@tek@todon.eu avatar

tek

@tek@todon.eu

Technologist @ Human Rights Watch (previously Amnesty, Citizen Lab)

Malware, Threat Intelligence, Disinformation, Human Rights and silly memes.

Lives in France, may tweet in French sometimes.

This profile is from a federated server and may be incomplete. Browse more on the original instance.

tek, to random French
@tek@todon.eu avatar

Amnesty lance une campagne pour interdire la reconnaissance faciale en France, leur vidéo de lancement est très bien faite et flippante : https://www.youtube.com/watch?v=JEEOcwOAKng

tek, to random
@tek@todon.eu avatar

Really sad to read that Naomi Wu will stop her social media activities due to authorities pressure :/
Naomi Wu and the Silence That Speaks Volumes
https://www.hackingbutlegal.com/p/naomi-wu-and-the-silence-that-speaks-volumes

tek, to random
@tek@todon.eu avatar

I totally missed how much Meta has cut jobs in teams fighting against disinformation, it really doesn't look good :
A pro-Putin Facebook network is pumping French-language propaganda into Africa
https://theintercept.com/2023/08/03/russia-disinformation-africa-facebook/

tek, to random
@tek@todon.eu avatar

This is big : a state agency very likely forced Linode and Hetzner to setup a MITM to jabber.ru servers and they requested a new TLS certificate to decrypt the traffic
Encrypted traffic interception on Hetzner and Linode targeting the largest Russian XMPP (Jabber) messaging service https://notes.valdikss.org.ru/jabber.ru-mitm/

tek, to random
@tek@todon.eu avatar

CVE-2023-4863: critical security update in Google Chrome, exploited in the wild and reported by Apple and @citizenlab
Update time!
https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html

tek, to infosec
@tek@todon.eu avatar

Important change in iOS 17, old password are still active for 72h after they have changed, so changing the password is not enough to lock out someone who knows it. You can manually expire old passwords in the settings
https://support.apple.com/en-us/HT213849

tek, to random
@tek@todon.eu avatar

This is what we all owe to @AndresFreundTec this week
(found somewhere online, author unknown)

tek, to random
@tek@todon.eu avatar

Sex Workers Took Refuge in Crypto. Now It’s Failing Them.
Banks and payments companies have long penalized sex workers. Many thought crypto would be a solution, but now exchanges are dumping them too.
https://www.wired.com/story/sex-workers-crypto-failing-them/

tek, (edited ) to india
@tek@todon.eu avatar

India: Damning new forensic investigation reveals repeated use of Pegasus spyware to target high-profile journalists, by Amnesty Tech @donncha & @drwhax
https://securitylab.amnesty.org/latest/2023/12/india-damning-new-forensic-investigation-reveals-repeated-use-of-pegasus-spyware-to-target-high-profile-journalists/

tek, to random
@tek@todon.eu avatar

Yay, France, supporting more surveillance in India because $$$ 😑
http://www.milipolindia.com/

tek, to random
@tek@todon.eu avatar

The Qatargate Files:
Hundreds of leaked documents reveal scale of EU corruption scandal
https://www.politico.eu/article/european-parliament-qatargate-corruption-scandal-leaked-documents-pier-antonio-panzeri-francesco-giorgi-eva-kaili/

tek, to random
@tek@todon.eu avatar

Spain reopens a probe into a Pegasus spyware case after a French request to work together
https://apnews.com/article/technology-europe-barcelona-spain-hacking-38dcf5392b273f8e8447b0a9f62ed2f5

tek, to infosec
@tek@todon.eu avatar

New critical CVEs exploited in the wild and related to NSO fixed in iOS 16.6.1. Update your iPhones/iPads now!

https://support.apple.com/en-us/HT213905
https://citizenlab.ca/2023/09/blastpass-nso-group-iphone-zero-click-zero-day-exploit-captured-in-the-wild/

tek, to random
@tek@todon.eu avatar

@humanrightswatch is looking for a director for its Technology & Human Rights program. Deadline to apply is October 16th https://boards.greenhouse.io/humanrightswatch/jobs/6930445002

tek, to random
@tek@todon.eu avatar

If there is one report you should read about spyware and digital surveillance today, it is this one : Between a hack and a hard place: how Pegasus spyware crushes civic space in Jordan

https://www.accessnow.org/publication/between-a-hack-and-a-hard-place-how-pegasus-spyware-crushes-civic-space-in-jordan/

tek, to random
@tek@todon.eu avatar

Announcement time! After 4 years at Amnesty researching digital surveillance, I have decided to take a break with research and explore new challenges. I am joining the infosec team of Human Rights Watch where I will work on protecting the organization against all type of digital threats. Really excited to join a great organization and go back to some good defensive security.

tek, to random
@tek@todon.eu avatar

I hate media not linking research by other media while speaking about them. It is stupid and no one is winning from these little fights (yes I am looking at you Wired, but many media are doing the same)

tek, to random
@tek@todon.eu avatar

Last week, I did a training with 12 people in a room for 2 days. I had an airtag in my pocket and they all had modern android and iphones. None of them got alerts that there was an airtag following them, the truth is few people are keeping Bluetooth and GPS enabled all the time.

tek, to random
@tek@todon.eu avatar

Somehow NSO is still the lead sponsor of ISS World Europe 2024. After allowing so many abuses, I really thought the company would be bankrupt by now

tek, to OSINT
@tek@todon.eu avatar

The @GIJN guide on investigating digital threats is finally out! I wrote two chapters in it, one on digital surveillance and one on investigating digital infrastructures
https://gijn.org/gijn-reporters-guide-to-investigating-digital-threats/

tek, to random
@tek@todon.eu avatar

In first for Togo, RFS identifies spyware on phones of two Togolese journalists
https://rsf.org/en/first-togo-rfs-identifies-spyware-phones-two-togolese-journalists

tek, to random
@tek@todon.eu avatar

I am stopping my New York Times subscription because of emails like this "Many are killed in chaotic scene in Gaza"
Killed by who? Chaotic because of what?

tek, to random
@tek@todon.eu avatar

Are we having another webp vuln crisis?
New Chrome version yesterday fixing CVE-2023-5217, a heap buffer overflow in vp8 encoding in libvpx. libvpx is the VP8/VP9 implementation as part of the webm project
https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html

tek, to infosec
@tek@todon.eu avatar

We just updated public indicators associated with MVT to add the recent Predator domains published by @citizenlab
https://github.com/mvt-project/mvt-indicators/tree/main/intellexa_predator
Just do mvt-ios download-iocs to get the most recent list

tek, to random
@tek@todon.eu avatar

Ugh, I really like newsletters and I was enjoying reading on substack but it turns out that they are okay hosting literal nazis on their platform, WTF. Time to get out of substack
https://substack.com/@hamish/note/c-45811343

tek,
@tek@todon.eu avatar

Do you all know any good alternative to substack that actually has values?

  • All
  • Subscribed
  • Moderated
  • Favorites
  • megavids
  • thenastyranch
  • rosin
  • GTA5RPClips
  • osvaldo12
  • love
  • Youngstown
  • slotface
  • khanakhh
  • everett
  • kavyap
  • mdbf
  • DreamBathrooms
  • ngwrru68w68
  • provamag3
  • magazineikmin
  • InstantRegret
  • normalnudes
  • tacticalgear
  • cubers
  • ethstaker
  • modclub
  • cisconetworking
  • Durango
  • anitta
  • Leos
  • tester
  • JUstTest
  • All magazines
    •