hey so this is probably completely pointless but: looking for a job (NZ or fully remote willing to hire a kiwi) in SRE, security, or linux/Unix system administration. 15 years expereince administering Linux and Unix boxes, intermediate level of experience working with docker compose and containerisation and container security. No prior job experience unfortunately, all those 15 years were mostly personal projects and small-scale stuff for friends. Currently running an entire multi-machine personal cloud infrastructure with a demonstration of all the services I have running at https://status.highenergymagic.net. Entirely willing to accept entry-level job placements, no expectation of being paid a lot or anything, just want to be doing something and move the needle a little on my current "being broke" status. #fedihired #infosec #cybersecurity #linux #unix #docker #sre #DevOps

Please boost for reach, any job offers please DM me.

This dumb password rule is from Itaú Bank.

I know, it's in spanish, let me translate this monstrosity for you.

- Allowed characters: letters A to Z uppercase or lowercase (ñ is not allowed), number 0 to 9, #, $, %, &, +, -, . :, ;, _.
- You must use 8 characters.
- The password must contain at least one letter and at least one number.
- ...

https://dumbpasswordrules.com/sites/itau-bank/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Bank Millennium.

Passwords limited to 8 digits.

https://dumbpasswordrules.com/sites/bank-millennium/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

attention anybody with substantial experience with Rust and networking: my team is hiring!!

one of few rust jobs I'm aware of that is not web 3.0 horseplop.

fully remote (US timezones), good culture, good trans-inclusive healthcare, good work/life balance, and a nice defensive cybersecurity mission i can get behind.

feel free to reach out for more details and the job posting.

#fedihired #rust #infosec #cybersecurity #ot #ics

hey so this is probably completely pointless but: looking for a job (NZ or fully remote willing to hire a kiwi) in SRE, security, or linux/Unix system administration. 15 years expereince administering Linux and Unix boxes, intermediate level of experience working with docker compose and containerisation and container security. No prior job experience unfortunately, all those 15 years were mostly personal projects and small-scale stuff for friends. Currently running an entire multi-machine personal cloud infrastructure with a demonstration of all the services I have running at https://status.highenergymagic.net. Entirely willing to accept entry-level job placements, no expectation of being paid a lot or anything, just want to be doing something and move the needle a little on my current "being broke" status. #fedihired #infosec #cybersecurity #linux #unix #docker #sre #DevOps

Please boost for reach, any job offers please DM me.

The #VeraCrypt and #WireGuard maintainer accounts have been locked out by Microsoft. They are now unable to deliver Windows updates.

https://cybernews.com/security/microsoft-suspends-veracrypt-wireguard-accounts-maintainers/

#security #cybersecurity

This dumb password rule is from Inria.

This is the account for those who work at [Inria](https://www.inria.fr/)
"the French national research institute for
the digital sciences".

You have to wonder what's wrong with these special characters but not
the other ones.
- Password expiration once a year
- Your password must contain at leas...

https://dumbpasswordrules.com/sites/inria/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

Critical File Upload Vulnerability Reported in Ninja Forms Plugin for WordPress

A critical unauthenticated arbitrary file upload vulnerability in the Ninja Forms – File Upload plugin (CVE-2026-0740) allows attackers to achieve remote code execution.

**If you are using the Ninja Forms File Upload plugin, this is urgent! Immediately update to version 3.3.27. You can't hide WordPress from the internet, it's made to be visible online. Since this flaw is being actively scanned for, any delay in patching leaves your site exposed to automated attacks. After the update, review server logs for suspicious requests targeting the handle_upload action.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-file-upload-vulnerability-in-ninja-forms-plugin-exposes-50000-wordpress-sites-j-m-6-0-i/gD2P6Ple2L

This dumb password rule is from Deutsche Kreditbank AG (DKB).

Passwords for the online banking web frontend do not have a max length constraint, but using the same password to
log in to the official iOS DKB app requires the password to be no longer than 38 characters.

https://dumbpasswordrules.com/sites/deutsche-kreditbank-ag-dkb/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

Hello, world!

We are IFIN, the Independent Federated Intelligence Network, and we want to change how threat intelligence is done.

We believe we're all safer when we share what we know. Come learn more and join us!

https://ifin-intel.org/blog/hello/

#ThreatIntel #ThreatIntelligence #Cybersecurity #Infosec

This dumb password rule is from Air France.

- Between 8 to 12 characters
- Should contain capital, lowercase letters and numbers

https://dumbpasswordrules.com/sites/air-france/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

Can anyone recommend a good "introduction to 2fa" article/video for dummies that I can forward to some non-technical folks? Also not slop-generated. #cybersecurity #2fa

This dumb password rule is from MySwissLife.

User ID *has to* be 8 characters exactly, password *has to be* 8 characters and numbers only.

https://dumbpasswordrules.com/sites/myswisslife/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Bank of America.

20 character max and lots of special character restrictions.
Bank of America - keeping your money safe.

Also: If you paste a password greater than 20 characters,
the form truncates it without telling you or giving an
error.

https://dumbpasswordrules.com/sites/bank-of-america/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Trenord.

- Password must consist of 8-16 characters
- Must contain 3 out of 4 of the following: lowercase characters, uppercase character, digits (0-9), and one or more of the following symbols: @#$%^&*-_+=[]{}|\:',?/`~“();.

https://dumbpasswordrules.com/sites/trenord/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Air Miles.

- Exactly 4 numbers.

https://dumbpasswordrules.com/sites/air-miles/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Safeway.

Passwords limited to 8-12 characters.

https://dumbpasswordrules.com/sites/safeway/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

How does Apple's Lockdown mode work and protecting you from Spyware?

This video shows you how

Credit: @bellis1000

https://www.youtube.com/watch?v=5D3lWDUEJA8

#infosec #cybersecurity #apple #iphone #lockdownmode

Wow, fake slack and fake Teams update in the npm hack...

https://www.bleepingcomputer.com/news/security/axios-npm-hack-used-fake-teams-error-fix-to-hijack-maintainer-account/

#slack #teams #supplychain #npm #cybersecurity

This dumb password rule is from Green Flag.

- 8 to 10 characters
- No special characters

https://dumbpasswordrules.com/sites/green-flag/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

@nielsa no, that's not what I'm telling you.

I prefer to believe that most people will be thoughtful.

＂… a huge number of bugs. I have so many bugs in the Linux kernel that I can't report because I haven't validated them yet. I'm not going to make some open source developer validate bugs that I haven't checked yet. I'm not going to send them potential slop … I now have … several hundred crashes that they haven't seen because I haven't had time to check them. We need to find a way to fix this …＂

– Nicholas Carlini

#Linux #FreeBSD #security #cybersecurity #infosec #AI #LLMs

Alt...

Screenshot: a frame from https://www.youtube.com/watch?v=1sd26pWhfmg

This dumb password rule is from State Bank of India (Foreign Travel Card).

State Bank of India is the largest government operated bank in India.
They offer "travel" prepaid cards for foreign currencies, this is for
their portal for the prepaid card users to manage their account.

Your password must:
- Be between 8 and 9 characters long
- Contain at least 1 lowercase c...

https://dumbpasswordrules.com/sites/state-bank-of-india-foreign-travel-card/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Paytm.

Password must be between 5 and 15 characters. Also, spaces don't count
as characters.

https://dumbpasswordrules.com/sites/paytm/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from LINE.

Password must:
- be between 8 to 20 characters
- not contain characters that repeat in a row
Password must contain three of the following:
- an upper-case letter
- a lower-case letter
- a number
- a symbol

https://dumbpasswordrules.com/sites/line/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Telekom.

At first glance, their policy looks good - sure, the upper limit was chosen without necessity
and they enforce characters from all four groups, but your password manager will most likely come up with something suitable.

The website even tells you how 'wunderbar' your new password is - only to t...

https://dumbpasswordrules.com/sites/telekom/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Alipay.

- 8-20 characters (numbers or letters)
- no special characters allowed
- in the mobile app

https://dumbpasswordrules.com/sites/alipay/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

We can quit #cybersecurity and just go farm potatoes or something. After 25 years of #appsec one of the most talked-about tech companies invents a daemon process that

makes use of a file-based “memory system” designed to allow for persistent operation across user sessions.

Sure. Just store your system instructions in a random text file.

Why are we installing endpoint protection on this system?

Why do we verify cryptographic signatures on software updates to this system?

Why are we building a zero trust security environment?

Why do we do scan email to avoid social engineering emails?

Our AI-assisted users are gonna YOLO right past all that. And if they can’t get past our #security controls, this agentic Frankenstein will write itself some markdown and work quietly in the background figuring out how to bypass something the user couldn’t bypass on their own.

This is #infosec in 2026

This dumb password rule is from E-Redes.

Portuguese power distribution company, which requires short passwords (10 to 15 characters), no repetition of the same character, not using the username, the word "PASS" or the word "SAP" in the password, and limiting which special characters can be used.

https://dumbpasswordrules.com/sites/e-redes/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

TLS and SSH rely on Certificate Authorities (CAs) for authentication, but they also present a vector for Man in the Middle attacks. What if you could set up your own CA to reduce your exposure?

➡️ https://fedoramagazine.org/make-a-private-ca-with-step-ca/

#WebDev #Linux #Security #InfoSec #Cybersecurity #Fedora

This dumb password rule is from BMW ConnectedDrive.

Although the prompt suggests good things, after many failed attempts to
set a new password, it turns out you can ONLY use the special characters
shown in the prompt

https://dumbpasswordrules.com/sites/bmw-connecteddrive/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Vistara.

Password must contain:
- 8 to 12 Characters.
- At least one lowercase and uppercase letter.
- At least one numeric character.
- At least one special character (!, @, #, $, %, %, ^, &, +, =).

Must not contain space, first or last name.

https://dumbpasswordrules.com/sites/vistara/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

Many thanks to Mirko Zorz and the team at @helpnetsecurity magazine for allowing me to rant about my dislike for the phrase "Human are the weakest link" when it comes to #Cybersecurity

In fact humans are our "last line of defence" when all our tech has failed or been bypassed

https://www.helpnetsecurity.com/2026/03/31/cybersecurity-design-failures-not-human-error/

This dumb password rule is from Battle.net.

8 to 16 characters, at least one number and one letter and last but not least NO special characters, and can't have a password that looks like your username too. Oh, and passwords are NOT case sensitive.
A real time travel adventure through the password rules of 2005!

https://dumbpasswordrules.com/sites/battle-net/

#password #passwords #infosec #cybersecurity #dumbpasswordrules