Notices tagged with security

https://www.europesays.com/1627490/ North Korea Fighting in Ukraine Could Start World War III #Conflicts #défense #military #nato #NorthKorea #Putin #security #WarInUkraine

TIL: Some surprising code execution sources in bash

https://yossarian.net/til/post/some-surprising-code-execution-sources-in-bash

#til #shell #security

Malware-Kampagne lockt Opfer mit kostenlosem KI-Videoeditor

Auf sozialen Medien haben Kriminelle eine Kampagne für einen kostenlosen KI-Videoeditor gestartet. Stattdessen gab es jedoch Infostealer.

https://www.heise.de/news/Malware-Kampagne-lockt-Opfer-mit-kostenlosem-KI-Videoeditor-10082265.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#KünstlicheIntelligenz #Malware #Security #SocialMedia #news

Signal Is Now a Great Encrypted Alternative to Zoom and Google Meet
And Signal app is FREE 😁
#security #encrypted #message
https://lifehacker.com/tech/signal-is-now-a-great-encrypted-alternative-to-zoom-google-meet

Running the final Privacy Fundamentals class for the year, tomorrow.

Who is this for?
This class is designed for you, the non-techie, also for activists, advocates, privacy enthusiasts, OSINT beginners concerned about their digital footprint. A good refresh for seasoned professionals too.

What's included:
- Understanding & evaluating digital risk
- Account security
- Device security & safety
- Safer online searches
- Secure Communications
- Online abuse & protecting your data
Class will be recorded.

https://lockdownyourlife.as.me/privacy-class

#tech #infosec #privacy #safety #security #community #osint #communication

Update mo of yo shit!

Apple releases iOS 18.1.1 with ‘important security fixes’ for iPhone - 9to5Mac

https://9to5mac.com/2024/11/19/apple-releases-ios-18-1-1-with-important-security-fixes/

#Apple #iOS #Security #iPhone #Tech #Update

German court says victims of massive Facebook data breach can be compensated #cybersecurity #hacking #news #infosec #security #technology #privacy https://therecord.media/german-court-says-victims-facebook-breach-compensation

¡Let's Encrypt cumple hoy 10 años!
Let's Encrypt es una autoridad de certificación gratuita, automatizada y abierta que ofrece el grupo sin fines de lucro Internet Security Research Group (ISRG). Muchas gracias a todos los que participaron en hacer que HTTPS esté disponible para todos de forma gratuita.

letsencrypt.org/

#tech #technology #security #privacy #encryption #https #letsencrypt #ISRG

📣 EMERGENCY UPDATES 📣

Apple pushed updates for 2 new zero-days that may have been actively exploited.

🐛 CVE-2024-44308 (JavaScriptCore),
🐛 CVE-2024-44309 (WebKit):
- iOS and iPadOS 17.7.2
- iOS and iPadOS 18.1.1
- macOS Sequoia 15.1.1

#apple #cybersecurity #infosec #security #ios

Let's Encrypt is 10 years old today!
Let's Encrypt is a free, automated, and open certificate authority brought to you by the nonprofit Internet Security Research Group (ISRG). Huge thanks to everyone involved in making HTTPS available to everyone for free

https://letsencrypt.org/

#tech #technology #security #privacy #encryption #https #letsencrypt #ISRG

Oha, das ist provokativ: Dieser Blogartikel sagt:

- Nutzt kein #PGP / #GPG
- Nutzt kein #XMPP + OMEMO
- Nutzt kein #Matrix (im Sinne: verlasst euch nicht auf die Verschlüsselung)
- E-Mails verschlüsseln ist sinnlos

Ich kenne den Autor nicht und würde ihn nicht erwähnen, würde der Artikel nicht in ernstzunehmenden ITSec-Newslettern zitiert

https://soatok.blog/2024/11/15/what-to-use-instead-of-pgp/

Meinungen? #itsec #security

🔐 Is #security just a hype in the IT world? We don't think so, and Enric Tobella from Dixmit company neither.

📣 He shares with us today a basic guide about Odoo Security, shortlisting the 8 first things to consider when working with the #Odoo platform.

Learn more about this here 👇
https://buff.ly/3CAyRzN

What about you? Do you follow those steps? Do you spot something missing here? Share in the comments!

#odoocommunity #oca #opensource

Gaza ministry says 20 killed in anti-'gang' operation after looting of aid convoy

#Operation #Security #CriminalGangs #Hamas #Gaza

https://www.theguardian.com/world/2024/nov/18/armed-looters-hijack-almost-100-trucks-carrying-aid-supplies-into-gaza

Hmmm... the C-Lion1 fibre optic cable that connects Helsinki in Finland & Rostock in Germany has been cut.... with suspicions falling (immediately) on Russia... The night before a similar link between Sweden & Lithuania was also cut.

So on one hand this looks like a programme of communicative disruption... but one might wonder whether its a sign of the start of something else (my old IR training leads me to pose the Q. at least).

#internet #communications #security

h/t FT

→ Proton Mail Discloses User Data Leading to Arrest in #Spain
https://restoreprivacy.com/protonmail-discloses-user-data-leading-to-arrest-in-spain/

The problem isn't so much that #Proton is evil, it's mostly that it's widely #misunderstood and seen as a #magic solution. So let's repeat: Proton is a fairly basic #mail service that won't #protect your political, journalistic, or whistleblowing activities per se. You cannot avoid understanding the whole #security chain and setting up tailored security practices. A good start is → https://ssd.eff.org/

Sometime ago somebody shared a screenshot of a service with a cookie message along the lines of:
"We take your privacy seriously" while there also was a list of 600+ vendors with whom data would be shared. Does anyone have this screenshot & the source? I think this was by Microsoft MS365?

#Privacy #Cookies #Tech #TechPolicy #OpenSource #Data #GDPR #bigtech #Security #CyberSecurity

Fake AI video generators infect Windows, macOS with infostealers - Fake AI image and video generators infect Windows and macOS with the Lumma Stealer and AM... https://www.bleepingcomputer.com/news/security/fake-ai-video-generators-infect-windows-macos-with-infostealers/ #security

Pregnancy Tracking #App ‘What to Expect’ Refuses to Fix Issue that Allows Full Account Takeover

What to Expect is a popular pregnancy tracking app available for #ios and #android.

An exposed API endpoint handling password reset requests for the app does not require authentication or enforce rate limits and is vulnerable to brute force attacks.

#privacy #security #cybersecurity

https://www.404media.co/pregnancy-tracking-app-what-to-expect-refuses-to-fix-issue-that-allows-full-account-takeover-2/

i'm really excited to share the work my team at @trailofbits has been doing for the last year: Sigstore-based attestations are now live and generally available on PyPI!

if you're already using Trusted Publishing with the canonical pypi-publish action, you don't need to change anything: the action will generate and upload an attestation on your behalf.

we've written a blog post on some of the technical details behind PyPI's attestation features, including Sigstore and PEP 740, here: https://blog.trailofbits.com/2024/11/14/attestations-a-new-generation-of-signatures-on-pypi/

#python #pypi #security #sigstore

Datenleck bei Online-Auskunftei: Hackerin kann beliebige Bonitätsdaten einsehen

Die Aktivistin Lilith Wittmann fand einen neuen Weg, beliebige Bonitätsdaten mit wenig Aufwand abzurufen. Der Anbieter reagierte mit Abschaltung.

https://www.heise.de/news/Datenleck-bei-Online-Auskunftei-Hackerin-kann-beliebige-Bonitaetsdaten-einsehen-10034774.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#Datenleck #Hacking #Security #news