Notices tagged with security, page 16

Burglars Using Wi-Fi Jammers to Disable Security Cameras https://cyberfeed.io/article/fb64141c34e749e05eff88027bac848d #cybersec #security #infosec #cybersecurity

Russische Angreifer klauen Quellcode von Microsoft

Seit Monaten greifen staatlich geförderte Cyberkriminelle die Systeme von Microsoft an. Das dauert auch jetzt noch an, dabei konnten Daten entwendet werden.

https://www.heise.de/news/Russische-Angreifer-klauen-Quellcode-von-Microsoft-9650468.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#Cybercrime #Microsoft #Hacking #Security #Spionage #news

To security experts: Do you use #VPN for services that are already end-to-end encrypted? Or, you add their apps in split-tunnelling mode?

Or, to rephrase it: is there any use in keeping end-to-end encrypted apps behind a VPN?

This is under the assumption that all things are equal (no ISP issues; no need to bypass any network set up; end-to-end encryption is enabled by default).

#e2ee #encryption #security #AskingExperts

😂 #linux #opensource #security

VMware sandbox escape bugs are so critical, patches are released for end-of-life products
https://arstechnica.com/security/2024/03/vmware-issues-patches-for-critical-sandbox-escape-vulnerabilities/ #security #vulnerabilities #VMwareESXi Workstation, #Fusion #CloudFoundation #end—of—life #patches

On a related note, I'm *sure* I read a paper / post where someone proved that you could manipulate a file to produce a hash where the first and last few characters matched the hash of an unrelated file.

Anyone know what I'm talking about?

#Cryptography #Security

If you got a tip & need anonymity you can message me here. (i don’t respond to corporate flacks on signal)

#privacy #security #natsec

FBI-Bericht: Verluste in Höhe von 12 Milliarden US-Dollar durch Cybercrime

Das FBI vermeldet in seinem Internetkriminalitätsbericht eine Rekordzahl von 880.418 Fällen mit geschätzten Verlusten von über 12,5 Milliarden US-Dollar.

https://www.heise.de/news/FBI-Bericht-Verluste-in-Hoehe-von-12-Milliarden-US-Dollar-durch-Cybercrime-9649305.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#FBI #Security #Kriminalität #news

🆕 blog! “A simple(ish) guide to verifying HTTP Message Signatures in PHP”

Mastodon makes heavy use of HTTP Message Signatures. They're a newish almost-standard which allows a server to verify that a request made to it came from the person who sent it. This is a quick example to show how to verify these signatures using P…

👀 Read more: https://shkspr.mobi/blog/2024/02/a-simpleish-guide-to-verifying-http-message-signatures-in-php/
⸻
#ActivityPub #cryptography #http #mastodon #security

Russia uses leaked databases to deanonymise Telegram users (translated article https://telegra.ph/Siloviki-i-chinovniki-ispolzuyut-slitye-bazy-chtoby-deanonit-polzovatelej-Telegram-Za-byudzhetnye-dengi-03-06)

"Few months ago I reported on a real case, when police used TG bot with personal info to deanon TG user. He was found, then fined for "discrediting the army" because of the comment under the post with a regional news. Eshniks (people from FSB department to combat extremism) attached a screenshot from a bot to the case materials."

🧵 1/n

#Privacy #Security #InfoSec #Telegram #Surveillance

@Snowshadow @TonyStark @thehill

#OnlineOutage #USpol #BigTech #Security

Hm, this is a strange coincidence...

Via #ABCnews:

"Red Sea data #cables cut as Houthis launch more attacks in the vital waterway
Three cables under the #RedSea that provide global #internet and #telecommunications have been cut as the waterway remains a target of #Yemen’s #Houthi rebels."

https://abcnews.go.com/International/wireStory/underwater-data-cables-red-sea-cut-amid-houthi-107772629

@Snowshadow @TonyStark

#OnlineOutage #USpol #BigTech #Security

I'm not convinced:

Via @thehill

#London-based internet monitoring firm #Netblocks said the issues appeared to be “related to login sessions in multiple countries.” But the firm, which advocates for internet freedom, said there was no sign of “country-level internet disruptions or filtering,” which are typically imposed by governments."

https://thehill.com/homenews/nexstar_media_wire/4509645-what-caused-the-facebook-instagram-outages/?utm_source=press.coop

@Snowshadow

#OnlineOutage #USpol #BigTech #Security

Cui bono?

Who might be profiting from this?

Is there anyone still online of the big ones?

How about #TruthSocial or #FauxNews?

Are there any new pieces of news out that might influence #SuperTuesday?
@TonyStark

I found today a new (for me) free & secure #crossplatform messaging app called #TeleGuard by #Swisscows (based on #Switzerland).

My initial reaction: it is #Signal + #Telegram combined.

https://teleguard.com

What do you think?

#e2ee #security #privacy #encryption #anonymity

#Signal’s New Usernames Help Keep the Cops Out of Your Data
https://theintercept.com/2024/03/04/signal-app-username-phone-number-privacy/ by @micahflee

"In short, if you’re worried about Signal handing over your phone number to law enforcement based on your username, you should only set a username when you want someone to contact you, and then delete it afterward. And each time, always set a different username."

#privacy #security

@anneroth

#Security #Privacy #Legal #Fedilaw
#DigitalIdentityWallet

(4/4)

wie eine handschriftliche Unterschrift haben.
Die Abgeordneten haben zudem eine quelloffene Wallet vorgeschrieben, was Transparenz und Sicherheit fördern soll."

//

@anneroth

#Security #Privacy #Legal #Fedilaw
#DigitalIdentityWallet

(3/n)

...Anlauf der #Schweizer E-ID stark kritisiert wurde und die Vorlage schliesslich zu Fall gebracht hat.

👉Nutzung ist Freiwillig👈
Die Nutzung der EU-Wallet werde auf freiwilliger Basis erfolgen, heisst es vom EU-Parlament. Personen, die sich gegen eine Nutzung entscheiden, sollen nicht diskriminiert werden. Das Gesetz sieht auch "qualifizierte elektronische Signaturen" vor, die den gleichen rechtlichen Stellenwert...

@anneroth

#Security #Privacy #Legal #Fedilaw
#DigitalIdentityWallet

(2/n)

...Verordnung muss nun noch formell vom #Ministerrat gebilligt werden, um Gesetz zu werden.
Gemäss der Verordnung wird es die neue #Digital Identity Wallet Bürgerinnen und Bürgern 👉ermöglichen👈, sich online zu identifizieren und zu authentifizieren, so eine Mitteilung. Dies soll möglich sein, 👉ohne auf kommerzielle Anbieter zurückgreifen zu müssen👈. Dies ist ein Punkt, der im ersten...

@anneroth

Worin genau siehst du die Problematik? Viele nutzen ja nicht einmal Pseudonyme online. 😉

"#POLITIK & #WIRTSCHAFT
#SECURITY

(1/n)

*EU-Parlament beschliesst Online-Ausweis*...

Das Parlament hat der #eIDAS-Verordnung endgültig grünes Licht gegeben. Damit ist der Weg für eine EU Digital Identity Wallet geebnet.
Das EU-Parlament hat die Verordnung zur europäischen Online-Identität mit 👉deutlicher Mehrheit angenommen👈. Die...

https://www.inside-it.ch/eu-parlament-beschliesst-online-ausweis-20240301

"WhatsApp finally forces Pegasus spyware maker to share its secret code"

So now #meta will be able use it to produce their own Pegasus style spyware... oh, sorry, software that will allow them to better understand your preferences and present you more accurate content...

#privacy #security #whatsapp #encryption

https://arstechnica.com/tech-policy/2024/03/whatsapp-finally-forces-pegasus-spyware-maker-to-share-its-secret-code/