@evacide@hachyderm.io
@evacide@hachyderm.io avatar

evacide

@evacide@hachyderm.io

Director of Cybersecurity
@EFF
/ Co-founder of
@stopstalkerware
/ These are my opinions, not my employers’ / I did a TED talk once

This profile is from a federated server and may be incomplete. Browse more on the original instance.

LukaszOlejnik, to random
@LukaszOlejnik@mastodon.social avatar

"The theft-prevention system installed in Seattle rental cars by a car-sharing company was designed to prevent cars being towed away by thieves. It disabled the cars remotely if they were detected to be moving with the engine off. Renters taking the boat ferry found themselves unable to restart their cars when the ferry docked. An anti-theft system in a car caused major delays to a regional ferry system" https://www.ft.com/content/178ab808-21ff-4ac2-a81f-f831326c22d4

mshelton, to random
@mshelton@mastodon.social avatar

I like how Elon's own community notes fact check him on @signalapp.

Mer__edith, to random
@Mer__edith@mastodon.world avatar

Anyone who cares about free speech & expression should be feeling cold blood in their veins as USG rushes to silence, censor, & brutalize those critical of Israel's extremist gov.

Bills like this are political weapons. Once forged, they will be wielded for much, much more.

https://forward.com/fast-forward/608308/gop-democrats-antisemitism-campus-israel/

andybaio, to random
@andybaio@xoxo.zone avatar

"Consent Mode is off by default" should be the unofficial motto of the tech industry. https://www.theverge.com/2024/4/15/24130832/limitless-ai-pendant-wearable-meetings

torproject, to random
@torproject@mastodon.social avatar

There is an urgent need for a global stance against the use of technology for oppression. Our latest blog post delves into the impact of Israeli surveillance technologies in Palestine and how localized instances of its use contribute to widespread acceptance and global adoption of such oppressive practices.
📰🔗 https://blog.torproject.org/surveillance-as-a-service-global-impact-of-israeli-defense-technologies-on-privacy-human-rights/

metacurity, to random

Fake LastPass password manager spotted on Apple’s App Store
https://www.bleepingcomputer.com/news/security/fake-lastpass-password-manager-spotted-on-apples-app-store/

mattburgess, to tech

NEW: WhatsApp will soon make it possible to chat with people who use other messaging apps. It's revealed some more details on how that will work.

— Apps will need to sign an agreement with Meta, then connect to its servers.
— Meta wants people to use the Signal Protocol, but also says other encryption protocols can be used if they can meet WhatsApp's standards
— WhatsApp has been testing with Matrix in recent months, although nothing is agreed yet. Swiss app Threema says it won't become interoperable

https://www.wired.com/story/whatsapp-interoperability-messaging/

agreenberg, to random

We fully expect to receive a takedown demand for this story. We also think the stakes of this anti-censorship battle are too high not to publish it anyway.

https://www.wired.com/story/appin-training-centers-lawsuits-censorship/

pinkflawd, to random

ICYMI BlackHoodie is going to Austin, on February 23rd in cooperation with @ringzer0 we're offering a free introduction to reverse engineering for women https://blackhoodie.re/Ringzer0_Bootstrap_2023/

campuscodi, to random
@campuscodi@mastodon.social avatar

Security researcher Andrew Hoog has put together Cybersecurity Incident Tracker, a portal that tracks cybersecurity incidents reported via SEC 8K forms.

https://www.board-cybersecurity.com/incidents/tracker/

mshelton, to random
@mshelton@mastodon.social avatar

Nice. @maxeddy at Wirecutter / @nytimes did a good writeup on recommended security keys. Spoiler: Yes, the top picks are USB Type-C and NFC-friendly YubiKeys. https://www.nytimes.com/wirecutter/reviews/best-security-keys/

briankrebs, to random

OMG this guy. Pwnd by press release.

https://police.gov.rw/media/press-releases/press-in-details/news/rnp-has-not-hired-jonathan-scott/

filippo, to random
@filippo@abyssdomain.expert avatar

This is not a carefully worded statement, but fuck Appelbaum, fuck the people who sheltered and supported him these past years, and fuck those who are allowing his unrepentant attempt at a comeback and putting people and communities at risk.

metacurity, to random

"In one of the coolest and more outrageous repair stories in quite some time, four white-hat hackers helped a regional rail company in southwest Poland unbrick a train that had been artificially rendered inoperable by the train’s manufacturer after an independent maintenance company worked on it."
https://www.404media.co/polish-hackers-repaired-trains-the-manufacturer-artificially-bricked-now-the-train-company-is-threatening-them/?ref=daily-stories-newsletter

signalapp, to random
@signalapp@mastodon.world avatar

We have no investors, no advertisers, nobody breathing down our necks demanding that we compromise on privacy for the sake of the bottom line. Signal is supported by you and your donations.

There are many ways to support Signal. You can donate in the app by going to Settings > Donate.

When you do, you’ll get a badge to display on your profile to show your support. You can also donate for a friend so they can display a badge on their profile.

lorenzofb, to random

NEW: David Vincenzetti, the founder of spyware maker Hacking Team, has been arrested.

Vincenzetti is accused of attempted murder. He allegedly stabbed a relative at his home, according to Italian media reports.

https://techcrunch.com/2023/11/29/founder-of-spyware-maker-hacking-team-arrested-for-attempted-murder-local-media/

mshelton, to random
@mshelton@mastodon.social avatar

For OpenNews Source, I wrote about advice for sharing security advice.

Tl;dr: it might sound obvious but we want to address two questions that are important for security guidance in particular:

  1. How are you learning what to prioritize for your audience’s needs? (Research? Hanging out at all the same meetups? What works for them?)
  2. What are your plans for how future audiences will receive this advice? (e.g., how will you let them know if the guidance is up to date?)
    https://source.opennews.org/articles/advice-sharing-security-advice/
nando161, to cyberpunk
@nando161@kolektiva.social avatar

"I have cochlear implants and I can only buy parts to fix them or upgrade then from 1 #corporation bc of tech exclusivity. upgrades to get new processors for both ears cost $23k & insurance only covers 90% (and it’s “good” insurance)"

#Cyberpunk #dystopia is already here for the disabled.

https://www.tumblr.com/nando161mando/734539390906499072/athelind-ironbound-oberon-i-have-cochlear

#classwar #eattherich #ausgov #auspol #tasgov #taspol #politas

campuscodi, to random
@campuscodi@mastodon.social avatar

Citrix has published a blog post to remind owners of NetScaler and ADC appliances to not only update its software but also wipe past user sessions. This step is necessary because threat actors who exploit the CitrixBleed vulnerability will steal authentication tokens that they can use later after the device has been patched.

https://www.netscaler.com/blog/news/netscaler-investigation-recommendations-for-cve-2023-4966/

lorenzofb, to random

NEW: After the terrorist attacks on Oct. 7, there has been a significant increase in honeypots deployed in Israel.

It's unclear who is deploying them, but it makes sense to deploy honeypots to keep an eye on hackers who may get involved in the conflict.

“I suspect folks learned the only way to really see what's happening is to spin up infrastructure and look,” one expert told us.

https://techcrunch.com/2023/11/20/thousands-of-new-honeypots-deployed-across-israel-to-catch-hackers/

lorenzofb, to random

There's been a third near-complete blackout of the internet in Gaza over the weekend. See data from IODA, Netblocks and Cloudflare Radar.

See:

  1. https://twitter.com/IODA_live/status/1721512948680577028

  2. https://twitter.com/netblocks/status/1721431793574826118

  3. https://twitter.com/CloudflareRadar/status/1721358248433869217

dominee, to random

Behold, @evacide showing the mastery to squeeze a 45min presentation into a 25min slot on the Swiss Cyberstorm conference with some magical lossless compression. Great keynote that woke me up better than coffee 😋

campuscodi, to random
@campuscodi@mastodon.social avatar

Two security researchers have found a vulnerability in the Nexus Android botnet and used it to gain access to its backend and gather intelligence on its operations.

https://www.virusbulletin.com/virusbulletin/2023/10/nexus-android-banking-botnet-compromising-cc-panels-and-dissecting-mobile-appinjects/

JosephMenn, to random

The Post’s story shows that new ally Vietnam tried to hack four members of Congress and others in the U.S., including a CNN anchor. Free link to our international collaboration: https://wapo.st/3RLBRPj

campuscodi, to random
@campuscodi@mastodon.social avatar

A threat actor is hacking Citrix NetScaler devices and modifying login pages to add a script that harvests login credentials.

The campaign appears to have started in early August and has compromised at least 600 NetScaler systems, according to IBM's X-Force security team.

https://securityintelligence.com/posts/x-force-uncovers-global-netscaler-gateway-credential-harvesting-campaign/

  • All
  • Subscribed
  • Moderated
  • Favorites
  • megavids
  • thenastyranch
  • rosin
  • GTA5RPClips
  • osvaldo12
  • love
  • Youngstown
  • slotface
  • khanakhh
  • everett
  • kavyap
  • mdbf
  • DreamBathrooms
  • ngwrru68w68
  • provamag3
  • magazineikmin
  • InstantRegret
  • normalnudes
  • tacticalgear
  • cubers
  • ethstaker
  • modclub
  • cisconetworking
  • Durango
  • anitta
  • Leos
  • tester
  • JUstTest
  • All magazines
    •