Notices tagged with security

Don't Compromise on Security: Get a Top Password Manager for Just $1.27/Month

#Discount #MonthlySubscription #Security #TechNews #PasswordStorage

https://gizmodo.com/dont-compromise-on-security-get-the-best-password-manager-for-1-27-month-2000554484

Just days before the crash, #Trump enacted a sweeping shake-up of #FederalAgencies responsible for #aviation #oversight, removing the #TSA admin, David Pekoske, & eliminating ALL members of a key aviation #security advisory group. The #FAA, which regulates airlines & aircraft manufacturers & manages US #airspace, was also w/o leadership at the time of the crash, its top ofcl, Michael Whitaker, stepped down ahead of the new admin’s transition after clashing w/ #ElonMusk.

https://time.com/7211690/washington-dc-plane-crash-trump-aviation/

Q. will Greenland be the litmus test for how Europe responds to Trump?

Nathalie Tocci, thinks it reveals that:

'Europeans are scared. They fear Trump & their fear is paralysing. It freezes their actions & quiets their rhetoric. The more Trump confirms their fears through his repeated threats, the less they are inclined to react. Trump presumably smells the fear & like all bullies revels in it, upping the ante'!

Time to toughen up?

#politics #security #Greenland

https://www.theguardian.com/commentisfree/2025/jan/30/greenland-europe-donald-trump-us-threats

We are 65% of the way to our goal!! Can you help? I need to wrap this up so we can cover their rent. The family has temporary housing & looking for something more permanent. Thanks so much for all the support.

OG request: I have an immediate mutual aid request to fulfill for $1,700 for a medical bill and housing for a DV family.

Support here: https://ko-fi.com/lockdownyourlife

#tech #infosec #community #MutualAid #MutualAidRequest #safety #privacy #security #housing

Human Rights Watch is hiring a Director of Information Security

https://job-boards.greenhouse.io/humanrightswatch/jobs/7833377002

#GetFediHired #Jobs #Security #InfoSec

When a large multi-billion dollar corporation says something is free, it is because you're the thing they're selling -- You're the product.

#Capitalism #Privacy #Security

" I am pretty sure, WhatsApp does not spy on people" Oh, really? 🤣

Uninstall every Meta app, except for WhatsApp (keep it) and put your phone down on the table. Talk to someone face to face about, "Nintendo" for an hour, and then open WhatsApp, and watch all the ads for "Nintendo" generate.

We spy on you even when you're not using our apps. What do you think we do with your text?! 🤷♂️

#WhatsApp #Meta #Signal #Privacy #Security #Facebook

I was feeling inspired to write this morning after looking through a lot of this type of article and noticing they all omitted kind of important information. This includes all of the basics, and the stuff I thought was under-discussed, for example: AirDrop's privacy problems, and the importance of security patches in this specific scenario.

I hope someone finds this useful, and if I'm still missing anything or could explain something better, please let me know!

https://www.privacyguides.org/articles/2025/01/23/activists-guide-securing-your-smartphone/

#privacy #security #activism #protest

Well, this is certainly concerning. A flaw in Cloudflare's content delivery network allows an attacker to geolocate a target simply by sending them an image over Signal or Discord. This is a zero-click vulnerability.

Accuracy depends on a user's location and the number of Cloudflare data centers nearby with urban areas providing potentially greater accuracy.

https://www.bleepingcomputer.com/news/security/cloudflare-cdn-flaw-leaks-user-location-data-even-through-secure-chat-apps/

#signal #discord #cloudflare #security #privacy #tech #news #technews

The #EU wants to scan every message sent in Europe. Lawmakers argue that mass #surveillance will help to protect children. But the implications for our #privacy and #security are staggering.

https://www.theguardian.com/commentisfree/2025/jan/24/eu-digital-surveillance-child-protection

Isometric pixel art from a series of pixel illustrations I made for a Dutch infosec company.

The illustrations were printed as stickers. I'll also post the other works in this thread.

#PixelArt #isometric #security #InfoSec #safety #tech #technology #coding #CharacterDesign #design #artwork #illustration #illustrator #digital #DigitalArt #style #art #arts #arte #artist #artists #GraphicDesign #2D #3D #CreativeToots #FediArt #MastoArt #ArtistsOnMastodon

Isometric pixel art from a series of pixel illustrations I made for a Dutch infosec company.

The illustrations were printed as stickers. See other posts in this thread for more.

#PixelArt #isometric #security #InfoSec #safety #tech #technology #coding #CharacterDesign #design #artwork #illustration #illustrator #digital #DigitalArt #style #art #arts #arte #artist #artists #GraphicDesign #2D #3D #CreativeToots #FediArt #MastoArt #ArtistsOnMastodon

Signal is a secure messenger, but there are interesting alternatives, such as @matrix , @session , @delta , @simplex or XMPP …

➡️ https://matrix.org

➡️ https://getsession.org

➡️ https://delta.chat

➡️ https://simplex.chat

➡️ https://xmpp.org

If you’d like to learn more about these options, have a look at the responses to this toot.

#matrix #session #signal #XMPP #messenger #decentralized #tech #technology #OpenSource #FOSS #WhatsApp #security #InfoSec #data #safety

Check out our latest conversation with @tomlawrence on what's new at Quad9.

https://youtu.be/KDi0YvS2hFA?si=AHjXrG0vOjgYk7gw

Thanks, Tom for having us on.

#DNS #privacy #security

If you’re going to participate in a protest or other form of activism, you need to keep yourself protected.

Your smartphone can be an essential tool, but it also represents a huge risk to your privacy and security. If you decide to bring a phone along, understanding these best practices when it comes to securing it will help keep you and your data safe.

https://www.privacyguides.org/articles/2025/01/23/activists-guide-securing-your-smartphone/

#privacy #security #guide

Reminder that @1password currently has 6 positions open on the Security team, with more likely on the way. If you want to work with me (or, even better, be on my Privacy team), check out the listings here and see if one might be a good fit for you.

https://jobs.lever.co/1password?department=Technology&team=Security

#jobs #hiring #fedihire #security #privacy #passwords

ポリシーによってはドメイン部以外もリファラとして送信されるのね

『主要ブラウザのReferrer Policyについて調べてみた #Security - Qiita』 - https://qiita.com/n3_x/items/c2bafd5872af61147c89

OMG! I'm dying!
"token validation looking kinda thicc"
#Security #CodeReviewsMatter

Some fascinating research out on hacking a Subaru via STARLINK connected vehicle service.

"On November 20, 2024, Shubham Shah and I discovered a security vulnerability in Subaru’s STARLINK connected vehicle service that gave us unrestricted targeted access to all vehicles and customer accounts in the United States, Canada, and Japan.

Using the access provided by the vulnerability, an attacker who only knew the victim’s last name and ZIP code, email address, phone number, or license plate could have done the following:

Remotely start, stop, lock, unlock, and retrieve the current location of any vehicle.

Retrieve any vehicle’s complete location history from the past year, accurate to within 5 meters and updated each time the engine starts.

Query and retrieve the personally identifiable information (PII) of any customer, including emergency contacts, authorized users, physical address, billing information (e.g., last 4 digits of credit card, excluding full card number), and vehicle PIN.

Access miscellaneous user data including support call history, previous owners, odometer reading, sales history, and more.

After reporting the vulnerability, the affected system was patched within 24 hours and never exploited maliciously."

https://samcurry.net/hacking-subaru#introduction

#cars #security #subaru @starlink

So a 15 year old discovered a vuln that seems technically to be with how Content Delivery Networks cache content for apps like Signal and Discord.

https://gist.github.com/hackermondev/45a3cdfa52246f1d1201c1e8cdef6117

It creates a significant risk of De-anonymization.

There's no surefire mitigation available, apps are playing the "not my problem not my feature" game.

There are some settings - at least in Signal - that might be able to help mitigate some of the risk of exposure. Again, no silver bullet here, but given the technical details and how the attack is delivered, I think these settings might help.

Summary of Signal Messenger settings recommendations:

-Notifications should be turned off, or set to not display name or message content.
-Phone number should be set to nobody, and who can find you by the phone number should be set to nobody.
-This one doesn't really relate to the vuln but is good added security - requiring you use your full android device unlock to access Signal after switching apps, in case of theft of the device etc.
-Unchecked boxes for images, audio, video, and documents to be automatically downloaded over mobile data on Signal messenger.
-Unchecked boxes for content downloads when using Wi-Fi

#vulnerability #security #risk #opsec