How Researchers Cracked an 11-Year-Old #Password to a $3 Million #Crypto #Wallet

Source: https://www.wired.com/story/roboform-password-3-million-dollar-crypto-wallet/

He cracked the #Trezor wallet in 2022 using complex #hardware techniques that forced the USB-style wallet to reveal its password.

#security #cybersecurity #news #bitcoin #btc

Cybercriminals pose as "helpful" Stack Overflow users to push malware

#security #bleeping computer #bleepingcomputer #computers #technology #news #education #updates #tech
generated by pod_feeder_v2

Brian Ó Donnell / pod_feeder_v2 · GitLab

Publishes RSS/Atom feeds to Diaspora*

^GitLab

#Keylogger in #Microsoft #Exchange Server Steals #Login Credentials From Login Page

Source: https://cybersecuritynews.com/keylogger-embedded-microsoft-exchange-server/

#Microsoft #Exchange #security #CyberSecurity #news #password

Keylogger in Microsoft Exchange Server Steals Login Credentials From Login Page

Positive Technologies' Expert Security Centre (PT ESC) found a sophisticated keylogger hidden on the main page of Microsoft Exchange Servers. This is a major security breach that affects businesses and government bodies around the world.

^{Guru Baran (CybersecurityNews)}

Where People Go When They Want to Hack You?

source:

#ZeroDay #Hack #Hacker #Exploit #cybersecurity #software #security #bug #SocialEngineering

12/

Denys Shmyhal, Prime-Minister of Ukraine:

"If we will not protect... #Ukraine will fall. So the global, the global system of security will be destroyed... and all the #world will need to find... a new system of #security. Or, there will be many #conflicts, many such kinds of #wars, and in the end of the day, it could lead to the Third World War... disinformation and #propaganda is influencing here in the #US on many people, in #EU on many people"

#ArmUkraineToWIN

https://www.bbc.com/news/world-europe-68840261

Ukraine warns of WW3 ahead of long-stalled Congress aid vote

Denys Shmyhal tells the BBC his country desperately needs the US to approve long-stalled security assistance.

^{By Sumi Somaskanda & Holly Honderich (BBC News)}

Encrypted services #Apple, #Proton and #Wire helped Spanish #police identify #activist

Source: https://techcrunch.com/2024/05/08/encrypted-services-apple-proton-and-wire-helped-spanish-police-identify-activist/

#news #security #privacy #communication #technology #software #logging #surveillance

NEW: second judge in #Poland reportedly confirmed as #Pegasus spyware victim.

Appeals court judge told reporter her responsibilities included classified cases where wiretapping was used.

Poland's spyware reckoning continues.

[PL, machine trans.]
Story: https://oko.press/wiemy-o-drugim-polskim-sedzi-inwigilowanym-pegasusem-to-sedzia-apelacyjna-z-krakowa-news-oko-press

#spyware #infosec #cybersecurity #polska #malware #security #intelligence #surveillance

You can deactivate #Microsoft #Defender via secret #API 😑

Source: https://github.com/es3n1n/no-defender

#Windows #software #security #CyberSecurity #fail

GitHub - es3n1n/no-defender: A slightly more fun way to disable windows defender. (through the WSC api)

A slightly more fun way to disable windows defender. (through the WSC api) - es3n1n/no-defender

^GitHub

How the new #Microsoft #Recall feature fundamentally undermines #Windows #security

Source: https://doublepulsar.com/how-the-new-microsoft-recall-feature-fundamentally-undermines-windows-security-aa072829f218

#cybersecurity #news #desktop #software #ai #Technology

How the new Microsoft Recall feature fundamentally undermines Windows security

Yesterday, Microsoft CEO Satya Nadella sat down with the media to introduce a new feature called Recall, as part of their Copilot+ PCs. It takes screenshots of what you’re doing on constantly, by…

^{Kevin Beaumont (DoublePulsar)}

We love #DNS! ❤️

Tuta uses DMARC, DKIM & SPF to protect your domains from spoofing. Unlimited custom domain aliases & strong #security are a perfect match. 🔒

Not sure what these acronyms mean? No worries, we've got you covered.

👉 https://tuta.com/blog/dkim-custom-email-domain

Apple needs to explain that bug that resurfaced deleted photos: Can we trust Apple’s PR?

It’s understandable that people freaked out last week when photos deleted years ago had suddenly reappeared in their iPhone photo library.

While we wait to hear the reason, it does seem to appear that deleted photos are still not deleted after 30 ...continues

See https://gadgeteer.co.za/apple-needs-to-explain-that-bug-that-resurfaced-deleted-photos-can-we-trust-apples-pr/

#apple #privacy #security #technology

Apple needs to explain that bug that resurfaced deleted photos: Can we trust Apple's PR?

^{Danie (GadgeteerZA)}

How to protect your #privacy with an SBC-powered #VPN #server

source: https://www.xda-developers.com/set-up-vpn-server-on-sbc/

Virtual Private Networks (VPNs) are an effective means to enhance your privacy. By disguising your IP address, a VPN prevents third-parties from tracking your #online activities on top of protecting your data from network-based hacking attacks.

#news #cybersecurity #opensource #network #internet #security

How to protect your privacy with an SBC-powered VPN server

A PiVPN server is the best way to protect your privacy without exposing your data to a third-party VPN provider

^{Ayush Pande (XDA)}

I would have loved this in college.

#infosec #security #LaundryLaughs #laundry #lol

@zackwhittaker https://mastodon.social/@zackwhittaker/112457447298124340

Zack Whittaker

2024-05-17 16:47:46

New, by me: Two university students have uncovered a security bug that lets millions do their laundry for free.

CSC ServiceWorks provides internet-connected laundry machines to thousands of residential homes and universities around the U.S., Canada and Europe.

The students found that any security checks are done by the app on the user’s device and automatically trusted by CSC’s servers,

But CSC still hasn't fixed the isue — or acknowledged their findings.

More: https://techcrunch.com/2024/05/17/csc-serviceworks-free-laundry-million-machines

TechCrunch is part of the Yahoo family of brands

^{techcrunch.com}

From a human behavior analysis standpoint, this image is absolutely fascinating. There is so much information about human behavior that can be extracted from the data represented here

EDIT: OMFG 1701 IS THE DESIGNATION OF THE STAR SHIP ENTERPRISE (NCC-1701). TREKKIES WHY ARE YOU LIKE THIS?!?

#security #anthropology #psychology

Why is #Mozilla collecting our #search data?

source: https://blog.mozilla.org/en/products/firefox/firefox-search-update/

Sensitive topics, like searching for particular health care services, are categorized only under broad terms like health or society. Your search activities are handled with the same level of confidentiality as all other data regardless of any local laws surrounding certain health services.

Hello Mozilla, I use Firefox because my privacy is important to me. The best security is still achieved if you don't collect the data. That is why I will use a fork that does not collect search data. It would be nice if Mozilla took user privacy more seriously.

#privacy #news #browser #web #internet #firefox #security #cybersecurity #surveillance #statistics #bigdata #bigbrother

See what’s changing in Firefox: Better insights, same privacy

We’re ramping up our efforts to enhance search experience by developing new features like Firefox Suggestions.

^{Mozilla (The Mozilla Blog)}

Psst 👋 Email Preview for push notifications is coming soon!

Now you can know who is sending you an email before opening your mailbox! 🎉

Here's a sneak peek 🤫
#teaser #ios #android #sneakpeek #privacy #security #linux #macos #windows

If you're using GNU/Linux. Please use opensnitch, it's criminally underrated. It notifies you of network requests made in real time, and you can choose to allow them or not (it comes with a lot of filtering options as well): https://github.com/evilsocket/opensnitch

#privacy #infosec #linux #foss #security

GitHub - evilsocket/opensnitch: OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.

OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch. - evilsocket/opensnitch

^GitHub

Do you want to learn how to setup an air-gapped #Nextcloud for maximum privacy and data protection?

Join me on May 22nd at 9 am EDT / 3 pm CEST on a free webinar to learn about air-gapped Nextcloud:

🔍 Critical factors to consider
🛡️ Four customizable air-gapped setups
🔧 Setting up air-gapped Nextcloud instances
💼 Best practices for Nextcloud maintenance

Register for free:
https://bit.ly/3QB2dlv

#OpenSource #GovTech #Security #CyberSecurity #infosec #privacy #sysadmin #datasecurity

[Webinar] Beyond Secure: Air-gapped Nextcloud for highly confidential data

Join us to learn how you can set up air-gapped Nextcloud for highly confidential data ideal for military, government, and large enterprises.

^Nextcloud

#Google #Cloud accidentally deletes #UniSuper’s online #account due to ‘unprecedented #misconfiguration’

source: https://www.theguardian.com/australia-news/article/2024/may/09/unisuper-google-cloud-issue-account-access

While UniSuper normally has duplication in place in two geographies, to ensure that if one service goes down or is lost then it can be easily restored, because the fund’s cloud subscription was deleted, it caused the deletion across both geographies.

#fail #economy #security #backup #problem #omg #wtf #news

Google Cloud accidentally deletes UniSuper’s online account due to ‘unprecedented misconfiguration’

Super fund boss and Google Cloud global CEO issue joint statement apologising for ‘extremely frustrating and disappointing’ outage

^{Josh Taylor (The Guardian)}

#Dell #API abused to steal 49 million customer records in data breach

Source: https://www.bleepingcomputer.com/news/security/dell-api-abused-to-steal-49-million-customer-records-in-data-breach/

#hack #hacker #security #fail #news #cybersecurity

The #Biden admin has concluded it is “reasonable to assess” that #Israel’s military campaign in #Gaza has violated #InternationalLaw, but has not found specific instances that would justify the withholding of #military aid, #State Dept told #Congress Fri.

#LawsOfWar #InternationalHumanitarianLaw #HumanRights #Law #Palestinians #HumanitarianCrisis #MiddleEast #geopolitics #Security
https://www.nytimes.com/live/2024/05/10/world/israel-gaza-war-hamas-rafah/biden-israel-us-weapons-gaza?smid=nytcore-ios-share&referringSource=articleShare&sgrp=c-cb

Who controls the tech stack❓

When choosing a secure solution for your data, this one of the most important questions❗

Here's why: ➡️ https://tuta.com/blog/what-is-a-tech-stack

#security #technology #opensource #foss

Secure PDF Viewer app version 19 released:

https://github.com/GrapheneOS/PdfViewer/releases/tag/19

See the linked release notes for a summary of the improvements over the previous release and a link to the full changelog.

Forum discussion thread:

https://discuss.grapheneos.org/d/12571-secure-pdf-viewer-app-version-19-released

#GrapheneOS #privacy #security #pdf #android

Secure PDF Viewer app version 19 released - GrapheneOS Discussion Forum

GrapheneOS discussion forum

^{GrapheneOS Discussion Forum}

"There are no ways to prevent such attacks"

Well that's concerning...

"except when the user's VPN runs on Linux or Android"

Oh. Well then.

https://arstechnica.com/security/2024/05/novel-attack-against-virtually-all-vpn-apps-neuters-their-entire-purpose/

#VPN #Vulnerability #Security

Novel attack against virtually all VPN apps neuters their entire purpose

TunnelVision vulnerability has existed since 2002 and may already be known to attackers.

^{Ars Technica}

It is always a bad sign when a #democracy bans the #press...

source: https://www.bbc.com/news/world-middle-east-68961753.amp

The Foreign Press Association (FPA) urged the Israeli government to reconsider its decision, saying the shut down of #AlJazeera in the country should be "a cause for concern for all supporters of a free press".

#censorship #war #gaza #problem #journalism #freedom #politics #military #humanrights #security #news

Al Jazeera office raided as Israel takes channel off air

The network denies being a threat to security, and says Israel wants "to cover up its crimes".

^{BBC News}

#Sweden has noticed that #cash is indispensable in the face of increasing #cyberwarfare.

source: https://www.riksbank.se/globalassets/media/rapporter/betalningsrapport/2024/engelsk/payments-report-2024.pdf

#future #technology #money #economy #cybewar #cybercrime #cybersecurity #war #security #backup #system #news #bankster

How to Stop Any Smart TV From Spying on You:

"Smart TVs track your viewing habits using content recognition and voice capture for targeted advertising.

Disconnecting smart TVs from the internet can prevent data tracking, but limits functionality and will require you to use a streaming box for many tasks (which may also track you)"

#News #TV #Privacy #Security
https://www.howtogeek.com/how-to-stop-any-smart-tv-from-spying-on-you-lg-samsung-sony-vizio/?user=cmF2ZW4uY2FAcHJvdG9uLm1l&lctg=9cd17b80cd7d20011df2d51c589bdd9c4cc26e4110d76355b40d8c29d7add1ba

How to Stop Any Smart TV From Spying on You: LG, Samsung, Sony, Vizio

TV manufacturers are hungry for your data.

^{Tim Brookes (How-To Geek)}

What Happens When a #Romance #Writer Gets Locked Out of #Google Docs

source: https://www.wired.com/story/what-happens-when-a-romance-author-gets-locked-out-of-google-docs/?esrc=AUTO_PRINT

In March, an aspiring author got a troubling message: All of her works in progress were no longer accessible. What happened next is every writer’s worst fear.

Google never specified which of her 222,000 words was inappropriate.

...

Generally speaking, files containing #violence, #abuse, child sexual abuse material, and gore violate the terms of service for Google Drive and its associated products, like Docs and Sheets.

Now many of you will be thinking, who is stupid enough to store everything in the Google #cloud? The problem is we know that, but many people out there don't. We urgently need to do more educational work and warn people about companies like Google and their practices. Tell all your friends and acquaintances and don't use the clouds of the big corporations.

#news #problem #fail #warning #danger #service #customer #internet #economy #security #wtf #omg #disaster

In case you missed it, what's new in the latest release from SimpleX Chat, v5.7:

Quantum resistant end-to-end encryption enabled for all contacts, forward and save messages without revealing the source, in-call sound effects and switching sound sources, and better network connection management.

Details: https://simplex.chat/blog/20240426-simplex-legally-binding-transparency-v5-7-better-user-experience.html#forward-and-save-messages

Coming soon: UI improvements is a major priority.

#Privacy #Security #Messengers

If you use Dropbox you should probably change your password.

Headline: #Dropbox Hacked! Threat Actor Accessed Passwords and Phone Numbers

Snippet: A quick analysis revealed that a threat actor had broken in to access customer information such as emails, usernames, phone numbers and hashed passwords, as well as general account settings and certain authentication information (API keys, OAuth tokens, and multi-factor authentication).

https://www.bitdefender.com/blog/hotforsecurity/dropbox-hacked-threat-actor-accessed-phone-numbers-and-passwords/

#Privacy #Security #Cybersecurity

Dropbox Hacked! Threat Actor Accessed Passwords and Phone Numbers

File hosting service Dropbox says a threat actor breached its e-signature service and accessed customer data, including phone numbers and passwords.

^{Hot for Security}

Oh, great. Computer security researchers have developed a proof-of-concept for a type of ransomware that would act when you try to *upload* a file. It would be able to encrypt any files in the folder you uploaded from, and any subfolders of it.

This is a proof-of-concept; the researchers have not seen any such attacks in the wild. But stay careful out there, okay?

Affects Chrome and Edge, but *not* Firefox or Safari!

https://theconversation.com/cybersecurity-researchers-spotlight-a-new-ransomware-threat-be-careful-where-you-upload-files-219560

#security #cybersecurity #malware #ransomware

Cybersecurity researchers spotlight a new ransomware threat – be careful where you upload files

Modern web browsers are increasingly becoming like virtual computers, able to send email and play music and videos. The downside is it’s a new way for hackers to get into your computer.

^{The Conversation}