episode</span><span class="invisible">s/17535159</span></a></p><p><a href="https://infosec.exchange/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/AgenticAI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AgenticAI</span></a> <a href="https://infosec.exchange/tags/JackDaniel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>JackDaniel</span></a> <span class="h-card" translate="no"><a href="https://1password.social/@1password" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>1password</span></a></span></p>
Ian Campbell<p>Gadi Evron and Knostic are doing another Prompt Pit event:</p><p>"...if you made AI useful and you're willing to show your work, then come join us. We prefer security topics, but anything goes...</p><p>We don’t care if it’s reversing, GRC, coding, threat hunting, budget building, or poem writing, let’s show off our prompts (it's okay for them to be broken), learn, and punch miscreants (or at least have fun trying)."</p><p><a href="https://masto.deoan.org/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://masto.deoan.org/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a> </p><p><a href="https://docs.google.com/forms/d/e/1FAIpQLSd8QrQ1FyB0OG9qX943RT7G0PZ6m-PPYwNlkUggTX-DCmbVFg/viewform" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">docs.google.com/forms/d/e/1FAI</span><span class="invisible">pQLSd8QrQ1FyB0OG9qX943RT7G0PZ6m-PPYwNlkUggTX-DCmbVFg/viewform</span></a></p>
megabyteGhost<p>Let me ask you this: how important is social engineering in <a href="https://masto.hackers.town/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a>? How often is a failure in <a href="https://masto.hackers.town/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> due to social engineering?</p><p>What I do is a type of social engineering. </p><p>Of course, ethics are VERY important to me. </p><p>If they weren’t I would be elsewhere…making a lot more money. </p><p>But sales, copywriting, marketing in general. It’s all social engineering. </p><p>You know the power of social engineering. </p><p>Hire me (<a href="https://masto.hackers.town/tags/GetFediHired" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GetFediHired</span></a> ) to write your copy and socially engineer your success.</p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload