bengillam, to infosec
@bengillam@mastodon.social avatar

Apple People / #infoSec people lend me your ears.

My wife got a fraud call from the bank today. Took a while to get to the bottom of it at first we weren’t sure if it was a genuine bank call. She then called in herself and indeed there was a dodgy transaction using Apple Pay about 3pm this afternoon nowhere near us in a clothes shop. We can’t work out how it’s happened, she’s not given anyone any info bank auth number for adding cards is correct and making payments need biometrics. Any ideas?

0x58,

@bengillam How much was t he transaction? I've seen similar patterns with transactions around $4, 10$ ~$25-30...

bengillam,
@bengillam@mastodon.social avatar

@0x58 Only £21 this time and it got rejected bank have replaced her card and I’ve got her to change passwords for Apple ID and bank password and memorable word. Not sure what else we can change

0x58, to infosec

🔥 Hot off the press! Co-authored blog with esteemed colleague Sambit Misra on #IBM SecurityIntelligence.com about SaaS Security Posture Management: *"Is Your Critical SaaS Data Secure?"*¨

#cybersecurity #infosec #riskmanagement #saas #appomni

https://securityintelligence.com/posts/is-your-critical-saas-data-secure/

tek, to infosec
@tek@freeradical.zone avatar

#infosec friends: what do you wish your security engineering + compliance + IT department was called?

Requirements: accurate, looks good on an org chart, looks good on a tshirt, and you’d want to tell your colleagues about it.

tek,
@tek@freeradical.zone avatar

@thegibson What was it?

Yeah, we get to name ourselves. I don’t intend to let that culture change any time soon.

0xor0ne, to infosec

Nice series on ARM (64 bit) assembly by @ch0pin

Basic definitions and registers: https://valsamaras.medium.com/arm-64-assembly-series-basic-definitions-and-registers-ec8cc1334e40
Offset and Addressing modes: https://valsamaras.medium.com/arm-64-assembly-series-offset-and-addressing-modes-aa48b65b4c99
Load and Store: https://valsamaras.medium.com/arm-64-assembly-series-load-and-store-6bfe9c1d1896
Branch: https://valsamaras.medium.com/arm-64-assembly-series-branch-9ce820987fc6
Data Processing (Part 1): https://valsamaras.medium.com/arm-64-assembly-series-data-processing-part-1-b6f6f877c56b
Data Processing (Part 2): https://valsamaras.medium.com/arm-64-assembly-series-data-processing-part-2-3d0526dc07b6
selections and loops: https://valsamaras.medium.com/practical-arm64-selections-and-loops-89f9a0e7e395
Subroutines: https://valsamaras.medium.com/practical-arm64-subroutines-1b5ea3935ff5

#infosec #ARM #assembly #learning

image/jpeg
image/jpeg

Bluedonkey, to infosec
@Bluedonkey@mastodon.social avatar

Just watched a video from a large intl company proposing a system for K-12 schools using #FacialRecognition to allow students & staff access, to detect former students on campus, to block access to non-custodial parents & sex offenders and more. All using AI based facial recognition.

Leaving aside issues of accuracy, just think about the database of personal information behind that. Then think about this:

https://www.edsurge.com/news/2023-04-17-student-privacy-is-at-more-risk-than-ever-before-can-k-12-schools-keep-it-safe

#infosec #k12 #AI

cybercareersblog, to infosec

ICYMI: NSA: Russian hackers targeting US, European supply chain for Ukraine https://www.cybercareers.blog/2023/04/nsa-russian-hackers-targeting-us-european-supply-chain-for-ukraine/?utm_source=dlvr.it&utm_medium=mastodon #cybersecurity #cyber #infosec

MichaelBTech, to infosec

I've been hearing some great things about Delete Me as I've been on this journey of removing my digital footprint within data brokers/whitepages.

Have any of you used "Delete Me"?

https://joindeleteme.com/refer?coupon=RFR-224729-J9WF4X

#infosec #cybersecurity #dataprivacy #privacy

0x58, to infosec

Researchers at Meta have seen a rise in ChatGPT-themed attacks, the company said in an overview of cybersecurity issues on its platforms.

#cybersecurity #infosec #chatgpt

https://cyberscoop.com/chatgpt-scam-facebook-meta-hackers-malware/

0x58, to infosec

Great write-up by @0xtdec on the #AI #cybersecurity risk management, its threat model and security failure modes 👇 #infosec

https://int3.substack.com/p/how-does-ai-fail

ll, to infosec

The International Labour Organization (ILO), the oldest of the U.N. agencies, is looking for a cybersecurity #intern at its HQ in Geneva.

Deadline for applications is 17th May.
Apply directly here:
https://jobs.ilo.org/job/Geneva-Information-Technology-%28IT%29-Security-Cybersecurity-1200/930526301/

#hiring #infosec #paid #internship

securescientist, to infosec

My course “offensive computer security” @TUEindhoven is about to start. 240+ wannabe hackers in class. It’ll be fun. #infosec #academia #teaching #netherlands

0x58, to infosec

Meanwhile, in the #passwordmanager's world.. 🔒

1Password says a recent incident that caused customers to receive notifications about changed passwords was the result of service disruption and not a security breach.

The company first revealed in an incident report five days ago that the notifications were erroneous and linked to routine database maintenance scheduled on Thursday, April 27th.

Today, 1Password chief technology officer (CTO) Pedro Canahuati provided more details and said the customers' information was unaffected.

#infosec #cybersecurity

https://www.bleepingcomputer.com/news/security/1password-explains-scary-secret-key-and-password-change-alerts/

avolha, to infosec Polish

Ikona kłódki w pasku adresu przeglądarki już od dawna nie oznacza, że odwiedzana strona jest bezpieczna. Oszuści rzadko teraz rezygnują z certyfikatów SSL, bo ich zdobycie nie stanowi większego problemu - wystarczy za darmo skorzystać z Let’s Encrypt. Google zdaje sobie z tego sprawę i dlatego z kłódki rezygnuje:

https://blog.chromium.org/2023/05/an-update-on-lock-icon.html

avolha,

@chlopmarcin w czasach internetu łupanego (gdy certyfikaty SSL swoje kosztowały i tylko większe instytucje/firmy mogły sobie na nie pozwolić) to miało sens, ale teraz - gdy prawie wszystko leci po HTTPS - stosowanie kłódek mija się z celem

anedroid,

@avolha A potem kłódka wróci, ale tylko dla stron oznaczonych przez Google jako zaufane: 😳

0xor0ne, to infosec

Excellent introduction to Linux kernel exploitation

Debugging with QEMU: https://blog.k3170makan.com/2020/11/linux-kernel-exploitation-0x0-debugging.html
Stack Overflows: http://blog.k3170makan.com/2020/11/linux-kernel-exploitation-0x1-smashing.html
RIP control: https://blog.k3170makan.com/2021/01/linux-kernel-exploitation-0x2.html

#cybersecurity #infosec #linux #kernel

image/jpeg
image/jpeg
image/jpeg

eric_capuano, to infosec

Come take Threat Hunting & Incident Response with Velociraptor led by @shortstack and I at WWHF Deadwood 2023!

#WWHF #Deadwood2023 #velociraptor #infosec #secops #dfir

evan_ottinger,

@eric_capuano @shortstack I’m very much eyeballing this one!

  • All
  • Subscribed
  • Moderated
  • Favorites
  • JUstTest
  • mdbf
  • ngwrru68w68
  • tester
  • magazineikmin
  • thenastyranch
  • rosin
  • khanakhh
  • InstantRegret
  • Youngstown
  • slotface
  • Durango
  • kavyap
  • DreamBathrooms
  • megavids
  • tacticalgear
  • osvaldo12
  • normalnudes
  • cubers
  • cisconetworking
  • everett
  • GTA5RPClips
  • ethstaker
  • Leos
  • provamag3
  • anitta
  • modclub
  • lostlight
  • All magazines
    •