An amendment to the āNarcotraficā law is moving to the French National Assembly. Remind your legislators that a backdoor for the good guys only is not possible.
Hier kƶnnt ihr unser aktuelles Spotlight-Interview mit @Tutanota, einer datenschutzfreundlichen E-Mail-, Kalender- und Kontaktlƶsung aus Deutschland lesen:
"BlackGirlsHack meets the #InfoSec needs left unmet by existing services by providing hands-on skills that are focused on people who are upskilling and reskilling in #cybersecurity."
BlackGirlsHack is the leading cybersecurity training nonprofit in the country. The nonprofit organization, which is open to all, provides training, career services, study groups, and resources people looking to upskill and reskill in technology and cā¦
"The consensus among cybersecurity experts could not be clearer:
There is no way to provide government access to end-to-end encrypted data without breaking end-to-end encryption, thus putting every userās security and privacy at risk."
Join the voice of experts in the joint letter to stop the UK's order to break encryption ā Sign and share our petition today ā¬ļø
It is reported that the Home Office has ordered Apple to build a backdoor into its encrypted services so that they can get hold of content that any Apple user has upload to the cloud.
Encryption keeps our private information safe and secure.
ORG and over 150 signatories call on the UK government to RESCIND its demand to create a backdoor to Apple encryption.
It "jeopardises the security and privacy of millions, undermines the UK tech sector, and sets a dangerous precedent for global cybersecurity."
"The worldās second-largest provider of mobile devices would be built on top of a systemic security flaw, putting all of its usersā security and privacy at risk."
On 13 February 2025, 109 civil society organizations, companies, and cybersecurity experts, including Global Encryption Coalition members, published a joint letter to the British Home Secretary Yvette Cooper calling on the UK Home Office to rescind iā¦
This is what I think about whenever infosec wonks on here start telling people they should use matrix or xmpp+omemo or whatnot instead of signal
To be fair, I understand the arguments and to a large extent I agree with the critiques. However, I think anyone making these recommendations is vastly underestimating the capacity or appetite for most people to deal with the user experiences presented by these alternatives.
User experience is the ultimate force multiplier. For anything that requires network effects to function (ie most anything involving communication), if it doesn't *just work* then you've lost 90% of your audience.
Most (somewhere around 90 percent) of the top Websites?
Talk of Meta's own internal infrastructure?
What an absolutely asinine thing to do. Linux is incredibly prevalent in the technology landscape today. Yes, #linux on the desktop is a small percentage of the overall devices on the market today. However, linux usage in #embedded, #server, and #appliance applications is to a level where censoring references to it is insanity.
The irony of all of this? Zuckerfaces recent pull back of moderation on Meta's sites.... Meaning it's now okay to bash socially vulnerable populations, spread tons of mis-information on many social and political topics... But linux?"Oh no! That's a #CyberSecurity threat!"
This reeks of political #tomfoolery. I won't be surprised if it's eventually revealed that our new overlords put pressure on #Meta to #censor linux.
EVs, batteries, lidar, drones, robotics, smartphones, AI. China's progress across a range of overlapping industries creates a mutually reinforcing feedback loop.
Thinking about a new Linux laptop to run Linux on? Going with Linux laptop vendors can be a good option as they offer seamless hardware-software integration, pre-installed Linux distros, and guaranteed driver compatibility. Here are available Linux laptop vendors šš
Explore high-quality infographics on Linux, cybersecurity, and networking. Perfect for certifications, technical knowledge, and tech career upskilling.
Free office suite ā the evolution of OpenOffice. Compatible with Microsoft .doc, .docx, .xls, .xlsx, .ppt, .pptx. Updated regularly, community powered.
Think twice before scanning QR codes: 60% of them are spam. Be careful when travelling for business, too - scammers are even putting fake QR codes on parking meters. Stay cautious to protect your business data
Letās not fool ourselves, Musk will use all Tesla and X data for his goals in Europe. Every Tesla is collecting video and location information all the time, information that can be (mis)used by Elon . #cybersecurity #privacy #tesla #musk
Important reminder, if you own a domain name and don't use it for sending email.
There is nothing to stop scammers from sending email claiming to be coming from your domain. And the older it gets, the more valuable it is for spoofing. It could eventually damage your domain's reputation and maybe get it blacklisted, unless you take the steps to notify email servers that any email received claiming to come from your domain should be trashed.
Just add these two TXT records to the DNS for your domain: TXT v=spf1 -all TXT v=DMARC1; p=reject;
The first says there is not a single SMTP server on earth authorized to send email on behalf of your domain. The second says that any email that says otherwise should be trashed.
If you do use your domain for sending email, be sure to add 3 records: SPF record to indicate which SMTP server(s) are allowed to send your email. DKIM records to add a digital signature to emails, allowing the receiving server to verify the sender and ensure message integrity. DMARC record that tells the receiving email server how to handle email that fails either check.
You cannot stop scammers from sending email claiming to be from your domain, any more than you can prevent people from using your home address as a return address on a mailed letter. But, you can protect both your domain and intended scam victims by adding appropriate DNS records.
UPDATE: The spf and the dmarc records need to be appropriately named. The spf record should be named "@", and the dmarc record name should be "_dmarc".
Here's what I have for one domain.
One difference that I have is that I'm requesting that email providers email me a weekly aggregated report when they encounter a spoof. gmail and Microsoft send them, but most providers won't, but since most email goes to Gmail, it's enlightening when they come.
It is a logic flaw in the way curl parses .netrc file. In certain situations, the configured password can be sent to a incorrect host. Luckily the affected configurations should be quite rare and thus the situation is unlikely to occur often.
The issue has existed in the curl source code for almost twenty-five years.
Repeat offenders drive bulk of tech support scams via #Google #Ads
"Search engines, and Googleās in particular, are our gateway to the web. Yet, that door sometimes opens up to unsavory places thanks to sponsored search results, AKA ads."
This is part of the reason I recommend using an #adblocker (whether in browser, on device, or network-based.)
Wild ass day in the Tor node operator world. Got an email from my VPS, forwarding a complaint from WatchDog CyberSecurity saying that my box was scanning SSH ports!
> Oh no, oh no, I knew I should have set up fail2ban, oh god why was I so lackadaisical!
So I remote in to the machine: no unusual network activity, no unusual processes, users, logins, command history, no sign that anything is doing anything I didn't tell it to do.
So what's up? Turns out there's been a widespread campaign where some actor is spoofing IPs to make it look like systems running Tor are scanning port 22: forum.torproject.org/t/tor-relā¦
Operators from all over are saying they're getting nastygrams from their VPS providers because WatchDog is fingering their source IPs (which are being spoofed and NOT part of a global portscanning botnet).
It would be hard to explain to Verizon I run Tor relays since they technically don't allow servers. I hope I'm not forced onto AT&T Internet Air as my particular co-op rental unit won't let met get Spectrum even when other units can, not that I wanteā¦
Happy birthday to ARPANET, the forerunner of the modern internet! 53 years ago, the first message was sent over this pioneering network, paving the way for a world of interconnection and innovation.
As a tech enthusiast, I am constantly amazed by the ways the internet has transformed our lives, allowing us to communicate, learn and share ideas across boundaries and borders. From social media to e-commerce, from telemedicine to remote work, the internet has become an essential part of our daily routines, enabling us to connect with others and access a wealth of information at our fingertips.
T-Mobile reaches $31.5 million settlement with FCC over past data breaches
Apparently, T-mobile is now mandated to implement better cybersecurity controls, such as properly segmenting networks and using phishing resistant #MFA.
This settlement covers the breaches in 2021, 2022, and 2023. Will we get a 2024 special? š
Today I made my threat hunt book publicly known on LinkedIn. So far the feedback has been overwhelming. I do hope my efforts will contribute to educate both threat hunters and SOC analysts!
A quick story/rant.. my cousin got my mother a new coffee maker. I don't expect my mom to use the WiFi functionality, but I'm still concerned about why we would need a whole coffee maker to have a small computer in it... I understand the versatility of not having a hub, and that hubs are also a single point of access for any malicious actors, but I'm sure a hub for multiple devices instead of a thing for a coffee maker would be updated much more frequently, and supported for longer. If nothing else, maybe I can pull it into my janky Home Assistant setup somehow.
Even if it doesn't end up being a gateway for snooping on home network, it is quite silly, in my opinion. Now, I must go check to see if anyone's hacked at these yet lol...
