heiseonline, to random German

DiGA: Hacker offenbaren Sicherheitslücken in Depressions-App

Das Kollektiv Zerforschung konnte über eine Sicherheitslücke in der österreichischen Depressions-App Edupression auf sensible Gesundheitsdaten zugreifen.

https://www.heise.de/news/DiGA-Hacker-offenbaren-Sicherheitsluecken-in-Depressions-App-8989065.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege

itnewsbot, to science

Doctors Behind Mifepristone Ban Called ‘Christians’ a Top Threat - Leaked documents reveal that the American College of Pediatricians viewed “mainstream med... - https://www.wired.com/story/american-college-pediatrics-christian-threat/ #security/cyberattacksandhacks #business/nationalaffairs #conflictofinterest #science/health #security

unklar, to random
@unklar@mastodon.education avatar

Why Educational Institutions are Prone to Ransomware Attacks (and What They Can Do to Protect Themselves) -- THE Journal https://thejournal.com/articles/2023/05/04/why-educational-institutions-are-prone-to-ransomware-attacks.aspx
#education #school #teaching #learning #edtech #technology #security #ransomware #privacy

itnewsbot, to random

Ex-Uber Security Chief Gets Probation for Concealing 2016 Data Breach - A judge sentenced Joe Sullivan, the former chief security officer at Uber, to thre... - https://yro.slashdot.org/story/23/05/05/1354220/ex-uber-security-chief-gets-probation-for-concealing-2016-data-breach?utm_source=rss1.0mainlinkanon&utm_medium=feed #security

GrapheneOS, to random
@GrapheneOS@grapheneos.social avatar

GrapheneOS Apps (app repository client) version 20 released: https://github.com/GrapheneOS/Apps/releases/tag/20.

See the linked release notes for a summary of the improvements over the previous release and a link to the full changelog.

Forum discussion thread:

https://discuss.grapheneos.org/d/4862-grapheneos-apps-app-repository-client-version-20-released

#GrapheneOS #privacy #security #android #repository

ShopwareDevs, to random
@ShopwareDevs@phpc.social avatar

We just released #shopware 6.4.20.2 as #security release: https://www.shopware.com/en/changelog/#release-6-4-20-2

avoidthehack, to infosec

Promising Jobs at the U.S. Postal Service, ‘US Job Services’ Leaks Customer

From @briankrebs

These websites were already dodgy, "promising" users that they'll be able to get a job working for USPS.

Now data (like credit card info) has been leaked online. Misconfigured database?

https://krebsonsecurity.com/2023/05/promising-jobs-at-the-u-s-postal-service-us-job-services-leaks-customer-data/

itsecbot, to random

Cisco phone adapters vulnerable to RCE attacks, no fix available - Cisco has disclosed a vulnerability in the web-based management interface of Cisco SPA112... https://www.bleepingcomputer.com/news/security/cisco-phone-adapters-vulnerable-to-rce-attacks-no-fix-available/ #security #hardware

itnewsbot, to random

Hackers Hit Dallas City Servers, Limiting Some Police and IT Systems - Dallas is experiencing IT and police communication outages following a ransomware ... - https://it.slashdot.org/story/23/05/04/1632233/hackers-hit-dallas-city-servers-limiting-some-police-and-it-systems?utm_source=rss1.0mainlinkanon&utm_medium=feed #security

thisismissem, to random
@thisismissem@hachyderm.io avatar

Just saw someone implementing user authentication for an #E2EE application by taking the users password, running it through libsodium's crypto_pwhash with a fixed salt derived from the user's email address, before sending the (email, hash) pair to the remote server.. and I'm just like "is this secure?"

I'd always thought you'd want a construct like SRP6a for conducting the authentication between client & server (without the server learning the user's password)... #security #cryptography

itsecbot, to random

Ransomware gang hijacks university alert system to issue threats - The Avos ransomware gang hijacked Bluefield University's emergency broadcast system, "Ram... https://www.bleepingcomputer.com/news/security/ransomware-gang-hijacks-university-alert-system-to-issue-threats/

acrypthash, to fediverse

Maybe I am missing the location or it simply doesn't exist, but is there a way to make my account private? I'd like to not have all my post exposed when simply browsing to my profile when not signed into an account or following.

strypey, to random
@strypey@mastodon.nzoss.nz avatar

The were warning of this in the 90s:

"Export controls and usage controls [on cryptographic software] are slowing the deployment of security at the same time as the Internet is exponentially increasing in size and attackers are increasing in sophistication. This puts users in a dangerous position as they are forced to rely on insecure electronic communication."

https://datatracker.ietf.org/doc/html/rfc1984

to @onepict for pushing us to read this.

itnewsbot, to random

How to use Google passkeys for stronger security on Android - Still signing into your Google account by tapping out an actual password? That's, like... - https://www.computerworld.com/article/3695076/google-passkeys-android-security.html#tk.rss_all #security #android #google

itnewsbot, to random

Thermal Camera Plus Machine Learning Reads Passwords Off Keyboard Keys - An age-old vulnerability of physical keypads is visibly worn keys. For example, a ... - https://hackaday.com/2023/05/04/thermal-camera-plus-machine-learning-reads-passwords-off-keyboard-keys/

smallcircles, to random
@smallcircles@social.coop avatar

Ultra weird. I pasted a toot by @arinbasu1 in #Google Translate. This one: https://social.arinbasu.online/objects/8af7f48d-ac82-47e8-9c3b-7e9cd691c4f9

And the auto-detect didn't work, and provided a totally BS Dutch translation more indicative of some dodgy #spam 😱

WTH happened? I might have some malign #Firefox extension injecting that, but I only installed official and trustworthy ones.
#AskFedi #Security

(Also in English translation for the img caption it capitalized one occurence of "How To Make Your Money" that was lower-case in Dutch)

abishek_muthian, to random

Just because of the basic security features of my de-googled FOSS Android phone; None of the Govt. apps works.

They're like, You wouldn't give me location/storage access? Then I won't start 😡

You have background network restrictions? I feel sick 🤮

You wouldn't allow me to fingerprint your device with IMEI? I'll just die 😵

Good riddance, As long as they have websites I'll manage with Firefox + uBlock Origin.

#lineageos #privacy #security #mastindia

dimi, to random
@dimi@techforgood.social avatar

#ChatGPT #OpenAI confirms data breach...

#security #AI #cyber

https://securityintelligence.com/articles/chatgpt-confirms-data-breach/

mitexleo, to opensource

Imagine a investigative news website without any kind of Trackers ......

Well , You can't !

avoidthehack, to infosec

1Password explains scary Secret Key and #password change alerts

https://www.bleepingcomputer.com/news/security/1password-explains-scary-secret-key-and-password-change-alerts/

According to 1Pass, due to service maintenance/disruption - not a #security breach.

#cybersecurity #informationsecurity #infosec #1password #1pass

itsecbot, to random

City of Dallas hit by Royal ransomware attack impacting IT services - The City of Dallas, Texas, has suffered a Royal ransomware attack, causing it to shut dow... https://www.bleepingcomputer.com/news/security/city-of-dallas-hit-by-royal-ransomware-attack-impacting-it-services/ #security

techlore, to random
@techlore@social.lol avatar

Many apps on your phone come with invasive trackers that are difficult to deal with! Our newest #privacy & #security guide teaches how to find trackers and what can be done about them - thanks to tools like @exodus 🫡

Go check out the guide now: https://youtu.be/ZCnf03ukCig

alexkidman, to random
@alexkidman@aus.social avatar

Google's added passkeys as a way to get into your Google Accounts. But... what's a passkey? Here's my explainer covering how they work and how they differ from passwords:

#Passwords #Security #Authenticator #Google

https://alexreviewstech.com/googles-making-google-accounts-passkey-compatible-but-whats-a-passkey/

QRSS_Test, to infosec
@QRSS_Test@mastodon.sdf.org avatar

Anyone else just get a “Rapid Security Response” update on iOS 16.4.1? #Apple #security #infosec

danie10, to random
@danie10@mastodon.social avatar

Google accounts now support passkeys to replace your password and 2FA: Expect teething problems though

Starting today, Google users can switch to passkeys and ditch their passwords and two-step verification codes entirely when signing in.

Passkeys are a safer, more convenient alternative to passwords being pushed by Google, Apple, Microsoft, and other tech ...continues

See https://gadgeteer.co.za/google-accounts-now-support-passkeys-to-replace-your-password-and-2fa-expect-teething-problems-though/

#passkeys #security #technology

  • All
  • Subscribed
  • Moderated
  • Favorites
  • JUstTest
  • ngwrru68w68
  • everett
  • InstantRegret
  • magazineikmin
  • thenastyranch
  • rosin
  • Durango
  • ethstaker
  • Youngstown
  • slotface
  • khanakhh
  • kavyap
  • DreamBathrooms
  • Leos
  • osvaldo12
  • tacticalgear
  • cubers
  • cisconetworking
  • anitta
  • provamag3
  • modclub
  • mdbf
  • GTA5RPClips
  • tester
  • megavids
  • normalnudes
  • lostlight
  • All magazines
    •