Search
Items tagged with: security
Russian programmer says #FSB agents planted #spyware on his #Android phone
Source: techcrunch.com/2024/12/05/russ…
According to the report, the fake app was able to access location information, read and send text messages, install other applications, read the calendar, take screenshots and record from the video camera, see a list of other applications, answer phone calls, and view user account details — all permissions that the real Cube Call Recorder does not have.
#spy #surveillance #russia #policestate #news #technology #smartphone #Trojan #Software #cybersecurity #security #privacy #Monokle #spyware #Moskow #app
Russian programmer says FSB agents planted spyware on his Android phone | TechCrunch
Security researchers confirmed the programmer's phone had spyware, likely during a spell in Russian detention. The programmer told his story to TechCrunch.Lorenzo Franceschi-Bicchierai (TechCrunch)
#Security
Das sehe ich genauso.
Im UK sind bereits massenhaft Daten des #NHS ausgerechnet an den #Palantir-Eigner und #Musk-Mentor #PeterThiel gegangen.
Angesichts zunehmender Pandemie-Gefahren, Antibioka- und Fungizid-Resistenzen sowie Alterskrankheiten ist eine bessere medizinische Datenlage wichtiger denn je.
Aus meiner Sicht müssten jedoch die Daten von Anfang an anonymisiert werden.
Quantencomputer werden z.B. immer verlässlicher. Alles lässt sich wohl in Zukunft rückrechnen.
#URL File #NTLM Hash Disclosure #Vulnerability (0day) - and Free #Micropatches for it
Source: blog.0patch.com/2024/12/url-fi…
#bug #Patch #Microsoft #Windows #Software #os #cybersecurity #0day #security #news
URL File NTLM Hash Disclosure Vulnerability (0day) - and Free Micropatches for it
Our researchers discovered a vulnerability on all Windows Workstation and Server versions from Windows 7 and Server 2008 R2 to the latest...blog.0patch.com
#fbi #cisa #calea programs admitted to be some of the vectors for #salttyphoon compromise of US telecommunications infrastructure.
FBI is advising people to use encrypted messengers for text and voice communications!!
Same FBI (+other three letter agencies) which forever advocated for backdoors, now admit this compromise is in part their doing!!!
#signal and others for the win! #security
virtru.com/blog/file-encryptio…
FBI Urges Americans to Adopt Encryption Amid Ongoing “Salt Typhoon” Cyber Attack
The FBI and CISA advise end-to-end encryption to protect data continually targeted by China's Salt Typhoon cyber attack.Megan Leader (Virtru)
Perhaps companies and CEOs should take this time to reflect on why they should be afraid, what is causing the public to look so disapprovingly at them and, most of all, how they can change themselves.
apnews.com/article/unitedhealt…
Killing of UnitedHealthcare CEO spotlights complex challenge companies face in protecting top brass
In an era when online anger and social tensions are increasingly directed at the businesses consumers count on, Meta last year spent $24.4 million to surround CEO Mark Zuckerberg with security.ADAM GELLER (AP News)
Reuters: Healthcare industry rethinks risk after murder of UnitedHealth exec
"CVS Health removed photos of executive leadership from its site
Security experts say healthcare companies will consider increasing physical security"
reuters.com/business/healthcar… #insurance #healthcare #security
Do not buy any content digitally that you wouldn’t be ok with losing in an instant.
Recently, my Epic Games account was hacked. The account info, including email address and country was changed. Attempts to recover the account with Epic Games support have failed.
Moral of the story: pirate games often. If you have to use an online account, make sure 2FA is enabled. If it can happen to me, it can happen to you.
‼️ Die EU will #Messenger-Dienste wie #Signal oder #Telegram per Sanktionen zur Zusammenarbeit mit #Strafverfolgungsbehörden zwingen.
derstandard.at/story/300000024…
Ein neuer Bericht der "Going Dark"-Gruppe fordert strikte Maßnahmen, darunter App-Sperren oder #Haftstrafen für unkooperative Anbieter.
#Datenschützer warnen vor einem massiven Eingriff in #Grundrechte, während #Verschlüsselung als größte Herausforderung bleibt. 🔒⚖️
#Datenschutz #EU #Privatsphäre #Privacy #Security
EU-Strafverfolger wollen Signal und Co zur Überwachung zwingen
In ihrem Abschlussbericht fordert die umstrittene Expertengruppe drastische Sanktionen für Anbieter, die sich nicht kooperativ zeigenDER STANDARD
This new proposed rule by the CFPB would treat #data brokers as de facto credit bureaus, holding them to the same standards of care, transparency, and liability.
Fantastic, long-needed #policy to protect Americans' #privacy and #security
Unfortunately, it'll never happen under Trump.
consumerfinance.gov/about-us/n…
CFPB Proposes Rule to Stop Data Brokers from Selling Sensitive Personal Data to Scammers, Stalkers, and Spies | Consumer Financial Protection Bureau
The CFPB today proposed a rule to rein in data brokers that sell Americans' sensitive personal and financial information.Consumer Financial Protection Bureau
Gmail and Outlook are popular but not necessarily the best - especially when it comes to #privacy and #security.
In this in-depth guide we review #Gmail vs #Outlook and fill you in on the best email provider that's ad-free, private, and secure. 😉
👉 Read more: tuta.com/blog/outlook-vs-gmail
Outlook vs Gmail: Which is best in 2024? | Tuta
When looking to create a free email address with Outlook or Gmail, we've got a few tips to help you choose the best provider for top privacy and security.Tuta
巴西的 CA 發出 google.com 的 TLS 憑證
在「A Brazilian CA trusted only by Microsoft has issued a certificate for google.com (agwa.name)」這邊看到的,原文在作者的 Fediverse 上:「Andrew Ayer in the Fediverse」。
這次出事的 C
blog.gslin.org/archives/2024/1…
#Computer #Murmuring #Network #Privacy #Security #authority #brasil #ca #certificate #google #icp #microsoft #network #root #security
巴西的 CA 發出 google.com 的 TLS 憑證
在「A Brazilian CA trusted only by Microsoft has issued a certificate for google.com (agwa.name)」這邊看到的,原文在作者的 Fediverse 上:「Andrew Ayer in the Fediverse」。 這次出事的 CA 是巴西政府自己的 ICP-Brasil,這組 CA 被 Microsoft 信任但沒有被 Google 與 Mozilla 信任。 但即使如此,因為 Microsoft 信任 I…Gea-Suan Lin (Gea-Suan Lin's BLOG)
At Tuta, we believe that best security must be free for everyone.
We are happy to announce that in December all existing Tuta accounts will be upgraded to quantum-safe encryption! 🥳🎉
With TutaCrypt your data is safe - now and in the future. ⚛️ 🔒
Learn more about this quantum leap in #security: tuta.com/blog/post-quantum-cry…
Tuta Launches Post Quantum Cryptography For Email | Tuta
Tuta Mail enables TutaCrypt, a protocol to exchange messages using quantum-safe encryption.Tuta
#Bootkitty: Analyzing the first #UEFI #bootkit for #Linux
Source: welivesecurity.com/en/eset-res…
#Software #cybersecurity #security #news #boot
Bootkitty: Analyzing the first UEFI bootkit for Linux
ESET's discovery of the first UEFI bootkit designed for Linux sendss an important message: UEFI bootkits are no longer confined to Windows systems alone.www.welivesecurity.com
Israel-Hezbollah #ceasefire takes effect
Source: nbcnews.com/news/world/israel-…
Israeli troops in #Lebanon will hold their positions and a 60-day period will start in which the Lebanese #military and #security forces will begin their deployment toward the south, the official said, adding that the process will not happen overnight or in several days.
#Israel #Hezbollah #war #terror #politics #diplomacy #news #Palestine
Israel-Hezbollah ceasefire takes effect
President Joe Biden announced Tuesday that Israel and Hezbollah had agreed to a United States-brokered ceasefire in Lebanon that took effect hours later.Mirna Alsharif (NBC News)
Copilot let you read the emails of your boss 😱
Source: businessinsider.com/microsoft-…
Now the software giant is trying to fix the #problem. On Tuesday, #Microsoft released new tools and a guide to help customers mitigate a #Copilot #security issue that inadvertently let employees access sensitive information such as CEO emails and HR documents.
#fail #Software #ai #technology #Windows #news #omg #wtf #privacy #bug
Microsoft is trying to fix Copilot's oversharing problem
Microsoft released tools to address security issues with Copilot, which indexes internal data and sometimes shares sensitive customer information.Ashley Stewart (Business Insider)
I decided to test the GrapheneOS web installer to see just how safe it is.
Russia Is Freaked: NATO in Europe Is Spending $380,000,000,000 on Defense - EUROPE SAYS
What You Need to Know: NATO allies are significantly ramping up their support for Ukraine. Denmark and theEUROPE SAYS (EUROPESAYS.COM)
Within this assessment, the red team (also referred to as ‘the team’) gained initial access through a web shell left from a third party’s previous security #assessment.
Source: cisa.gov/news-events/cybersecu…
Today's #security measures therefore tend to reduce security rather than increase it. 🤔😖
#news #Software #vulnerability #bug #fail #cybersecurity #Problem #omg #wtf #web #webshell #internet
Remember Microsoft's Recall? The first implementation was never released and was met with strong criticism from privacy advocates and the infosec/security community. Guess what? Microsoft has doubled down, and its controversial Recall scraper is finally entering the public preview stage. If you care about privacy, please think twice before using this on your AI-enabled PCs (Snapdragon-powered Copilot+ PCs) blogs.windows.com/windows-insi…
#privacy #infosec #security #windows11 #DoNotWant
Previewing Recall with Click to Do on Copilot+ PCs with Windows Insiders in the Dev Channel
Hello Windows Insiders, today we are releasing Windows 11 Insider Preview Build 26120.2415 (KB5046723) to the Dev Channel. With this update, we welcome Windows Insiders with Snapdragon-poweredWindows Insider Blog
#Android will soon instantly log you in to your apps on new devices
#security
arstechnica.com/gadgets/2024/1…
Android will soon instantly log you in to your apps on new devices
New phone day for Android users should get a whole bunch easier.Kevin Purdy (Ars Technica)
And Signal app is FREE 😁
#security #encrypted #message
lifehacker.com/tech/signal-is-…
Signal Is Now a Great Encrypted Alternative to Zoom and Google Meet
You can make free and encrypted group video calls with up to 50 participants.Pranay Parab (Lifehacker)
Have you heard about the latest losers? theregister.com/2024/11/20/dli…
#dlink #cybersecurity #Router #vpn #internet #Software #Firmware #fail #bug #economy #Problem #security #news
D-Link tells users to trash old VPN routers over bug too dangerous to identify
Vendor offers 20% discount on new model, but not patchesConnor Jones (The Register)
Let's Encrypt is 10 years old today!
Let's Encrypt is a free, automated, and open certificate authority brought to you by the nonprofit Internet Security Research Group (ISRG). Huge thanks to everyone involved in making HTTPS available to everyone for free
#tech #technology #security #privacy #encryption #https #letsencrypt #ISRG
Let's Encrypt
Let's Encrypt is a free, automated, and open certificate authority brought to you by the nonprofit Internet Security Research Group (ISRG). Read all about our nonprofit work this year in our 2023 Annual Report.letsencrypt.org
A great guide for anyone interested in improving their #privacy posture.
(TL;DR in the comments.)
"Whatever platforms you're on, whatever devices you have, you need to have a sense of what kind of data you're generating and then use the controls available to limit who can see what you're doing."
GitHub - FiloSottile/age: A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.
A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability. - FiloSottile/ageGitHub
China's cyber spies intercept phone data and calls from US network operators
Chinese cyber spies infiltrated US network operators. Conversations and data from government and politicians were intercepted, as were police wiretaps.
heise.de/en/news/China-s-cyber…
#ATT #Cybersecurity #Cyberspionage #DonaldTrump #FBI #Provider #Security #Spionage #Verizon #news
Pregnancy Tracking #App ‘What to Expect’ Refuses to Fix Issue that Allows Full Account Takeover
What to Expect is a popular pregnancy tracking app available for #ios and #android.
An exposed API endpoint handling password reset requests for the app does not require authentication or enforce rate limits and is vulnerable to brute force attacks.
#privacy #security #cybersecurity
404media.co/pregnancy-tracking…
Pregnancy Tracking App ‘What to Expect’ Refuses to Fix Issue that Allows Full Account Takeover
Vulnerabilities in the popular What to Expect app include one that allows a full account take over, and another that exposes that email address of forum admins.Joseph Cox (404 Media)
If you’re looking for an EU-based alternative to AzireVPN since they’ve now sold to a US company (why, hello, Trump presidency, how goes?), see Mullvad VPN (@mullvadnet).
#privacy #security #VPN #AzireVPN #MullvadVPN
Mullvad VPN - Free the internet
Free the internet from mass surveillance and censorship. Fight for privacy with Mullvad VPN and Mullvad Browser.Mullvad
#Amazon confirms #employee data stolen after #hacker claims #MOVEit #breach
source: techcrunch.com/2024/11/11/amaz…
“Amazon and AWS systems remain secure, and we have not experienced a #security event. We were notified about a security event at one of our property management vendors that impacted several of its customers including Amazon. The only Amazon information involved was employee work contact information, for example work email addresses, desk phone numbers, and building locations,” Montgomery said.
If not even a company like Amazon can store its data securely, is there any security at all? Amazon doesn't lack money or experts, but it does seem to lack secure software.
#fail #cybersecurity #problem #software #internet #news #economy #hack #cloud
Amazon confirms employee data stolen after hacker claims MOVEit breach | TechCrunch
Amazon has confirmed that employee data was compromised after a “security event” at a third-party vendor. In a statement given to TechCrunch on Monday,Carly Page (TechCrunch)