This dumb password rule is from Banco Mercantil.

8 to 15 chars. No special chars allowed but requires special chars. Also
requires lowercase, uppercase, and numbers. Consecutive chars are
prohibited. Did I mention the page hangs while you type? That eye icon
tho.

dumbpasswordrules.com/sites/ba…

#password #passwords #infosec #cybersecurity #dumbpasswordrules

Banco Mercantil - Dumb Password Rules

8 to 15 chars. No special chars allowed but requires special chars. Also requires lowercase, uppercase, and numbers. Consecutive chars are prohibited. Did I mention the page hangs while you type? That eye icon tho.

^{dumbpasswordrules.com}

Yours truly is looking for an #InfoSec / #Cybersecurity job in a safer state than Florida. I do pretty much all things security... like consulting, malware analysis, auditing, compliance, blue team, red team, purple team, SecDev, SecOps, SecDevOps, etc.

My kids are all grown now, so I am more than willing to travel / relocate. If you have any leads or tips on some good companies, please let me know.

#GetFediHired
[matrix] • [SimpleX]

Matrix - Decentralised and secure communication

You're invited to talk on Matrix. If you don't already have a client this link will help you pick one, and join the conversation. If you already have one, this link will help you join the conversation

^matrix.to

Microsoft Authenticator prompts the user to accept sharing analytics during the first launch. The prompt only dismisses when the user taps on "Accept." In fact, the app starts sending analytics even before accepting the privacy statement.🤦‍♂️

In this video, we downloaded the authenticator app from the App Store and we opened it as we monitored the iPhone network traffic. While the app was showing the permission prompt, we captured at least 3 calls made by the app sending diagnostics to Microsoft. The app sent 14 KB of analytics even before accepting the prompt.

The message on the prompt actually says that Microsoft needs to collect diagnostic data in order to keep Authenticator secure and up to date. 😵‍💫

#Privacy #Cybersecurity #2FA #InfoSec #Security #Microsoft

youtu.be/r5456XXG6v0

Privacy: Microsoft Authenticator sends analytics even before accepting the privacy statement

When opening Microsoft Authenticator for the first time after downloading it from the App Store, it prompts the user to accept sharing diagnostics with Micro...

^YouTube

Time it takes for a hacker to brute force your password.

#Cybersecurity

Good to know: Tutanota checks your password upon signup and makes sure it's strong enough. Secure your emails now: mail.tutanota.com/signup

Of course, we also support 2FA on all clients.

Stay secure! 😍

I had quite a scary discussion with #Bing Chat which was hijacked by German security researchers and transformed into a pirate chatbot. Seconds later it asked for my personal information and sent it to the attacker. The thing is: Everyone can hijack Bing chat this way right now. It’s not even hard - you don't have to be a hacker.
Microsoft told me they had heard of the attack - and obviously weren't able to stop it from happen. My article (+German):

zeit.de/digital/2023-03/cybera…
#cybersecurity #ITSec

Please boost! We are *hiring* for *two* jobs in information security! Come work with our amazing team building solutions for the security have-nots in our world!

Red Queen Dynamics needs 1) a leader for engineering/cloud infrastructure, and 2) a product designer. We are a remote-first security company and we welcome people from all backgrounds and life journeys. #infosec #infosecjobs #hiring #cybersecurity

You can apply here! Tech Lead: linkedin.com/jobs/view/3475289…

Product Designer: linkedin.com/jobs/view/3475289…

Or stay up to date with all our job postings on our website: rqdn.io/career-opportunities

Tutanota: U2F support is now also available on #Android and #iOS

U2F keys are now supported on all @Tutanota clients.

(Tutanota is also an avoidthehack recommended encrypted email provider).

#mfa #2fa #privacy #cybersecurity #infosec #infosecurity

tutanota.com/blog/posts/app-up…

U2F support is now also available on Android and iOS.

Celebrate with us the new release of Tutanota!

^Tutanota

#getfedihired #Dragos, industrial #cybersecurity
jobs.lever.co/dragos

Senior Pen Tester - Remote US
Principal Detection Engineer - Remote US
Senior Reverse Engineer - Remote US
Senior OT Engineering - Remote UK

Salaries are in postings.

Dragos Inc. jobs

Job openings at Dragos Inc.

^{jobs.lever.co}

Do you spot the trick?

This is a cookie banner shown before using Google search in some countries.

"Reject all" is a straightforward option. It appears in the same size and color as "accept all." It uses bullets, simple and concise language, and visualization. It has links for further info. So far, so good.

But there is a trick. Do you spot what is it?

#privacy #cybersecurity #securityawarenessmonth #google

Firefox Kills Another Tracking Cookie Workaround

#News #Firefox #Mozilla #privacy #cookies #infosec #Cybersecurity
theregister.com/2022/06/30/fir…

Firefox kills another tracking cookie workaround

URL query parameters won't work in version 102 of Mozilla's browser

^{Brandon Vigliarolo (The Register)}

We need your help! 👋

Bitwarden is evaluating a new product tailored for developers and DevOps teams, to understand how they manage developer and infrastructure-oriented secrets, such as API keys, certificates, etc.

If you would like to participate, please fill out this short screener:

docs.google.com/forms/d/e/1FAI… #DevOps #developer #cybersecurity

Developer vault - Research Study Screener Survey

Thanks for your interest in participating in user research with Bitwarden! Please fill out this short screener survey, and we will reach out to you for scheduling if you qualify for the study.

^{Google Docs}