#InfoSec
🚨New ransom group blog post!🚨
Group name: rhysida
Post title: Holding Slovenske elektarne
Info: https://cti.fyi/groups/rhysida.html
#ransomware #cti #threatintelligence #cybersecurity #infosec
GCHQ shrinks amid recruitment and retention challenges https://therecord.media/gchq-workforce-shrinks-isc-report #cybersecurity #infosec #privacy

🚨New ransom group blog post!🚨
Group name: rhysida
Post title: Hse
Info: https://cti.fyi/groups/rhysida.html
#ransomware #cti #threatintelligence #cybersecurity #infosec
Apple und Google: Behörden spionieren Nutzer über Push-Benachrichtigungen aus https://www.golem.de/news/apple-und-google-behoerden-spionieren-nutzer-ueber-push-benachrichtigungen-aus-2312-180106.html?utm_source=dlvr.it&utm_medium=mastodon #cybersecurity #infosec
This dumb password rule is from Lowes.
- Be 8 to 12 characters in length
- Include at least 1 letter and 1 number
- Contain no spaces
- Contain no more than 3 of the same consecutive characters
https://dumbpasswordrules.com/sites/lowes/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
The Rural Tech Fund Golden Ticket #fundraiser is live - opportunities to win #infosec training and support a good cause.
SLAM Attack: New Spectre-based Vulnerability Impacts Intel, AMD, and Arm CPUs https://thehackernews.com/2023/12/slam-attack-new-spectre-based.html #cybersecurity #infosec #privacy
Navigating the Blockchain Landscape: Unraveling Fundamentals, Applications, and Future Trends https://simeononsecurity.com/articles/exploring-the-world-of-crypto_-understanding-blockchain-technology/?utm_source=dlvr.it&utm_medium=mastodon #tech #cicd #continuousdelivery #infosec #devops

2023-12-09 RDP #Honeypot IOCs - 237 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec
Top IPs:
194.165.17.21 - 42
62.204.41.240 - 12
51.75.160.42 - 12
Top ASNs:
AS48721 - 54
AS396982 - 36
AS208091 - 15
Top Accounts:
hello - 84
Test - 48
Administr - 39
Top ISPs:
Flyservers S.A. - 63
Google LLC - 36
Xhost Internet Solutions LP - 21
Top Clients:
Unknown - 237
Top Software:
Unknown - 237
Top Keyboards:
Unknown - 237
Top IP Classification:
Unknown - 162
hosting - 57
mobile - 15
Pastebin links with full 24-hr RDP Honeypot IOC Lists:
https://pastebin.com/WruZt54t
2023-12-09 RDP #Honeypot IOCs - 158 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec
Top IPs:
194.165.17.21 - 28
62.204.41.240 - 8
51.75.160.42 - 8
Top ASNs:
AS48721 - 36
AS396982 - 24
AS208091 - 10
Top Accounts:
hello - 56
Test - 32
Administr - 26
Top ISPs:
Flyservers S.A. - 42
Google LLC - 24
Xhost Internet Solutions LP - 14
Top Clients:
Unknown - 158
Top Software:
Unknown - 158
Top Keyboards:
Unknown - 158
Top IP Classification:
Unknown - 108
hosting - 38
mobile - 10
Pastebin links with full 24-hr RDP Honeypot IOC Lists:
https://pastebin.com/mwv9TQRg
2023-12-09 RDP #Honeypot IOCs - 79 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec
Top IPs:
194.165.17.21 - 14
62.204.41.240 - 4
51.75.160.42 - 4
Top ASNs:
AS48721 - 18
AS396982 - 12
AS208091 - 5
Top Accounts:
hello - 28
Test - 16
Administr - 13
Top ISPs:
Flyservers S.A. - 21
Google LLC - 12
Xhost Internet Solutions LP - 7
Top Clients:
Unknown - 79
Top Software:
Unknown - 79
Top Keyboards:
Unknown - 79
Top IP Classification:
Unknown - 54
hosting - 19
mobile - 5
Pastebin links with full 24-hr RDP Honeypot IOC Lists:
https://pastebin.com/EWWwbjpg
Happy Saturday, guys... We're doing more #AdventOfCyber things on #TryHackMe tonight. Haven't decided what I'm doing on stream afterwards tonight. Maybe #Fortnite or #GTA.
https://twitch.tv/kiribloodrose
https://www.youtube.com/watch?v=UTZu06t3LKc
Microsoft warns of Cactus ransomware actors using malvertising to infect victims https://therecord.media/cactus-ransomware-actors-using-malvertising-microsoft #cybersecurity #infosec #privacy

Some push notifications you receive are encrypted and some are not. There’s no clear way for users to know which are which. All the push notifications are relied through servers at Google or Apple, who would have access to any unencrypted content.
Just like how law enforcement can access the metadata in phone records, push notification data can be requested as well.
#security #infosec https://mastodon.social/@arstechnica/111540177701814450
WordPress Releases Update 6.4.2 to Address Critical Remote Attack Vulnerability https://thehackernews.com/2023/12/wordpress-releases-update-642-to.html #cybersecurity #infosec #privacy
@juliewebgirl watched it last night. As an #infosec professional, it had a lot in it that I've been thinking about. Woke up thinking about it; that kind of movie. Fairly well done.
Meta defies FBI opposition to encryption, brings E2EE to Facebook, Messenger https://arstechnica.com/?p=1989426&utm_source=dlvr.it&utm_medium=mastodon #cybersecurity #infosec

Hanging out in my office catching up on #TryHackMe's #AdventOfCyber2023 while my son is going to the new Studio Ghibly movie on this side of town with some friends.
I can tell that the capture the flag challenges that I have been doing for fun and the exercises from last year's Advent of Cyber have had an effect. I haven't felt lost yet *and*, more importantly, I haven't had to watch a video walk-thru of any of the challenges so far (though I will, if need be).
We Develop Useful Apps for Windows and Android that Increase the Daily Productivity of many People. (If you love "Simplicity, Functionality and Productivity", then our Apps are a Must for you!) [Android Apps from Amazon Appstore can be installed in Windows 11]
.
Microsoft Store:
https://apps.microsoft.com/search/publisher?name=25%2F8
.
Amazon Appstore:
https://www.amazon.com/s?rh=p_4%3AWindows+Portable+Apps
.
Official Web Page:
https://windowsportableapps.blogspot.com
.
#windows11 #windows10
#Android
#Infosec #netsec #cybersec #CyberSecurity
#Encryption
#passwordmanager
#Akumin undergoes two cyber attacks in less than a month: thousands of PHI and PII data still in the hands of BlackSuit and BianLian

Maybe not really #infosec related, but how and where would I start to find some #osint about a domain / site. Whois has nothing. In particular it’s about this site: https://helopal[.]club
What’s it doing? Collecting data? Who’s behind it? I can’t find ANY company related to this. Read the privacy and terms but still clueless. And how do I convince my 10yr old to not enter here data on every crap site?
Founder of Bitzlato Cryptocurrency Exchange Pleads Guilty in Money-Laundering Scheme https://thehackernews.com/2023/12/founder-of-bitzlato-cryptocurrency.html #cybersecurity #infosec #privacy
So @josephcox digs into a very scary story about a stalker and his fake warrants. The woman is safe.
This is not just about them, sadly. It illustrates the ease with which phone companies can turn their customers into victims by not having any vetting process. I hope there are consequences to this horrible lapse of judgement.
Kudos to subscriber-supported https://www.404media.co, for bringing the tech and #infosec investigative journalism we need.
https://www.404media.co/verizon-gave-phone-data-to-stalker-edrs-search-warrant-pose-as-cop/
Anyone watch "Leave the World Behind" on Netflix?
Apocalyptic cyberattack film starring Julia Roberts, Ethan Hawke, Mahershala Ali, Kevin Bacon...
...Did you know it was produced by Barack & Michelle Obama?
Am I the only one who finds this interesting?
🤔
Kaneva - 3,901,179 breached accounts #cybersecurity #infosec #privacy
Europe Reaches a Deal on the World’s First Comprehensive AI Rules https://cyberfeed.io/article/2ff9fdd0ff5885457533526158ff509f #cybersec #security #infosec #cybersecurity
🚨New ransom group blog post!🚨
Group name: rhysida
Post title: Qatar Racing and Equestrian Club
Info: https://cti.fyi/groups/rhysida.html
#ransomware #cti #threatintelligence #cybersecurity #infosec
US indicts alleged Russian hackers for years-long cyber espionage campaign against Western countries https://techcrunch.com/2023/12/07/us-indicts-alleged-russian-hackers-for-years-long-cyber-espionage-campaign-against-western-countries/?utm_source=dlvr.it&utm_medium=mastodon #cybersecurity #infosec

. @bsidessf 2024 is still soliciting submissions to its CFP: https://bsidessf.org/cfp
INFORMATIONAL TRACK (Closes 2024-01-08)
- Presentation, General - 30m regular presentation format
- Presentation, Deep Dive - 45m extended presentation format
- Panels - 45m, 1 facilitator + 3-4 expert panelists
COLLABORATIVE TRACK (Closes 2024-02-05)
- Workshops - 120m interactive teaching session / lab
- Villages - all-day topical dedicated spaces, with hands-on activities
- Birds of a Feather (NEW!) - 45m informal topical roundtable discussion
(Some of you may or may not be aware that I run BSidesSF Program Operations in my spare time. This year Astha returns as Program Chair, running the review committee and curating content for the informational track; Crystal and Aaron returning to oversee and curate villages; and Yash and Julia providing additional operational support. I’m grateful to be working with a fantastic team for the 2024 program).
I encourage you to take part in the conference program for our 2024 event, taking place in beautiful San Francisco at the Metreon on May 4-5!
Our theme this year is "You can't spell dystopia without AI".
We are additionally still looking for sponsors: https://bsidessf.org/sponsors ; if you would like to support on an individual capacity, consider becoming a "Friend of BSidesSF" :). Security B-Sides is a federally recognized 501c3 nonprofit, run entirely by volunteers; your contributions are what allows us to throw such a great event pulling in 2000+ people every year.
Questions? E-mail info@bsidessf.org, program@bsidessf.org, or sponsors@bsidessf.org .
SEE YOU THERE!
(Mirrored from https://www.linkedin.com/posts/shharvey_bsidessf-2024-call-for-participation-activity-7139270619862355968-_dzO )
#bsidessf #bsides #bsidessf2024 #cfp #callforpapers #conference #conference2024 #sanfrancisco #sf #security #privacy #cyber #cybersecurity #infosec #rsac #rsac2024
Tuberville ends blanket military holds — but Cyber Command has to wait https://therecord.media/military-nominations-unblocked-senate-but-not-cyber-command-nsa #cybersecurity #infosec #privacy

New 5G attack named 5Ghoul can exploit Qualcomm, MediaTek chips
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/new-5g-attack-named-5ghoul-can-exploit-qualcomm-mediatek-chips-x-y-s-g-f/gD2P6Ple2L
@ernie I enjoyed using Beeper - but let’s be very clear - it was never more secure - it relies on each Apple user logging in to a remote Mac running in a DC somewhere in Europe (I know this as I received 2FA alerts when I tried to login) giving Beeper access your Apple account.
This means that your entire Apple #account - literally everything that is tied to it - is as secure as whatever practices Beeper implements.
There's plenty of ways to do that on a part-time, voluntary basis, but if this kind of thing enflames you enough to make a career out of it, here's a tenure-track job for an #infosec professor at #CitizenLab, fearless slayers of high-tech corporate ogres:
https://jobs.utoronto.ca/job/Toronto-Assistant-Professor-Information-Security-ON/576463017/
36/
FCX routers vulnerable to actively exploited flaw by botnets
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/fcx-routers-vulnerable-to-actively-exploited-flaw-cve-2023-49897-8-j-6-f-i/gD2P6Ple2L
The Differences Between DNS/Route-Based Email Security and Email Security Via API
https://www.hornetsecurity.com/en/podcast/api-email-security-vs-dns-route-email-security/
Firewall Rule Set and Configuration Review
https://youtu.be/7RmHwPrOUG4
Russia Backed Star Blizzard’s Infiltration Attempts in UK Elections Laid Bare https://thecyberexpress.com/russia-backed-uk-election-interference-exposed/?utm_source=dlvr.it&utm_medium=mastodon #cybersecurity #infosec

Hum #KeePassDX is not mentioned. I hope they know about this and work on a fix if needed.
Black Hat Europe 2023: #cybersecurity #infosec https://www.blackhat.com/eu-23/
#BlackHatEurope: Security researchers develop AutoSpill attack that steals credentials from #Android password managers #cybersecurity #infosec https://www.bleepingcomputer.com/news/security/autospill-attack-steals-credentials-from-android-password-managers/ @BleepingComputer @billtoulas
OpenCms vulnerable to unauthenticated XXE (XML External Entity) vulnerability
#cybersecurity #infosec #advisory #talkwalker
https://beyondmachines.net/event_details/opencms-vulnerable-to-unauthenticated-xxe-xml-external-entity-vulnerability-d-2-k-x-a/gD2P6Ple2L
I was shocked witnessing someone logging into their bank on the phone in public recently:
1. Their phone’s big display was at full brightness so everyone around could see what they were doing.
2. They typed their password in, so no password manager. Unsurprisingly the password was weak: 5 lowercase letters and 1 numeric character.
3. They didn’t have any kind of 2FA set up!
How on earth is this still happening?! 🤦
This dumb password rule is from Banco Nacional (Costa Rica National Bank).
Between 8 and 16 characters.
Must have 4 numbers and 4 letters.
Must not contain same letter or number in consecutive order.
Can't contain vowel letters neither the letter Ñ.
Password can't be the same as the previous 6 used.
https://dumbpasswordrules.com/sites/banco-nacional-costa-rica-national-bank/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
#WordPress Patches POP Chain Flaw That Exposed Over 800M+ Websites to Attack #cybersecurity #infosec https://gbhackers.com/wordpress-pop-chain-flaw/
Want to win a free seat in ALL my training courses, $500 worth of tech books, a Cliff Stoll signed Klein bottle, and a lot more?
Here's your chance, and all you have to do is donate $20 to charity.

Here is the article/blog post for my talk at #H2HC today: https://rcvalle.com/blog/2023/12/09/llvm-cfi-and-cross-language-llvm-cfi-support-for-rust/
Interesting reading on Tapo TC60 Smart Security Camera reverse engineering and exploitation
https://medium.com/@two06/hacking-a-tapo-tc60-camera-e6ce7ca6cad1





Privacy Not Included - car manufacturer Nissan - “They come right out and say they can collect and share your sexual activity, health diagnosis data, and genetic information and other sensitive personal information for targeted marketing purposes.” https://foundation.mozilla.org/en/privacynotincluded/nissan/ #infosec #privacy
FXBG Hackers - 0x11 - January 3rd 2024 @ 7pm
https://meetups.infosec.exchange/events/0ef4a470-d418-4fc6-af2a-9b41ee138dab
The European Space Agency Explores Cybersecurity for Space Industry https://www.darkreading.com/ics-ot-security/european-space-agency-explores-cybersecurity-space-industry?utm_source=dlvr.it&utm_medium=mastodon #cybersecurity #infosec

If you have #EntraID or #Microsoft365 and you have #Apple #macOS in your environment (hint everyone does), the session @_michaelepping, Sean Rabbit from JAMF and I did at their #JNUC conference this year is finally up on YouTube. You can find the session at https://youtu.be/D9-4miD-3pM?si=AU_pCsR-jwaQ8OZr. If you haven't paid attention to this space you really should be. Either your #macOS user experience is probably pretty poor or you have security gaps because you've been excluding them from your policies. It doesn't have to be that way. We'll cover how you can make sure you are following best practices from a security and an end user experience. #Infosec
From yesterday. But the US HHS is seeking public comments on this (document linked below.) #infosec
HIPAA needs to be updated to stop the current abuse of personal health data. Better late than never.
HHS proposes new #cybersecurity requirements for hospitals through HIPAA, Medicaid and Medicare https://therecord.media/hhs-proposes-cyber-requirements-for-hospitals @therecord_media @jgreig
Here is the proposed HHS strategy: https://aspr.hhs.gov/cyber/Documents/Health-Care-Sector-Cybersecurity-Dec2023-508.pdf
@reswob A perennially valid idea…
Aside from the special case of motivated targeted attacks (i.e. YOU specifically are on someone’s attack list for external reasons) the most efficient way to evade harm is to be noticeably different from the predominant “low hanging fruit" of the world. You don't even need to be demonstrably *better* in your responses, just enough to break one step in an unsupervised attack chain.
#InfoSec
Well, well. It's Friday and time for another odd tale of yesteryear. Or yestercentury. An odd tale from #defcon involving a few beers, uninhibited buzzed Feds, the Clintons, and a swimming pool. You might need a tin foil hat for this one...
https://www.markloveless.net/blog/2023/12/8/fun-friday-but-her-emails
I have read about the recent WordPress vulnerability this week https://wordpress.org/news/2023/12/wordpress-6-4-2-maintenance-security-release/ https://socradar.io/latest-alerts-for-wordpress-pop-chain-leading-to-site-takeover-backdoor-distributing-phishing-campaign/
But I have a hard time estimating how trivial it is to exploit, any idea about that? #infosec
Vulnerability in Microsoft Edge allows code smuggling
Also, Microsoft snuck in a change in their release notes that turns on a feature to share your search history with outside sites by default. You've got to manually turn it off if you don't want it.
https://stackdiary.com/vulnerability-in-microsoft-edge-allows-code-smuggling/
India sued, forcing Reuters to take down a story they published. “How an Indian startup hacked the world” https://www.reuters.com/investigates/special-report/usa-hackers-appin/
Oh dangit https://web.archive.org/web/20231116164611/https://www.reuters.com/investigates/special-report/usa-hackers-appin/ #infosec
RCE and LPE in a wide range of Mitel Unify #OpenStage and #OpenScape VoIP phones with default config: https://www.pentagrid.ch/en/blog/rce-and-local-root-in-openstage-and-openscape-phones/ #itsecurity #infosec #pentesting #voip #unify
“Wake up babe! New modem vulns dropped that affect everyone we know.”
https://www.5ghoul.com
#5Ghoul #infosec #memes
Affected Devices
https://docs.google.com/spreadsheets/d/13TQDN0wWWEOaBlj3RJfxoeOM92vqE4B5qihzvGg-qQM/htmlview

#AdventOfBloggers 7/24 : Sector 035!
#100DaysToOffload : 93/100
North Korean Hackers Have Stolen Over $3 Billion in Cryptocurrency: Report https://www.securityweek.com/north-korean-hackers-have-stolen-over-3-billion-in-cryptocurrency-report/?utm_source=dlvr.it&utm_medium=mastodon #cybersecurity #infosec

🚨 New #Linux Trojan Alert!
Meet "Krasue," a stealthy remote access trojan targeting Thai telecom companies. Krasue relies on a rootkit derived from open-source projects to maintain persistence.
https://thehackernews.com/2023/12/new-stealthy-krasue-linux-trojan.html

@ljrk @lexd0g It's worse because #Passkey brick a lot of workflows and systems as an addon-layer instead of fixing the core problem.
And the core problem is that #ITsec, #OpSec, #ComSec and #InfoSec are just "Afterthoughts" at best for all but the most #TechLiterate.
Using i.e. #PGP encryption and login on everything [and not as a "password replacement"] would be a way better fix.
Just like @torproject does a self-signing namespace on #OnionServices.
Again, not perfect but better than #SSL!
Join us live for DEFENDER FRIDAYS tomorrow at 10:30am PT/ 1:30pm ET with special guest @_lennart of @nzyme on detecting DNS exfiltration.
Register now! https://limacharlie.io/defender-fridays

Them: What creds do you have to do OSINT?
Me: Absolutely none. I just wander around the internet for funsies.
Them: I meant credentials.
Me: I'm aware.
#infosec #tech #technology #security #safety #privacy #smallbusiness #consultant #OSINT
The Polish Cyber Command (DKWOC) partnered with Microsoft to take action against a Russian-based nation-state threat actor tracked as Forest Blizzard (also known as APT28 and Fancy Bear)
I have exciting news. My new O'Reilly book Hacker Culture: A to Z (which is already available in paperback and eBook) will be available in audiobook format on January 9th 2024.
You should be able to preorder the audiobook from audiobooks.com, Google Play, Barnes & Noble, and other retailers about 30 days before publication. Which means very soon.
I will share preorder links very soon. #tech #cybersecurity #infosec #hacking


I truly do not understand the trend of mass shootings, in that I don’t understand why the shooters themselves chose this path - especially since it nearly always ends with the shooter being gunned down by law enforcement. Now since most of my followers on this platform are #infosec I am not expecting answers here beyond speculation, but if you are aware of serious psychological studies by reputable sources I’d love to read them.
While a few apps such as Signal, iMessages, WhatsApp, and Threema encrypt the payload of their push notifications end-to-end, many other apps don't encrypt the payload. This includes most email apps and most apps in the social networking and shopping categories.
Jako uzupełnienie dyskusji o hakowaniu pociągów bardzo polecam ostatni wpis na blogu @gynvael
https://gynvael.coldwind.pl/?id=777
Krótko mówiąc, jeśli firmware w poszczególnych pociągach został zrekompilowany (jak sugeruje Newag), to porównując jego kod źródłowy z oryginalnym, zobaczymy wyraźne ślady (artefakty), których nie da się uniknąć ani zatrzeć.
In my team we have openings for #developer focused on #offensive / #redteam development. You will help to make the research and education sector better (focused specially for #sweden) with your skills and write all #opensource tools.
https://vr.se/sidfot/arbeta-hos-oss/lediga-jobb.html?rmpage=job&rmjob=441&rmlang=SE #python #sverige #svenska #sunet #infosec
Ask me any question about the position or team and culture.
Please boost for more reach
Looking at the LogoFAIL white paper and I'm not connecting the "just about every device vulnerable" part of the headlines.
IIUC, vulnerable UEFI firmware has to support loading a custom logo from the EFI system partition. I can't find much vendor support for this?
The only documented method I've found is from HP: https://support.hp.com/au-en/document/c01646879
Do more vendors support this but don't document it?
Other "custom BIOS logo" tutorials I've found involve repacking a firmware image, in which case surely the logo is in the BGRT inside the firmware payload which is verified by Intel Boot Guard / Secure Boot before it's loaded. Isn't it?
The most beautiful #Wireguard #VPN Desktop Client has arrived in time for Saint Nicholas' Day!
Check it out and lots of new features in the 0.8 #release of defguard #opensource #enterprise #SSO and #VPN #security platform.
More at: https://github.com/DefGuard/defguard
Full release notes: https://github.com/DefGuard/defguard/releases
#SelfHosting #selfHosted #linux #freebsd #sysadmin #YubiKey #identity #keycloak #infosec #OPNSense #floss #macos #openvpn #homelab

"Recology’s Davis Recycling Center closed on Nov. 2, and remains shuttered by a cybersecurity breach.”
The Blue Team is charged with defending an organization against an array of technical security threats.
The Blue Team Diaries allow the reader to ride along with the Blue Team at Syntatic, a Seattle-based cloud company, who are charged with keeping millions of customer records safe.
Based on the author's real-world experiences, the diaries tell fictionalised versions of responding to actual security incidents. A must-read for anyone interested in computer security or the incident response field.
Read more about the book: https://infosecdiaries.com

@AlexandraB discovered more than 3,800 servers across more than 110 countries exposing the personal information of some 16 million patients. Aplite said they found patient names, genders, addresses and phone numbers, and in some cases Social Security numbers.
#zorg #datalek #infosec #dicom azure
Polish hackers figured out that a train manufacturer had programmed its trains to break down after certain dates, or if they were serviced at another company's workshop.
https://badcyber.com/dieselgate-but-for-trains-some-heavyweight-hardware-hacking/
attn @jon @echo_pbreyer
#trains #RighttoRepairEurope #InfoSec #railway #Poland #Polska
Hi #infosec community: any recommended practices for preventing a personal blog webpage from being dominated by crawlers?
The robots.txt seems largely ignored. Crawlers presently consume ~75% of resources according to the access logs.
I don't mind not being listed on any web search engines.
Would a basic auth work? Can one make the basic auth dialog show a message that provides the password hint in it, like "What is my first name?"
⚠️ Just got this e-mail from Blizzard. The Battle.net Authenticator will be DISABLED on January 5, 2024. 2FA will be removed, you can no longer login and your password will be reset automatically. All users must migrate their Battle.net Authenticator to the Battle.net Mobile App.
What could possibly go wrong? 🤯
If you have an active or inactive #WoW #Diablo #CoD or any other #Blizzard account, please check your account security.
More info: https://eu.battle.net/support/en/article/000347144
Time of the day where we play "Is it a misconfiguration or malware"
Skrev en liten #infosec-bloggpost om personvern og sikkerhetsovervåkning på jobben - litt mer balanse hadde ofte vært bra! https://safecontrols.blog/2023/12/05/can-enterprise-security-respect-privacy/
Gee, nobody could have foreseen this 🙄
Targeted Ads are a Cybersecurity Risk
As malvertising continues to rise, increasingly delivering #malware and redirecting users to #phishing websites, more and more websites plead with visitors to disable their adblockers. Even Google has responded harshly to adblockers across its platforms...
Should you always disable your adblocker when asked? I don't think you should - targeted ads have shown to be quite the security risk _on top of_ being invasive to your #privacy.
#cybersecurity #security #infosec #avoidthehack #ads #adblocking
My friends, the come has come once again. This holiday season, I'm giving away a golden ticket that grants free entry into ALL my training courses, a Cliff Stoll signed Klein bottle, and tons of other amazing prizes.
All you have to do to enter is donate $20 to the Rural Tech Fund or our local food bank and forward us the receipt. Every $20 gives you another entry.
You can see the full prize list and contest details here: https://ruraltechfund.org/goldenticket/

A WIRED investigation into internet censorship in US schools found widespread use of filters to censor health, identity, and other crucial information. Students say it makes the web entirely unusable.
Analysis of more than 117 million censorship records confirms what students and civil rights advocates have long warned: Web filters are preventing kids from finding critical information about their health, identity, and the subjects they’re studying in class.
https://www.wired.com/story/inside-americas-school-internet-censorship-machine/