Now that Twitter is rate limiting access, and more users who create Twitter's content are leaving, I wonder how this will impact all of those so-called "Threat Intel" companies? I know of at least one which was likely getting most of it's data from Twitter searches. I'm guessing most of these companies will pay for the Blue Checkmark to retain access to Twitter's now Premium API, but what's the point if the users who create the data are leaving? The second option is moving their data-mining operations over to ActivePub, except ActivePub isn't curated by fancy algorithms, it's just a raw fire hose. #infosec#twitter#business#threatintel
Going through this excellent book by Shaun Pinner, much recommended! There’s many lessons to learn from this book but from my #infosec angle there are a few. Firstly, always keep an off-line maps app on your phone (I use OsmAnd). As a test — switch on airplane mode and try to survive for a day. Can you still navigate from point A to point B? Secondly, keep your social media profiles friends-only access. Thirdly, don’t keep any passwords in memory - it’s a bad practice from security point of view anyway, but I never thought about the interrogation angle. A password manager locked with biometrics and PIN and random passwords everywhere will prevent you from finding yourself in situation where you’ll be begging your interrogators to check another password because you might have remembered wrong.
At least 18 different malicious extensions (as of 30 MAY and this post) identified by @WPalant
Remember extensions have privileged access to the browser (and data in the browser). Choose your extensions wisely... they could be #spyware or #malware in disguise.
It'll be announced at midday UTC today (10th Oct 2023).
If there isn't an update you can deploy quickly for your affected services immediately (there should be for the better known software, they've had advance notice) then you should consider disabling the affected element until there is.
Can't share more right now but it's important so don't forget (& tell your friends!).
I’m waiting extremely patiently for this device to replace my classic iPod I’ve repaired and modified to have a 3,000 mAh battery and also use an SD card. This is EXACTLY what I’ve been wanting in a music player. Simple, high quality audio, repairable, and no connectivity more than I need to just play music, no internet necessary. #ipod#music#opensource#arduino#cybersecurity#infosec https://www.crowdsupply.com/cool-tech-zone/tangara
"Mike #Johnson and His Son Monitoring Each Other’s Porn Intake Is Worse Than You Think"
“A US Congressman is allowing a 3rd Party tech company to scan ALL of his electronic devices daily and then uploading reports to his son about what he’s watching or not watching, who else is accessing that data"
If I read this right, @signalapp, @torproject, and other well-known #privacy-centric communications systems were largely funded by and aligned with Western covert #intelligence agencies, for the purpose of aiding dissidents of enemy governments while centralizing secret traffic onto networks the intelligence community could subvert.
Only now they’re unhappy that Western citizens use them and so have pulled #SignalApp’s funding.
Please note that the videos are still processing and therefore may not have subtitles yet. If the autogenerated ones are really bad, which wouldn't surprise me, I have infrastructure in place to do better, just let me know if it's a blocker for you and we'll sort it out. I really hope the #infoSec community as a whole can learn from this, and that it paves the way forward for better #accessibility for these kinds of challenges going forward. I'm not asking for too much here, it's about time this industry moves into the 21st century where this is concerned. Let's make it happen! :)
Polish hackers figured out that a train manufacturer had programmed its trains to break down after certain dates, or if they were serviced at another company's workshop.
> Germany has admitted the apparent [compromise] by Russia of a military meeting where officers discussed giving Ukraine long-range missiles - and possible targets.
> According to Der Spiegel magazine, the videoconference was not held on a secret internal army network but on the WebEx platform.
🤡
There's an infosec person somewhere who is really trying hard not to go: "I fucking told you this would happen". 👀
Hey it's totally cool that #Microsoft#GitHub blocked access to one of the repositories in the very center of the #xz backdoor saga. :blobeyes:
It's not like a bunch of people are scrambling to try and make sense of all this right now, or that specific commits got linked to directly from media and blogposts and the like. :blobcatcoffee:
Great! TransUnion, whom I have the pleasure of receiving free credit monitoring from due to the MGM Casino breach in Sept, has a policy of only allowing 15 characters or less. Not like anything important is on the line or anything. Oh, they get bonus points for letting me skip the password with a trivial security question! #InfoSec#NotAFeature@boblord@thorsheim