k3ym0

k3ym0, 4 months ago to privacy

Data is bought and sold by advertisers, employment agencies, and government institutions to create a profile of you. When you use the internet, you create a trail of data. Every printout, picture, chat, social media like, tag, post, search, purchase and even email, makes up your digital footprint. To minimize your digital footprint always pause and think before clicking because anything can be tracked on the web.

#ThinkBeforeYouClick #Privacy

k3ym0, 4 months ago to Cybersecurity

Don't use Exchange On-Prem - It's riddled with vulnerabilities, they said.

Use Office 365 - It's way more secure, they said.

Meanwhile, MSFT leaving test OAuth accounts active, with:
✅ admin privileges
✅ weak password
✅ no MFA

(insert jokerclapping.gif)

https://arstechnica.com/security/2024/01/in-major-gaffe-hacked-microsoft-test-account-was-assigned-admin-privileges/

#cti #cybersecurity #threatintel #midnightblizzard #apt29

k3ym0, 4 months ago to Cybersecurity

New @FortiGuardLabs Outbreak Alert: Adobe ColdFusion Access Control Bypass Attack (Critical-level detections in the wild) ⮕ ftnt.net/61103ryCs3

FortiGuard Labs observed critical level of continued attacks on Adobe Coldfusion with IPS detections reaching up to 50,000+ unique detections. Users of Adobe ColdFusion are advised to apply patches as per vendor guidelines as soon as possible to mitigate any risk completely, if not already done.

#cybersecurity #cti #threatintel

k3ym0, 5 months ago to Cybersecurity

lmao. xfinity gets hacked and this is the message you get when you go to log into your account:

"As part of our commitment to you, Comcast routinely reviews and monitors account security. Please update your password to help protect you and your account."

We gee golly, xfinity, thanks for being so committed to your customers. FFS.

#xfinity #xfinityhack #cybersecurity

k3ym0, 5 months ago to Cybersecurity

Chinese APT Volt Typhoon has been observed leveraging EoL SOHO devices as a proxy network to obfuscate their operations.

Read the excellent write up by @blacklotuslabs here

#cti #threatintelligence #volttyphoon #cybersecurity

k3ym0, 6 months ago to Cybersecurity

The FortiGuard Labs team recently analyzed the new #ransomware group, #Rhysida, and found that it attacks Windows machines through VPN devices and RDP, and is targeting industries such as education and manufacturing. 📚 🦾

🔎 Learn more: https://cybersecuritynews.com/rhysida-ransomware-attacking-windows/ via Cyber Security News

#cti #threatintelligence #cybersecurity

k3ym0, 6 months ago to random

@eff - not the hero we deserve, but the one that we need.

keen456, 6 months ago to SEC

From vx-underground on Twitter, news that #ransomware group ALPHV submitted an SEC complaint against MeridianLink for not disclosing the breach by...ALPHV: https://www.databreaches.net/alphv-files-an-sec-complaint-against-meridianlink-for-not-disclosing-a-breach-to-the-sec/ #sec #legal

derekvanvliet, 7 months ago to cycling

riding bikes every day until I can’t for some reason, day 1148

#Cycling #BikeTooter #Photography #Nature #Autumn #PhotoMonday #FotoMontag

Photo of a black specialized diverge, gravel bike, standing next to the trunk of a fallen tree in a forest. the forest floor is covered in orange and red and yellow leaves. Behind the black bike, there is a light shining into the forest through yellow leaves that is so bright that it looks like a fire sky. The picture is framed on the left and right side by the trunks of two trees.

zackwhittaker, 8 months ago to random

New, by me: Microsoft has patched two zero-days in open-source libraries that affect several Microsoft products, including Skype, Teams, and Edge browser.

The two zero-days also affected Google and Apple, and both confirmed the bugs are being exploited in the wild. Citizen Lab said the bugs were exploited to plant commercial spyware.

But Microsoft is refusing to say if those zero-days were exploited to target its products, or if the company even knows either way.

More: https://techcrunch.com/2023/10/04/microsoft-wont-say-if-its-products-were-exploited-by-spyware-zero-days/

0x58, 8 months ago to random

Face ID on iOS 17 is absolutely worthless.

hacks4pancakes, 8 months ago to random

I had a mentoring session last night with a poc I’ve been working with who went to his first local cybersecurity con, recently. He had such a bad experience with people being cliquey there and ignoring him that he’s ready to stop trying to get into the industry. 😥😰 I knew there are some cultural issues at that con and area but had no idea they were so bad, and encouraged him to maybe look at other cities in the US and their cons. Pitch your city’s infosec community and scene and I’ll share with him?

pierstoval, 8 months ago (edited 8 months ago) to random French

Project manager: "What's technical debt? Explain it to me like I'm 6 years old"

Devs:

(source: "Richard Scarry's Storybook Dictionary" : https://archive.org/details/1scarryRichardStorybookDictionary/page/n56/mode/1up )

k3ym0, 8 months ago to programming

NullPointerExemption goes burrrr
Source: @a_smeriglia

#programming #programmerhumor

hacks4pancakes, 8 months ago to random

TechCrunch Disrupt is definitely the strangest conference I’ve ever been to (full on SF startup investor community culture) but like everyone is here on the security stage so that’s awesome.

k3ym0, 8 months ago to random

Doctors don’t want you to know about this one simple trick to cure your depression and anxiety.

k3ym0, 8 months ago to random

WHEN I WANT A WHOPPER I WANT IT NOW GOD DAMNIT

video/mp4

k3ym0, 8 months ago to random

OSINT challenge participants be like

video/mp4

BleepingComputer, 8 months ago to random

Signal has announced that it upgraded its end-to-end communication protocol to use quantum-resistant encryption keys to protect users from future attacks.

https://www.bleepingcomputer.com/news/security/signal-adds-quantum-resistant-encryption-to-its-e2ee-messaging-protocol/

janeadams, 8 months ago to reddit

I realize that I haven't shared much in the past few years about my previous work at the UVM Comp. Story Lab, where we studied phenomena like incels, k-pop, and linguistic turbulence on platforms like #Reddit and #Twitter. Explains why I know so much obscure internet lore 😅 Enjoy:

Incel lexicon: https://arxiv.org/pdf/2105.12006.pdf
K-pop > "god": https://arxiv.org/pdf/1910.00149.pdf
Turbulence: https://arxiv.org/pdf/2008.13078.pdf

#DigitalHumanities #Linguistics #internet #dh #kpop #incels #history #socialmedia #mediastudies

Zipf distribution of terms that end with "-cel" in the incel corpus. The above distribution shows the frequency of each term that ends in "-cel" in the incel corpus vs its rank. Some of the points have been labelled with their respective "-cel" term. The highest ranked and most frequently occurring term is "incel". "Volcel", or "voluntary celibate" is another popular instance of "-cel" terms. The diversity of these terms is indicative of user identification with the incel movement.
Charts comparing the word usage ranks of @bts_twt (the Twitter account of BTS) versus usage of the word 'god' over time, showing BTS consistently outpacing god beginning in 2018
Allotaxonograph using probability-turbulence divergence to compare normalized 1-gram usage rates on two days of Twitter, 2020/03/12 and 2020/05/30—key dates in the US for the COVID-19 pandemic and the Black Lives Matter protests following George Floyd’s murder. Details are the same as for Fig. 1. The days are according to Coordinated Universal Time (UTC) and the 1-grams are those containing latin characters found in English- language tweets [27, 28].

Em0nM4stodon, 8 months ago to programming

Music Recommendation Request :ablobdj:​:

I have been coding a lot this week
and I think I have listened to the entirety of YouTube's "Programming Music" mixes :ablobcatbongokeyboard:​🎶

Do you have any YouTube or ideally even PeerTube "Programming Music" mixes to recommend to me? 👀​

Preferably something without lyrics, energetic but not like going to a club, and not slow like being in a spa 😅

#Programming #Music