Search
Items tagged with: InfoSec
"Federal Grants (to local LE) Send Warzone Tech To USA Streets" To Tracking Wireless / Bluetooth Signals & More
(self driving tech also carries plenty to offer)
Yet another reminder: the very tech developed & many support for overseas use, eventually makes its way back home
No company calls it quits after war - they localize, lobby PD
#News #privacy #tracking #Tech #HumanRights #autonomy #infosec #USA #WiFi #bluetooth #policing
https://www.notus.org/technology/war-zone-surveillance-border-us
War Zone Surveillance Technology Is Hitting American Streets
At least two Texas communities along the U.S.-Mexico border have purchased technology that tracks people’s locations using data from personal electronics and license plates.Byron Tau (NOTUS)
#Networks like #I2P serve useful to #OSINT #investigations, #Journalism, and #activism (#clearnet conns can be more private using #outproxy in I2P).
You can customize your routing experience, even change number of hops, banning and unbanning routers based on suspicious behavior! 😎
💡 TIP: take advantage of using both I2P & #Tor browser set up - spreading the risk to personal #privacy / #anonymity (+ avoid blocks).
Right now I2P is under attack: help by running i2p!
I had an unsettling discovery about some family history on Monday that threw me through a loop and prevented me from being in the right mind to start streaming and making content again.
Tonight I am breaking Passover with family, so I am hoping tomorrow I can finally get back on the wagon to make content and get back to streaming my tinkering and Gaming on Linux stuff. But the first stream will be a "what happened in the past two months" hangout
What on earth?! Amazon S3 charges you for unauthorised requests to S3?!
That's just absolutely insane! I better check my AWS account and delete any unused buckets I have in there …
#aws #s3 #infosec #webdev #cloud
How an empty S3 bucket can make your AWS bill explode
Imagine you create an empty, private AWS S3 bucket in a region of your preference. What will your AWS bill be the next morning?Maciej Pocwierz (Medium)
It's also true that many #hacking tools, platforms, courses etc. could use some help in the #accessibility department. It's a neverending vicious circle.
Enter my new twitch channel, IC_null. On this channel, I will be streaming #programming and #hacking content including THM, HTB and who knows what else, from the perspective of a #screenReader user.
What I need, is an audience. If this is something you reckon you or anybody you know might be interested in, drop the channel a follow or share this post. Gimme that #infoSec Mastodon sense of comradery and help me out to make this idea an actual thing :) https://twitch.tv/ic_null #tryHackMe #streamer #selfPromo
ic_null - Twitch
ic_null streams live on Twitch! Check out their videos, sign up to chat, and join their community.Twitch
Google is out of their mind. There are so many other options for a "more secure" browser. Especially one that doesn't have Google tied to it.
https://infosec.exchange/@happygeek/112337847581863603
happygeek :unverified: + :verified: = $0 (@happygeek@infosec.exchange)
By me @Forbes: Would you pay $6 a month for a more secure version of Chrome? Google is banking on it. #infosec #Google #Chrome #Enterprise https://www.forbes.Infosec Exchange
NEW: female army officers that reported sexual harassment... were hacked with #Pegasus.
Official confirmations from #Poland's AG keep shedding light on more apparent spyware abuses by past gov.
Link [in PL]: https://wiadomosci.onet.pl/kraj/zglosily-molestowanie-w-zandarmerii-wojskowej-byly-inwigilowane-pegasusem/dylyrsv
#Poland #spyware #cybersecurity #infosec #hacking #malware #polska #polish #surveillance #intelligence
Bohaterki reportaży Onetu, ofiary molestowania w Żandarmerii Wojskowej, były inwigilowane Pegasusem
Kapral Karolina Marchlewska i podporucznik Joanna Jałocha, które kilka lat temu zgłosiły molestowanie seksualne przez przełożonych w Żandarmerii Wojskowej, były inwigilowane za pomocą systemu Pegasus.IAB
🚨 I2P Is Under DDoS Attack By Zombie Routers
#I2P #networking #infosec #cybersecurity #HumanRights #Journalism #activism #surveillance #Privacy #Sybil #ddos #dos #video #proxy #encryption #crypto #e2ee
Watch In I2P
http://invidious.qwik.i2p/watch?v=XfVdxbtTZ5A
https://tube.tchncs.de/w/fMpkjUnNcaKqPchXUPkgV9
🚨 I2P Under Attack By Zombies! 😮
I2P Network Is Currently Under Heavy DDoS Attack (Distributed Denial Of Service) By Spoofed Routers, Spawning By The Thousands - Some Locations Spinning Up 100+ Routers In A Single Hour. Networks L...tchncs
"Citizen, leave a copy of your home keys at the police station."
Hmm, people won't like that.
How about, "home-builders have a social responsibility ...[and must give police copies of all house keys]"
Much better.
#Europol taking another stab at the encryption fight.
#Encryption #privacy #infosec #cybersecurity #europe #surveillance
#followfriday is back (after I missed it last week). Once again, here's some cool #infosec / #cybersecurity accounts I've discovered and followed recently...
- @Omkhar
- @zh4ck
- @pietrushnic
- @freddy
- @zerotypic
- @jeFF0Falltrades
- @13reak
- @WPalant
Plus a few cool accounts I've discovered from fun instances around the #fediverse...
- @Shrigglepuss
- @tonicfunk
- @stephan
I've also updated my site's #blogroll with Fediverse handles for each site entry's author - https://shellsharks.com/blogroll
Login • Instagram
Welcome back to Instagram. Sign in to check out what your friends, family & interests have been capturing & sharing around the world.www.instagram.com
Just finished setting up my router, DHCP server is not the best but it works!
#meme #shitpost #tech #networking #infosec
Friend: What do you play games on?
Me: I play games on a switch!
#meme #shitpost #networking #tech #infosec
#cybersecurity #infosec #incident #databreach
https://beyondmachines.net/event_details/cisco-duo-security-reports-third-party-data-breach-exposing-sms-mfa-logs-g-6-x-f-x/gD2P6Ple2L
Cisco Duo security reports third-party data breach exposing SMS MFA logs
Cisco has reported a security breach at a third-party service provider for its Duo multifactor authentication service, resulting from compromised employee credentials due to a phishing attack.BeyondMachines
ALL CLEAR for Fedora Rawhide and Fedora 40 Beta builds regarding the xz exploit. 👍
Things had stabilized soon after the initial security advisory, but we're now confirming that you can use Rawhide and Fedora 40 Beta safely as long as you have the latest updates or reinstall (which is not a bad idea to be safe).
Fedora 38 and 39 were never affected.
Learn more: https://fedoramagazine.org/cve-2024-3094-all-clear/
#Fedora #Security #Privacy #InfoSec #Linux #OpenSource
CVE-2024-3094: All Clear - Fedora Magazine
The XZ backdoor was foiled by Andres Freund.Matthew Miller (Fedora Project)
So, Microsoft is silently installing Copilot onto Windows Server 2022 systems and this is a disaster.
How can you push a tool that siphons data to a third party onto a security-critical system?
What privileges does it have upon install? Who thought this is a good idea? And most importantly, who needs this?
#infosec #security #openai #microsoft #windowsserver #copilot
📡 HACKRF PORTAPACK H2: What's New Latest Mayhem Firmware v2.0.1
#radio #sdr #Signals #firmware #mayhem #portapack #HackRF #infosec #cybersecurity #privacy #hardware
https://tube.tchncs.de/w/xvj2ZwbFepkHVginNs4H7n
What's New #HackRF Mayhem #Portapack Firmware v2.0.1 / Upgrading
how to upgrade portapack mayhem firmware and showing first look at NEW APPS: Foxhunt / Wardriver Geotag log BLOG / SUPPORT: https://bmc.link/politictech http://righttoprovacy.i2p #hackrf #portapack...tchncs
Well, at least the uni didn't try to minimize it:
"On or around November 28, 2023, Butler University’s third-party vendor, Athletic Trainer System ("ATS"), notified Butler University that an unknown actor gained access to ATS's computer systems in August 2020."
As part of steps taken in response, Butler writes: "Butler University is also reviewing the business necessity of sharing any sensitive data with third party vendors."
(SSN had been involved)
Butler University's notification letter sent to 1,871 people can be found linked from https://apps.web.maine.gov/online/aeviewer/ME/40/aebbc4f8-fbd7-4a2d-991b-f1ec97032e39.shtml
#EduSec #Vendor #infosec #hack #databreach
Let's use @protonprivacy and @Tutanota products.
Encryption is the single best hope against surveillance.
https://www.wired.com/story/house-section-702-vote/
#security #cybersecurity #infosec #nationalsecurity #nsa #fbi #section702 #privacy #government #surveillance #e2ee #tech #proton #protonmail #tuta #tutanota #bigtech #degoogle
House Votes to Extend—and Expand—a Major US Spy Program
The US House of Representatives voted on Friday to extend the Section 702 spy program. It passed without an amendment that would have required the FBI to obtain a warrant to access Americans’ information.Dell Cameron (WIRED)
Judge: Clark County schools may have immunity in lawsuit over 2023 cybersecurity breach:
Does Nevada state law provide them with a "Get Out of Jail Free" pass? It sounds like it may.
@douglevin @funnymonkey @brett @mkeierleber
#databreach #EduSec #cybersecurity #edtech #accountability #infosec
Judge: Clark County schools may have immunity in lawsuit over 2023 cybersecurity breach
A Clark County judge said she’s leaning toward granting the Clark County School District’s motion to dismiss a class action lawsuit related to a 2023 cyberattack.Rocio Hernandez (The Nevada Independent)
#Roblox #infosec #breached
https://www.google.com/search?hl=en&q=site%3A*.gov%20%22robux%22
It seems like it’s amateur hour at #Microsoft.
Microsoft left internal passwords exposed in latest security blunder
Microsoft reportedly locked down an Azure-hosted server last month that exposed passwords, keys, and credentials of Microsoft employees to the open internet.Jess Weatherbed (The Verge)
Leader Of Israel's Unit 8200 (equivalent to NSA) OPSEC Mistake Exposed Long Held Identity
#News #Privacy #OPSEC #Unit8200 #Israel #SIGINT #NSA #OSINT #intelligence #infosec #Cybersecurity
Top Israeli spy chief exposes his true identity in online security lapse
Exclusive: Yossi Sariel unmasked as head of Unit 8200 and architect of AI strategy after book written under pen name reveals his Google accountHarry Davies (The Guardian)
@endingwithali The Fediverse is certainly the place for #infosec and other #internet related topics!
If you like a list of some popular accounts, this will help a loot!
https://fedidb.org/popular-fediverse-accounts
Made by our very own @dansup 
FediDB, Fediverse Network Statistics
FediDB is a cutting-edge service providing detailed statistics and insights into the Fediverse network.fedidb.org
#cybersecurity #infosec #incident #ransomware
https://beyondmachines.net/event_details/panera-bread-hit-by-ransomware-attack-systems-down-for-a-week-k-b-u-u-j/gD2P6Ple2L
Panera Bread hit by ransomware attack, systems down for a week
Panera Bread experienced a week-long IT outage due to a ransomware attack that encrypted numerous virtual machines, disrupting operations including internal IT systems, phone lines, POS systems, website, and mobile apps.BeyondMachines
This, in fact, has substantial benefits for #Putler's Regime: his future "cannon fodder" has a hard time running away before being drafted. Also, limiting face-to-face encounters (someone from the #InfoSec community once told can be the only safe way of communication) makes surveillance and "narrative control" in the media much easier.
📰 XZ Utils Backdoor Attribution Analysis
#News #Linux #XZutils #backdoor #ssh #infosec #cybersecurity #privacy #video #peertube #APT
https://tube.tchncs.de/w/ca2iuxmdqfBE98PwZYY6wh
📰 Linux XZ Utils Backdoor Attribution Analysis
🚨 ALERT: * Linux Backdoored XZ Utils (xz-utils)* How This Was Pulled Off, And Who May Have Done It? This Was A Backdoor In Layers - Many Changes Of Lesser Alarm, Together, Critical Remote Access, ...tchncs
🧬Types of DNS Records
🔹A
🔹AAAA
🔹CNAME
🔹MX
🔹PTR
🔹NS
🔹SOA
🔹TXT
🔖#infosec #cybersecurity #hacking #pentesting #security
#infosec #cybersecurity #email
![Screenshot from email bounce:
Reporting-MTA: dns; googlemail.com
Received-From-MTA: dns; [elided]
Arrival-Date: Fri, 29 Mar 2024 00:36:36 -0700 (PDT)
X-Original-Message-ID: <bitwarden.com-1711697794@kamens.us>
Final-Recipient: rfc822; dmarc-reports@bitwarden.com
Action: failed
Status: 5.1.3
Diagnostic-Code: smtp; The email account that you tried to reach does not exist. Please try double-checking the recipient's email address for typos or unnecessary spaces. For more information, go to https://support.google.com/mail/?p=NoSuchUser
Last-Attempt-Date: Fri, 29 Mar 2024 00:36:37 -0700 (PDT)](https://friendica.hellquist.eu/photo/preview/640/2435709 "Screenshot from email bounce:
Reporting-MTA: dns; googlemail.com
Received-From-MTA: dns; [elided]
Arrival-Date: Fri, 29 Mar 2024 00:36:36 -0700 (PDT)
X-Original-Message-ID: <bitwarden.com-1711697794@kamens.us>
Final-Recipient: rfc822; dmarc-reports@bitwarden.com
Action: failed
Status: 5.1.3
Diagnostic-Code: smtp; The email account that you tried to reach does not exist. Please try double-checking the recipient's email address for typos or unnecessary spaces. For more information, go to https://support.google.com/mail/?p=NoSuchUser
Last-Attempt-Date: Fri, 29 Mar 2024 00:36:37 -0700 (PDT)")
The Mystery of ‘Jia Tan,’ the XZ Backdoor Mastermind
https://www.wired.com/story/jia-tan-xz-backdoor/
The Mystery of ‘Jia Tan,’ the XZ Backdoor Mastermind
The thwarted XZ Utils supply chain attack was years in the making. Now, clues suggest nation-state hackers were behind the persona that inserted the malicious code.Andy Greenberg (WIRED)
