Notices tagged with security, page 4

Proaktive IT-Security mit Pentesting: Ethical Hacking für Admins

In fünf Terminen lernen Admins und IT-Security-Verantwortliche ab dem 04.11., wie sie mit Ethical Hacking Systeme absichern und Schwachstellen aufdecken.

https://www.heise.de/news/Proaktive-IT-Security-mit-Pentesting-Ethical-Hacking-fuer-Admins-9960511.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#Hacking #Security #PenetrationTesting #news

I said this in 2016, and I still don't like the demonstration of virtue and posturing in the field.

"Hey guys, if you cover your webcam but don't hammer a nail into the microphone, you're doing it wrong!"

Random provocation! ;)

#Infosec #security

There is no such thing as a backdoor for good guys. Once you place a backdoor, you compromise the safety and privacy of all your users. A third party or bad guys will get access to it and abuse it further. The concept of a "backdoor for good guys" is fundamentally flawed and dangerous. It sets a dangerous precedent. Security and privacy should be absolute. There's no safe way to create a backdoor that can't be exploited by malicious actors. #privacy #security #infosec

Spotted @mullvadnet VPN and browser ads on the Green Line in Boston!

#Privacy and #security are more important than ever in the US 🇺🇸

Have you tried Mullvad yet? They are solid. #Mullvad

The recent #CUPS #vulnerability and previous #XZUtils compromise show that my previously-held opinions about #Debian Stable vs Testing (and #FOSS / #OpenSource #security in general) were not entirely accurate.

In their own docs, the Debian devs say, "If security or stability are at all important for you: install stable. period. This is the most preferred way." (https://www.debian.org/doc/manuals/debian-faq/choosing.en.html#s3.1) Personally, I'd always held the belief that trust in the package developers was sufficient, and that having the distro do extra checks was superfluous.

I now see that #Linux distros' approvals of #software is much like an enterprise #PatchManagement system: adding an extra layer of verification, checking for vulnerabilities/#threats, compatibility, and integrity within an environment as part of #DefenseInDepth #BestPractices against, among other tings, #SupplyChain attacks.

While my reservations about the age of Debian Stable's packages remains, that too may be changed some day. Security is all about learning and acting based on the best data and information available.

Update: Y'all are amazing, we are 77% funded. I added in the totals of those who reached out directly.

One of my many projects is providing phones & laptops to victims of DV. That is my cause for this month. I'd love to get the rest funded, and give free access to one of my classes, Privacy Fundamentals for anyone who donates.

https://www.ko-fi.com/lockdownyourlife

#tech #infosec #safety #privacy #security

BREAKING: Court allows #privacy lawsuit against #Apple to proceed in part.

This lawsuit is based on our work. We found out that Apple apps, including the App Store app, collect detailed and identifiable analytics and there's no option to switch it off

https://www.reuters.com/legal/apple-must-face-narrowed-privacy-lawsuit-over-its-apps-2024-09-27/

#infosec #iOS #security

#meta #facebook #threads #instagram #socialmedia #security “Officials in Ireland have fined Meta $101 million for storing hundreds of millions of user passwords in plaintext and making them broadly available to company employees.”

https://arstechnica.com/security/2024/09/meta-slapped-with-101-million-fine-for-storing-passwords-in-plaintext/

#Netanyahu also stressed the need to achieve a peace agreement w/ #SaudiArabia, citing the experience of the #AbrahamAccords.

“I say to you, what blessing such a peace w/ Saudi Arabia would bring – it would be a boon to the #security & #economy of our 2 countries, it would boost trade & tourism across the region, it would help transform the #MiddleEast into a global juggernaut,” he said.

#Israel #UNGA #UN #geopolitics #war #Gaza #Palestinians #HumanitarianCrisis

#Japan’s ruling party elects #ShigeruIshiba as new prime minister

Ishiba, who wants an ‘Asian #NATO’ to counter #security threats from #China & #NorthKorea, is the #Liberal #Democratic Party’s new leader, replacing Fumio Kishida.

#geopolitics #Asia
https://www.washingtonpost.com/world/2024/09/27/japan-new-prime-minister-leader-shigeru-ishiba/

#KamalaHarris also appeared to take a swipe at #Trump & his running mate #JDVance who've floated #Ukraine ceding territory to #Russia as part of negotiations to end the #war.

"However, in candor, I share with you Mr. President, there are some in my country who would, instead, force Ukraine to give up large parts of its #sovereign territory, who would demand that Ukraine accept neutrality & would require Ukraine to forego #security relationships w/other nations," #Harris said.

#HarrisWalz2024

✔ @torproject & @tails are going to strengthen their collaboration by merging¹! 👍

✔ #Tor has also released a new alpha

✔ It seems this #update does not address any of the potential #security issues, recently suspected after #German #lawenforcement claims to have used #timinganalysis to unmask Tor users.

✔ Potential solutions: timing delays, cover traffic...

¹https://blog.torproject.org/tor-tails-join-forces/
²https://blog.torproject.org/tor-is-still-safe/

#Torproject #Tails #Privacy #Surveillance #Freedom #Germany #Tech #Internet #Gov #IT

MVP #KamalaHarris speaking soon in #Pittsburgh, #Pennsylvania about building an #economy that will work for all Americans.

#OpportunityEconomy #MiddleClass #labor #unions #protection #security #education #training #infrastructure

#Vote for #KamalaHarris & Gov #TimWalz to protect our fundamental freedoms & defeat #Trump & the #MAGA #Republicans this #election.

#VoteBlue
#HarrisWalz2024
https://www.youtube.com/watch?v=XokApnr_Cak

"The team used a DJI Phantom 4 Pro drone as a stand-in for such an aircraft for an experiment. Using a ground-based radar system, the team spotted the tiny drone thanks to the radiation emitted by a Starlink #satellite, which was flying over the Philippines at the time."

https://futurism.com/the-byte/chinese-researchers-detect-stealth-aircraft-starlink

#Space #Security #Defense

Mehr als nur Programmieren: Ankündigung der tech:lounge Masterclass

Die the native web GmbH veranstaltet ab dem 11. November 2024 insgesamt zwölf Webinare zu den Themen Performance, Clean Code, Security und Architektur.

https://www.heise.de/blog/Mehr-als-nur-Programmieren-Ankuendigung-der-tech-lounge-Masterclass-9870380.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#Programmierung #Security #Webentwicklung #news

KI-Gesichtserkennung und Co.: Schlimmste Überwachungsnovelle aller Zeiten droht

Das Internet kann man nicht downloaden: Warum das KI-Überwachungspaket der Bundesregierung jetzt gestoppt werden muss. Ein Kommentar von Dennis-Kenji Kipker.

https://www.heise.de/meinung/KI-Gesichtserkennung-und-Co-Schlimmste-Ueberwachungsnovelle-aller-Zeiten-droht-9949880.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#Datenschutz #IPAdressen #Netzpolitik #Security #Vorratsdatenspeicherung #news

Researcher reveals ‘catastrophic’ #security flaw in the Arc browser

(CVE-2024-45489)

The Arc Browser is a fork of #chromium with a lot of built-in features and integrations... and requires an account to use.

Arc Browser uses Firebase to store user information for features like Arc Boosts. Arc Boosts can contain arbitrary javascript... with knowing the CreatorID, an attacker could inject code into other users' browsing sessions.

Crazy to me because this implementation appeared to rely solely on user-provided identities (the CreatorID) without implementing any checks.

This has been patched in the newest version of the Arc browser.

#browsers #cybersecurity #cve

https://www.theverge.com/2024/9/20/24249919/arc-browser-boost-firebase-vulnerability-patched

"More than 700 former military and national security officials endorse Harris, say Trump is ‘impulsive and ill-informed’"

#Harris #GOP #Democrats #RVAT #Politics #News #USA #2024Election #Vote #Polls #MAGA #Republicans #Kamala #Walz #Security @KamalaHarrisWin

https://www.cnbc.com/2024/09/22/bipartisan-national-security-group-endorses-harris-over-trump.html

Trump and his campaign enter turbulent phase in final weeks

With just 45 days left until the election,
the past three weeks reveal whatever control and self-restraint helped launch Trump’s third presidential campaign has largely disappeared in the crucial final stretch.


On the Monday before Trump’s first debate with Vice President Kamala Harris, his running mate shared on social media, without evidence, the claim that Haitian immigrants were abducting and 🔸eating their neighbors’ pets
— one Trump repeated the following night on the debate stage, in a moment that instantly went viral.

Trump’s #chaotic and widely criticized #debate #performance coincided with an already tumultuous period for the former president.

He had recently welcomed back into his orbit Corey #Lewandowski
— his former 2016 campaign manager who was exiled after allegations of #sexual #assault by a donor
— and had begun traveling around the country with Laura #Loomer, a far-right ally who has spread #conspiracy #theories.

Two failed apparent #assassination attempts,
as well as additional #threats against him,
have also left the freewheeling presidential candidate constrained by a mushrooming #security presence and has made staging campaign events more challenging.

https://www.washingtonpost.com/politics/2024/09/21/trump-turbulence-campaign-election/

Any security/privacy experts have any thoughts about Apple’s Private Relay service through their iCloud+ subscription?
Good?
Bad?
Irrelevant?
I won’t be getting rid of my iCloud account anytime soon, so unless there is some other compelling reason not to, it seems worth using it.
Edit: Ironically, I couldn’t send this post from my local server because, I think, of my local DNS so… Private Relay off now. 😆
#Apple #Firewall #security #privacy #icloud