One of the world's largest online travel agencies, Booking.com, is being used by fraudsters to trick hotel guests into handing over their payment card details.
How do I know? The fraudsters tried the trick with me.
it-sa 2023 in Nürnberg: Großer Andrang in unserer Speaker’s Corner beim Vortrag „Cyber-Angriffe abwehren: Wie auch KMU sich effektiv schützen können“
Manuel Bach, Leiter des Referates „Cyber-Sicherheit für KMU“, stellte die aktuelle Bedrohungslage für kleine und mittlere Unternehmen dar, gab Tipps und Tricks zum Schutz vor Cyber-Angriffen und stellte den neuen CyberRisiko-Check vor. Den Vortrag gibt’s noch einmal am Donnerstag, 12.10.2023 um 11.15 Uhr live beim BSI, Halle 7a, Stand 618.
Reminder about Mastodon "private" messages. Aside from not being end-end-encrypted (and so visible to instance administrators), they CC anyone @-mentioned ANYWHERE in the body of the message (not just those listed at the start).
They are now called "private mentions" rather than "private messages", but if you don't fully understand the semantics, this behavior may be unexpected and/or cause unpleasant side effects.
Huh. iOS 17 allows you to keep using your old passcode for 72 hours after you’ve changed it.
That seems like a non-ideal thing to do by default. And it certainly seems like something that should be highlighted really prominently when changing the passcode 🤔
If you ever want to feel depressed about humanity, just do a search for things like #newbadge on your social media platform of choice. I found this one on #Facebook. This guy works for a bank.
Don't be this guy. He could be impersonated, or this picture could be used as a template to forge a fake ID complete with a valid barcode to gain access to bank facilities or infrastructure.
I censored the bar code and ID#, they were visible in the original.
ShadowDragon: Feeding the mass surveillance machine by tracking people who play Fortnite (and probably, I guess, other popular online games), scraping images from BabyCenter (a site for expectant parents), and social media sites for the Black community, the bodybuilding community, and others.
ShadowDragon also has the capability to monitor/scrape information from hundreds of social media sites/games/websites. Who plays a game and expects to end up in an ICE database?
#Telegram strikes again with documents from Dutch authorities saying that they can request hidden phone numbers and IP addresses at any time. Again, Telegram still claims on their homepage that they never gave up any data when that's not true at all, also for past requests like the one from the German police a while back.
Any of you fedi wizards that know of good account to follow to learn more about #cybersecurity, #infosec, #opsec etc? I'd follow the tags, but I've often found that following big tags drowns my entire feed in one topic
The Wing Loong-10 is a series of ChiCom unmanned aerial vehicles of the High-Altitude Long Endurance type, featuring some stealth characteristics. As of 2017, it is being developed by the Chengdu Aircraft Industry Group for reconnaissance and precision strike missions.
Looks to have landed at Foshan (ZGFS)
CAIG Wing Loong-10 UAV using callsign 00CA6181 and hex code #783132 passing over Hezhou
Chi likes to fly it at 39,400 next to Taiwan. At that altitude, this platform had a complete view of the entire island of Taiwan for about an hour and a half. 1/2 #ADSB#783132
"Wir müssen in der Detektion umfassend und in der Reaktion schneller werden".
Bla Blubb. Macht mal mit Microschrott und allen Daten auf US Servern auch noch.
Thema Cyberangriffe auf die deutsche kapitale Idiotie im DLF. Muss doch lachen.
@geist Sorry, aber dass Microsoft nicht wegen illegaler Agententätigkeit für einen ausländischen Geheimdienst zwangsweise geschlossen und des Landes verwiesen wurde sagt doch alles über die lachhafte #ITsec, #InfoSec, #OpSec & #ComSec der Bundesregierungen aus...
I'd really like to know why some of the most important and influential #infosec conferences have decided that it's totally a-OK to host their event in the kingdom of Saudi Arabia, whose leader personally ordered his security staff to detain, and torture to death a US-based reporter who exposed corruption in the kingdom.
If you feel strongly that the #infosec industry should stand by its principles, demand that Informa PLC end the practice of hosting #BlackHat in Saudi Arabia.
The sheer fact that they choose to host their event in a location that would literally murder me for existing [and I'm just a white heterocisbinary dude] disqualifies said conference from being anything but a #shitshow that'll make it trivial for the islamofacist regime to earmark anyone with any #ITsec, #InfoSec, #OpSec and #ComSec skills for #surveillance with #Govware like #Pegasus as well as #harrassment...