Why the heck is there a call to bash and install dependencies / npm install embedded in the FAA's TFR pages?

view-source:tfr.faa.gov/tfr3/?page=detail_…

#cybersecurity

#ChatControl is OFF the table for now. 💪

But the Danish Minister of Justice and chief architect of the current Chat Control proposal, Peter Hummelgaard, wants to bring it back in December.

😡 He now even claims your activism was paid for by Big Tech! 😡

We must keep fighting for #encryption and our right to #privacy 🔒️

Source: netzpolitik.org/2025/absurd-un…

#No2Backdoors #CyberSecurityMonth #CyberSecurity #Security

This dumb password rule is from Sky Ticket.

Sky is a german pay-TV provider with over 23 million subscribed users worldwide. They also have an online streaming service called "Sky Ticket".

You can only set a **4 digit long PIN** with no option for two-factor authentication or any additional security mechanisms.

dumbpasswordrules.com/sites/sk…

#password #passwords #infosec #cybersecurity #dumbpasswordrules

Sky Ticket - Dumb Password Rules

^{dumbpasswordrules.com}

This dumb password rule is from Air Miles.

- Exactly 4 numbers.

dumbpasswordrules.com/sites/ai…

#password #passwords #infosec #cybersecurity #dumbpasswordrules

Air Miles - Dumb Password Rules

^{dumbpasswordrules.com}

☁️The recent AWS outage showed how fragile “cloud-based security” can be.

When one datacenter faltered, global communication tools — including Signal — went dark 🌑

🕸️Matrix-based messaging systems kept running because they don’t rely on a single provider.

Resilience = decentralization

Let's invest in open, federated platforms.

#AWS #Signal #Matrix #Resilience #CyberSecurity #Decentralization #OpenSource

ssh access to... a bed?!?!?!?

trufflesecurity.com/blog/remov…

#ssh #cybersecurity

Removing Jeff Bezos From My Bed ◆ Truffle Security Co.

Eight Sleep smart bed found to contain an exposed AWS key and a likely backdoor that allowed engineers to remotely access users' beds

^{trufflesecurity.com}

Big F5 stuff dropping, starting with disclosure of incident and 8K filing. If you've got F5 in your stack, you're going to want to brew more coffee. No, more than that.

Keep going.

#threatintel #cybersecurity #infosec

infosec.exchange/@cR0w/1153783…

The #Signal App gets only a 9 out of 10 for #Privacy protection, and it's not just because it requires a phone number.

"While most of Google’s analytics are turned off in the Signal app, it still uses the Google Maps API to handle location data. Calls to Google Maps turn over a bunch of metadata, including the IP you’re connecting from. For a project that’s so invested in privacy, it’s surprising that Signal doesn’t use an open source alternative such as Open Street Map."

They call a Google API with location data and hand over the IP? Seriously?

mozillafoundation.org/en/nothi…

#cybersecurity

Signal App Review 2025: Privacy, Pros and Cons, Personal Data

Read our privacy expert's review of the messaging app Signal. Signal is widely regarded as the “best in class” private messenger app. Unlike most messaging apps, Signal takes a completely hands-off approach to your data.

^{Mozilla Foundation}

Microsoft Office 2016 and Office 2019 are no longer receiving software updates, technical support, or bug and security fixes.

Consider migrating to LibreOffice.

Microsoft recommends migrating to a Microsoft 365 subscription.

LibreOffice supports the features that a majority of users need for free.

Website: libreoffice.org
Mastodon: @libreoffice

4/4

#Microsoft #Office2016 #Office2019 #Office #LibreOffice #Privacy #InfoSec #CyberSecurity #Encryption #FOSS #FreeSoftware #OpenSource

🎣 Phishing Alert!

Malicious attackers use lookalike domains to trick you into clicking fake links. These sites steal logins, banking info & more.

🛡️ Stay safe:
🔹 Double-check URLs
🔹 Don’t log in via links
🔹 Bookmark official sites

👉 Check the full guide: tuta.com/blog/how-to-prevent-p…

Stay alert this #CyberSecurityMonth

#CyberSecurity #Phishing

AI has found 50 bugs in cURL. "AI-native SASTs work well"

etn.se/72494

#HackerNews #AI #cURL #bugs #SAST #cybersecurity #technology

Poll: How many screens do you work with? 🖥️

Vote + Boost 🔁 = ❤️

(Feel free to reply with how this setup helps you 👇)

#Linux #Arch #LinuxMint #Fedora #Debian #Ubuntu #Desktop #FOSS #Privacy #Security #OpenSource #Microsoft #Windows #TechNews #CyberSecurity #Tech #Technology #Apple #OS #iOS #MacOS #OperatingSystem #Monitor #Monitors #Screen #Screens #TV #OLED #2k #4k #HD #Job #Work #Productivity #Multitasking #Dev #DevOps #Development #Developers #DevLife #SysAdmin #TechCommunity

• 🧍 Just 1 screen (0 votes)
• 🧑‍💻 Dual setup (2) (0 votes)
• 🧠 Triple or more (0 votes)

🔐 Tuta Mail introduces key verification to strengthen end-to-end encryption and defend against MITM attacks 👥
Users can now verify contacts’ public keys via QR code or manual comparison.
If skipped, Tuta defaults to TOFU (Trust On First Use) for seamless encryption 🧩

@Tutanota
🔗 tuta.com/blog/key-verification

#Encryption #CyberSecurity #Privacy #Tuta #Tutanota #TutaMail #EmailSecurity #OpenSource #FOSS #E2EE #PGP #Email #Mail #TechNews #DataProtection #Crypto #DigitalRights #OnlinePrivacy

Tuta introduces key verification | Tuta

Key verification makes your encrypted mailbox even more secure, enabling you to prevent monster-in-the-middle attacks.

^Tuta

Don't trust cloud services with your creative work.

#enshittification #privacy #infosec #security #cybersecurity #writing #art

Adobe is now processing all your PDFs in the cloud, by default. The setting to “Enable generative AI features in Acrobat” was on, and I didn’t know it until I opened a document and Adobe asked me if I wanted a document summary. It’s annoying to have to click “No,” so I opened settings to disable the prompt.

THE PROBLEM
I sign Non-Disclosure Agreements for many of my clients. Adobe is a potential leak of protected information. I don’t know what Adobe does with this information. I don’t know what they store, or for how long. I don’t know what country (or countries) the data is stored in. I don’t know what LLMs are trained with this data. And I don’t need to know. What I need to know is that they won’t use default opt-in as a legal excuse to wiretap my information.

I recommend that you check your Adobe settings on all devices, for all Adobe accounts.

#CallMeIfYouNeedMe #FIFONetworks

#cybersecurity

Startpage is a search engine that has been promoted as a European alternative to Google Search.

This is a misleading statement.

CLARIFICATION

Headquartered in the Netherlands.

Owned by System1: mastodon.online/@blueghost/111…

Revenue is consolidated with System1's financial statements.

System1 supports employee salaries, technology investments, and marketing initiatives.

Source: support.startpage.com/hc/artic…

Website: startpage.com

#Startpage #StartpageSearch #Privacy #InfoSec #CyberSecurity

#kosmas #knihkupectvi #cybersecurity #hackers

Ajajaj, moje oblíbené knihkupectví bylo napadeno 😱

kosmas.cz/info/kosmas-celi-uto…?

How can Europe better secure the open #digitalinfrastructure that underpins its public services, or #digitaleconomy?

We are delighted to announce the next #EOSA Webinar, #OpenSource for #Cybersecurity: Securing and Maintaining Europe's Open Source Dependencies.
This webinar looks at how Europe's cybersecurity and digital policy agendas are increasingly intertwined.

Learn more and register today: tinyurl.com/yf7xyadr

FBI Warning on Messaging Apps: Time to Rethink What "Secure" Really Means

The FBI recently urged Americans to switch from SMS to encrypted messaging apps like WhatsApp and Signal.

Read More at: puri.sm/posts/fbi-raises-alarm…

#Cybersecurity #Privacy #Surveillance #Signal #WhatsApp

FBI Raises Alarm on Encrypted Messaging Apps: A New Front in the Battle for Digital Privacy and National Security – Purism

Purism makes premium phones, laptops, mini PCs and servers running free software on PureOS. Purism products respect people's privacy and freedom while protecting their security.

^{Purism SPC}

🔥 The EU Vulnerability Database (EUVD) is LIVE at euvd.enisa.europa.eu/homepage 🇪🇺💪

Finally, we've got our OWN vulnerability tracking system that's not dependent on …

Three awesome dashboards: critical vulns, actively exploited stuff, and EU-coordinated disclosures. … intel we need to patch our systems PROPERLY!

This is digital sovereignty and resilience in action, folks! No more single points of failure in global vuln tracking. 🧙‍♂️🖥️

#Cybersecurity #EUVD #DigitalSovereignty #FOSS #NIS2

EUVD

European Vulnerability Database

^{euvd.enisa.europa.eu}

Privacy is calling. Will you answer?

Ditch surveillance phones.

Try the Librem 5 + AweSIM — privacy-first smartphone + service.

✅ Unlimited talk, text, & data
✅ Built on PureOS (open-source Linux)
✅ Your data ≠ their profit
✅ No contracts, no ads, no spyware

Big carriers track your every move.

AweSIM shields your identity from Big Tech & foreign surveillance.

Take back control: puri.sm/products/librem-awesim…

#PrivacyMatters #CyberSecurity #LinuxPhone #SurveillanceCapitalism #Librem5 #AweSIM

The Liberty Phone delivers uncompromising security for government communications- No Surveillance.

Link to Video: puri.sm/posts/the-liberty-phon…

#LibertyPhone #MadeInUSA #SupplyChainSecurity #OpenSource #PureOS #EndToEndEncryption #HardwareSecurity #GOTSSolution #CyberSecurity

The Liberty Phone: Secure Government Mobility – Purism

Purism makes premium phones, laptops, mini PCs and servers running free software on PureOS. Purism products respect people's privacy and freedom while protecting their security.

^{Purism SPC}

｢ Finland, Sweden, Norway, Denmark and Estonia are rolling out offline card payment systems to provide a back-up if internet connections are lost, including due to sabotage, Bank of Finland board member Tuomas Valimaki said on Wednesday ｣

reuters.com/business/finance/n…

#cybersecurity #estonia

The Liberty Phone delivers uncompromising security for government communications- No Surveillance.

puri.sm/products/liberty-phone…

#LibertyPhone #SecureGovMobile #MadeInUSA #SupplyChainSecurity #OpenSource #PureOS #EndToEndEncryption #HardwareSecurity #GOTSSolution #CyberSecurity

This dumb password rule is from Polytechnique Montreal.

Passwords must have a minimum length of 8 characters

Passwords must have a maximum length of 30 characters

Passwords must contain a minimum of 2 digits

Passwords must contain a minimum of 2 letters

Password must be different than the last one used

Passwords may contain these special characte...

dumbpasswordrules.com/sites/po…

#password #passwords #infosec #cybersecurity #dumbpasswordrules

Polytechnique Montreal - Dumb Password Rules

Passwords must have a minimum length of 8 characters Passwords must have a maximum length of 30 characters Passwords must contain a minimum of 2 digits Passwords must contain a minimum of 2 letters Password must be different than the last one use…

^{dumbpasswordrules.com}

Long passwords are important.

Source: reddit.com/r/dataisbeautiful/c…

#tech #technology #encryption #password #passwords #Security #cybersecurity #computing #computers #computer

Python now ships with 15,000 lines of verified cryptographic code from HACL*, covering all default hash and HMAC algorithms. The integration was seamless and automated, aiming to eliminate bugs like the 2022 SHA3 CVE. A major milestone for verified crypto in mainstream software.

jonathan.protzenko.fr/2025/04/…

#Python #CyberSecurity #Cryptography #AppSec

🧠 Microsoft is reintroducing Recall in Windows 11 — a feature that captures screenshots every 3 seconds of your activity to create an AI-powered memory. What could go wrong?

It now includes:
🔐 Opt-in only
📍 Local device processing
🧑‍💻 Windows Hello authentication

But many still ask: is it a productivity boost or a privacy liability? 😳
Even with safeguards, the idea of your system quietly watching everything you do raises serious concerns about digital trust.

#Privacy #Windows11 #AI #Cybersecurity #TechNews
arstechnica.com/security/2025/…

That groan you hear is users’ reaction to Recall going back into Windows

Snapshotting and AI processing a screen every 3 seconds. What could possibly go wrong?

^{Dan Goodin (Ars Technica)}

#Tuta birthday sale: 62% off Legend plan

tuta.com/special-offer/?t-src=…

#email #privacy #cybersecurity

Tuta: Turn ON privacy for free with secure emails, calendars & contacts | Tuta

Tuta guarantees your data stays private for free & without ads. Quantum-resistant encryption makes Tuta the best secure technology solution to protect your privacy.

^Tuta

This dumb password rule is from Bank Millennium.

Passwords limited to 8 digits.

dumbpasswordrules.com/sites/ba…

#password #passwords #infosec #cybersecurity #dumbpasswordrules

Bank Millennium - Dumb Password Rules

^{dumbpasswordrules.com}

🛡️#Curl has been around for 26 years—and it’s still secure! How?

European Open Source Academy member, @bagder Stenberg, joined the latest episode of Security Weekly Productions, discussing how Curl and #libcurl have maintained security and reliability over decades.

A must-listen for #developers and #cybersecurity enthusiasts! 👨‍💻🔒

📺 Explore the episode : youtube.com/watch?v=0UavY_kKKic

👉 Learn more about the Academy : europeanopensource.academy/new…

#CyberSecurity #CurlProject #AppSec

So, Cloudflare analyzed passwords people are using to log in to sites they protect and discovered lots of re-use.

Let me put the important words in uppercase.

So, CLOUDFLARE ANALYZED PASSWORDS PEOPLE ARE USING to LOG IN to sites THEY PROTECT and DISCOVERED lots of re-use.

[Edit with H/T: benjojo.co.uk/u/benjojo/h/cR4d…]

blog.cloudflare.com/password-r…

#cloudflare #password #cybersecurity

Password reuse is rampant: nearly half of observed user logins are compromised

Nearly half of observed login attempts across websites protected by Cloudflare involved leaked credentials. The pervasive issue of password reuse is enabling automated bot attacks and account takeovers on a massive scale.

^{The Cloudflare Blog}

"Google refuses to deny it received encryption order from UK government"

The UK’s encryption-breaking order for a backdoor into iCloud isn’t a one-off.

The secret hearing happening RIGHT NOW is bigger than just Apple. If the government wins, our right to privacy and security falls.

Other services will be hit.

therecord.media/google-refuses…

Sign our petition ➡️ you.38degrees.org.uk/petitions…

#e2ee #encryption #apple #google #privacy #security #cybersecurity #ukpol #ukpolitics #tech

Google refuses to deny it received encryption order from UK government

U.S. lawmakers say Google has refused to deny that it received a Technical Capability Notice from the U.K. — a mechanism to access encrypted messages that Apple reportedly received.

^{therecord.media}

This dumb password rule is from TreasuryDirect.

Will allow most passwords longer than 8 characters. Doesn't tell you there is a
maximum length of 16 characters. Then forces you to type it with an on-screen keyboard
with no capital letters.

dumbpasswordrules.com/sites/tr…

#password #passwords #infosec #cybersecurity #dumbpasswordrules

TreasuryDirect - Dumb Password Rules

Will allow most passwords longer than 8 characters. Doesn't tell you there is a maximum length of 16 characters. Then forces you to type it with an on-screen keyboard with no capital letters.

^{dumbpasswordrules.com}