Notices tagged with security, page 23

Garbage aka providing relevant Ads 😂 comic credit https://supercombodeluxe.com/gmen/ #privacy #security uBlock Origin, FTW. This is also a good reminder that I don't have any Ads on my blog and if you find my content useful, I have Patreon https://www.patreon.com/nixcraft

From the EU's own EDPS with a damming comment: ". In its
current form, the CSAM proposal would
fundamentally change the internet and
digital communication as we know it, and
that will be a point of no return." https://edps.europa.eu/system/files/2023-10/edsp_briefing-note_csam_proposal-the_point_of_no_return_0.pdf

#encryption #privacy #security #surveillance

So the EU's #ChatControl vote has been delayed twice. Just keep on the pressure to kill it please since it can't be allowed to go into law for obvious reasons. https://tutanota.com/blog/chat-control-criticism

#encryption #privacy #security

JShelter detected fingerprinting activity at Proton.

JShelter website: https://jshelter.org

Free Software Foundation post about JShelter: https://www.fsf.org/news/fsf-announces-jshelter-browser-add-on-to-combat-threats-from-nonfree-javascript

Proton post about fingerprinting: https://proton.me/blog/browser-device-fingerprinting

#Email #Privacy #Security #InfoSec #Transparency #ProtonPrivacy #OpenSource #Proton #Fingerprinting #ProtonMail #ProtonVPN #ProtonDrive #ProtonCalendar #ProtonPass #FSF @fsf @thomzane #FreeSoftwareFoundation #JShelter #PasswordManager

“Poverty is a mystery. Yet somehow, they never say this about national #security ….

to eliminate child #poverty … we would have to give 4.3 million families an average of $12,000 each. It comes out to $52 billion.

Where are we going to get $52 billion per year? We could ask the US #military to cover it — which the #Pentagon could do 16-times over” #war #Biden #politics #news

https://familyinequality.wordpress.com/2023/10/22/child-poverty-intergenerational-or-not-still-not-a-mystery/

Almost got scammed selling some stuff online. 🤙

Had a person send me their number as an interested buyer and told me to text them. I did (first mistake), and we arranged a meetup time. Then they asked if, for their safety, they could send me a six digit code (some of you already know where this is going) that I could repeat back to them to verify myself.

I said, "absolutely!" And sure enough, I got a Google Voice verification number. lol

If you're not familiar with the scam, shady people will take your phone number and try to create a Google Voice account with it. If you provide them with the 6-digit code that Google sends you, they can "verify" that they are you, and then basically use your phone number to run scams, commit fraud, etc. It's nasty business.

I called them out, blocked them, then reported them to the marketplace website and to the FTC--though, almost certainly, they were using the phone number of another poor soul to carry this out.

I used to work as a social engineer, running phishing campaigns (ethically, with consent lol), against Fortune 1000 companies to assess their level of vulnerability. Luckily for me, I was super familiar with this, but most of the people I told about it have said, "Oh, I probably would have fallen for that...", and even I set myself up for it.

So that is why I'm posting this. Please be aware of sketchy shit like this. If someone is asking you for a verification code over SMS or email, tread with EXTREME caution. Also, it's usually pretty shady if a stranger you're already chatting with wants to move to a new platform. Not always, but if someone emails or messages you on Facebook to ask you to text them, that's a little weird. I'd had legitimate buyers/sellers do that, so it's not unheard of, but it should put you on guard.

If you buy/sell/trade online frequently, it's a good idea to use a dedicated MySudo number, VOIP number, and/or a burner phone for that.

Stay safe out there, kids.

#Privacy #Security #Scams #Craigslist #FacebookMarketplace #eBay

With firefox on X11 (#Linux and #Unix machines), any page can pastejack you anytime https://www.openwall.com/lists/oss-security/2023/10/17/1 #security #infosec

Wired: The 23andMe User Data Leak May Be Far Worse Than Believed https://www.wired.com/story/23andme-data-leak-gets-worse-security-roundup/ #Tech #wired #TechNews #IT #Technology via @morganeogerbc #Security/CyberattacksandHacks #Security/SecurityNews #Security/Privacy #securityroundup #SecurityRoundup #encryption #Passwords #Security #security #privacy #hacking

While all software has security issues, the irresponsible behavior of Microsoft shows why anti-trust action is needed to reduce the stranglehold the big tech firms have over the cloud computing market. Without external pressure, companies tend to hide rather than fix problems. https://arstechnica.com/security/2023/08/microsoft-cloud-security-blasted-for-its-culture-of-toxic-obfuscation/ #security #bigtech #oversight

Any device that needs to be off because it can't be trusted with your conversations should not exist in the first place.

#privacy #privacymatters #security #infosec #cybersecurity #cybersec #amazon #amazonecho #surveillance

#BraveBrowser is installing VPNs without users' consent, even if you didn't willingly enable their #VPN service. Just stop using #Brave, it's garbage.

https://www.ghacks.net/2023/10/18/brave-is-installing-vpn-services-without-user-consent/

#Browser #Security #Privacy #OpenSource #FreeSoftware #LibreSoftware

#Israel on Sunday issued a formal #DeclarationOfWar against #Hamas & pounded #Gaza w/ strikes, promising retaliation for an unprecedented attack by the #militant group that surprised Israeli #security forces. The #DeathToll has risen to 600 in Israel, & thousands have been injured…, while Palestinian authorities said ≥370 were killed & 2,200 injured in Gaza.

#Palestine #MiddleEast #geopolitics #war
https://www.washingtonpost.com/world/2023/10/08/israel-gaza-strikes-hamas-netanyahu/

#Hamas said Wednesday that #Israeli strikes targeted the leader of its military wing, killing his brother, as #Israel pledged to focus its fire on Hamas leaders. A plane carrying #US #ammunition has landed in Israel ahead of a visit by Secretary of State Antony #Blinken. In Gaza, #Palestinian authorities said #hospital supplies are dwindling & that the only #power plant has run out of #fuel & stopped operating.

#war #WarCrimes #Terrorism #HumanRights #geopolitics #MiddleEast #Security

#Gantz became the military’s chief of staff in 2011. While in the job, the #IDF fought 2 wars in #Gaza in 2012 & 2014, for which the govt & Gantz have faced international criticism. A #UnitedNations report published in 2015 found that both #Israel & #Palestinian militant groups probably committed #WarCrimes in the 2014 conflict, which left 2,251 #Palestinians dead, 65% of whom were #civilians.

#Hamas #Gaza #war #Terrorism #HumanRights #geopolitics #MiddleEast #Security

The number of confirmed deaths of #Americans in the #Israel-#Hamas conflict has risen to “at least 22,” the State Dept said & President #Biden confirmed during remarks on efforts to combat #antisemitism at a White House roundtable w/ #Jewish community leaders.

The The State Dept believes that 17 Americans are unaccounted for in Israel.

#Gaza #war #Terrorism #HumanRights #geopolitics #MiddleEast #Security

The maintainers of a popular open source tool that serves as a foundational support for many network protocols, including SSL, TLS, HTTP, FTP, and SMTP, are warning of two vulnerabilities that will be disclosed this coming week. The problems center on curl, an open-source command line tool that researchers say is widely used by developers and system administrators. https://therecord.media/curl-vulnerabilities-to-be-announced-open-source
#security #opensource #news #tech #cybersecurity

If you run a publicly available website/service, keep an eye on https://www.cve.org/CVERecord?id=CVE-2023-44487.

It'll be announced at midday UTC today (10th Oct 2023).

If there isn't an update you can deploy quickly for your affected services immediately (there should be for the better known software, they've had advance notice) then you should consider disabling the affected element until there is.

Can't share more right now but it's important so don't forget (& tell your friends!).

#WebDev #InfoSec #Security

Tooting the horn since it's been a while: I'm the lead maintainer for the Ruby passkeys organization, and we're actively looking for help: https://github.com/ruby-passkeys#help-needed

If you'd like to help make sure that Ruby apps are dead-simple to get started with *and* markedly improve everyone's security, please reach out!

#passkeys #security #ruby #RubyOnRails #OSS #passwordless

When we talk about #Wagner in #Africa - the bridgehead for #Moscow was the Central #African Republic.  

'in the #CAR there are about four leaders who were looking after #Russia 's interest - the defence contracts plus #intelligence and #security for president #Touadera The head of the Russia House who was this cultural node, but also overseen economic interests. There were the media operations too
(Cont.)
https://www.bbc.co.uk/programmes/w3ct5hlb

① #China Is Investing Billions in Global #Disinformation Campaign ft. Fake #Journalism, #Bot armies & lawsuits🟠https://archive.ph/XoJxH#selection-4493.148-4493.172

❶ In growing #Security challenge to #USA🟠https://archive.ph/jMjWS

❷ With elections looming, China is flooding #Taiwan with disinformation & wants #Taiwanese voters to think #America is their greatest threat🟠https://archive.ph/Wg5xT#selection-895.0-899.94

#LatinAmerica #Media #Africa #COVID #Ukraine #Facebook #Russia #Meta #News #Instagram #CyberSecurity #Law #Education #SocialMedia▼