cybersecurity

This is very much for real!

cc @CISAJen
#cybersecurity #CyberCivilDefense

https://www.compiler.news/integrity-above-all-is-the-mantra-we-need-for-the-era-of-rampant-ransomware-2/

Which is a bigger flex to say?

#Polls #SocialMedia #Survey #Facebook #TikTok #Poll #CyberSecurity #DataPrivacy #Flexing #BigTech

U.S. tech giants' dominance in cloud services threatens digital sovereignty, prompting Europe to break monopolies and build its own infrastructure. https://www.japantimes.co.jp/commentary/2025/11/19/world/europes-cloud-scares-and-us-tech-dominance/?utm_medium=Social&utm_source=mastodon #commentary #worldnews #amazon #google #microsoft #europe #cloudservices #it #bigtech #cybersecurity

Chrome now wants to store and autofill your driver’s license and other ID info.

From a cybersecurity perspective, that is a hard no from me. Info-stealer malware already targets browser autofill, and you cannot rotate a driver’s license number like a password. Putting high value IDs in the most targeted consumer app on the planet is a bad trade for a little convenience.

I wrote up why this feature is such a risky idea and what I recommend instead:

🔗 https://www.kylereddoch.me/blog/chromes-new-drivers-license-autofill-is-a-terrible-idea/

#Infosec #Privacy #Chrome #Cybersecurity

NEW: Details of people's therapy sessions—including reports, video and audio recordings—have been exposed by a healthcare company.

These included people mentioning sexual abuse and highly sensitive subjects. The exposed database has now been closed down

https://www.wired.com/story/confidant-health-therapy-records-database-exposure/ #cybersecurity #privacy #news #technology

🧠 AI + Security Automation — What do you want first?

Which agent should I open-source next?

🔘 Prompt injection defender
🔘 CVE → exploit correlator
🔘 Smart contract auditor
🔘 Recon bot for OSINT / endpoints

Vote, @mention, or drop your own idea.
I’ll build what the ecosystem needs.

#AIsec #Cybersecurity #Automation #Builders

RE: https://infosec.exchange/@Hacktivate/115581917628259124

⚡ 3 Fast Checks Every Network Should Run Today

1️⃣ Unknown devices on VLANs?
2️⃣ Unused open ports pre-attack?
3️⃣ Default creds still active anywhere?

You don’t need a full audit — just a disciplined recon loop.

AI + automation makes this continuous.

#Cybersecurity #AIsec #NetOps #DevSecOps
Want micro playbooks or scripts? @mention me.

We need to protect water supplies and other vulnerable infrastructure from cyber security related attacks

#CyberCivilDefense #cybersecurity

https://www.darkreading.com/cybersecurity-operations/undisruptable27-project-seeks-to-shore-up-local-critical-infrastructure

Good news, everyone!

___
https://www.pcgamer.com/software/ai/poets-are-now-cybersecurity-threats-researchers-used-adversarial-poetry-to-jailbreak-ai-and-it-worked-62-percent-of-the-time/

@bookstodon @poetry

#bookstodon #artificialintelligence #cybersecurity

Memory safety problems are a huge #cybersecurity problem for the Internet, but it doesn’t have to be.

Make a transition to memory safety part of your #CyberCivilDefense plan.

Read about orgs doing that today: https://www.memorysafety.org/blog/rustls-adoption-grows/

Some news...I’ll be spending $100M to make us safer online and to protect our infrastructure, like water and power supplies.

A big part will be a PSA campaign - online and in old-fashioned ways. We all got a role to play, like everyone did in WW2, including my Dad and Mom.

I’ll start by putting my money where my mouth is. Folks can check it out here: https://pausetake9.org.

#CyberCivilDefense #cybersecurity

It's time for a re- #introduction since this instance has changed a lot since being launched.

This instance was set up for testing and playing with Internationalized Domain Names. That experiment has mostly been a success and I've now migrated away from my once-main instance.

I'm a former software developer of over 20 years, working primarily in #opensource and #telephony. I now do #cybersecurity as a profession, after starting to do cybersecurity research as a hobby about a year ago.

In the last year, I've found and disclosed several dozen #vulnerabilities in #govtech platforms like #court and #voter registration systems, which have gotten a not insignificant amount of press coverage. Those disclosures can all be seen at https://govtech.cc

Beyond my #infosec postings, you'll typically find nonsense that I find funny; sometimes I might even say stuff that other people find amusing.

I once self-published a book that I've never read called The Consequences of Being Right (ISBN 979-8880045068). It was entirely written by ChatGPT and was published because I thought it was stupid and funny. Miraculously, I've managed to sell two copies, neither of which have been returned.

I'm #ActuallyAutistic and #ADHD, which is sometimes apparent.

All of my other links and socials can be found at https://linktr.ee/northantara

ANNOUNCE: Survey on threats experienced by journalists and security researchers

Are you a security researcher or a journalist in the cybersecurity/cybercrime space?

DataBreaches.net and Zack Whittaker at this.weekinsecurity.com are conducting a survey on the types of threats researchers and journalists have faced, including legal threats or legal process and threats of violence from cybercriminals.

The survey is at https://forms.gle/P9jr6VxfD1LV6odg9

Please complete the survey and share the link on social media and with your colleagues and friends to help us understand how widespread some problems may be.

Reposts with more tags to other individuals would be appreciated.

#journalism #pressfreedom #cybersecurity #risk #threats

@campuscodi @zackwhittaker @jgreig @lawrenceabrams @briankrebs @amvinfe

The New Oil is entirely supported by readers. If you get value out of this project, please consider supporting us if you can.

https://thenewoil.org/en/support/

#privacy #cybersecurity

Collaborations between @hackclub and @girlswhocode leads to more opportunities for young women, in technology areas including
#CyberCivilDefense #cybersecurity like Reem featured here
https://www.instagram.com/reel/DBPKpcMSZY-/?igsh=bzhocWkxbDVjcTgy
pausetake9.org

Slack's signin procedure is the digital equivalent of boarding an airplane, "security"wise.

One of my favorite "security challenges" is the "verify your email" one. By this point my email has been verified so many times it should have top secret clearance.

#SecurityTheater #cybersecurity #infosec #Slack #tech #dev

The New Oil is not slowing down in 2025, and you can help us keep going!

https://thenewoil.org/en/support/

#privacy #cybersecurity

As a Muslim researching about #cybersecurity, I wondered: what does Islam teach about privacy?

Turns out, a lot. Here's a hadith from 1400 years ago: “When a man peeps into your house without permission, and you throw a stone at him and injure his eye, you will not be blamed.”

Digital surveillance is the modern peeping. Your phone is your house.

I wrote about this + my journey from Telegram fanboy to Signal advocate here:

https://kaifisahil.substack.com/p/your-chats-are-not-really-private?r=6p8e80

#Privacy #Signal #Encryption #Islam #DigitalRights

Our team at @censys has studied Internet exposure of #ICS for the better part of a year, learning more about the products, protocols, and nuances of this space.

Today I'm excited to share our third annual ✨State of the Internet Report detailing what we've learned! A few highlights:

🛜 Most ICS protocols and HMIs we've observed run on 5G/LTE (e.g., Verizon) or SOHO/business-grade ISPs (e.g., Comcast). We initially observed this in the U.S. and in this most recent research found that it's a global phenomenon. This surprised me initially, but industrial devices often need to run in places where a wired connection might not be available. While great for connectivity, use of such networks makes it often impossible to determine who owns or operates a given service, as the host metadata points back to the telco itself.

💧 Analysis of over 200 C-More human-machine interfaces (HMIs) revealed over a third appear to be related to water and wastewater systems (WWS). WWS has seen increased targeting over the last ~year, and these exposures suggest still more work is needed to adequately protect and defend this sector.

⛔️ We found nearly 200 hosts globally running HMIs alongside products banned by U.S. NDAA Section 889. While this act applies only to a specific set of operators within the U.S. federal government, it's interesting to note what technologies operators implement alongside potentially critical services.

#infosec #cybersecurity #OT

You can find a copy of the report with all the details here! 👇

https://censys.com/the-2024-state-of-the-internet-report/

Hi there! Another article for Dark Reading, this one focused on how to help avoid burnout. There was so much to cover and so much interesting work being done that I could only scratch the surface. My biggest takeaway is that work-related burnout is in WHO's book of disorders. That's real legitimacy, and I expect more scholarly work to come. Thanks endlessly to @neurovagrant and @Edent for providing their experiences and strategies. #DarkReading #cybersecurity #journalism #burnout #JobRelatedBurnout #selfPromotion
https://www.darkreading.com/vulnerabilities-threats/defining-defying-cybersecurity-staff-burnout

Since the newest update to @surf, links to feeds can be opened directly in the app.

I have created a #Cybersecurity feed on #Surf for anyone on the beta. The feed includes posts, etc., regarding Cybersecurity information. You can even contribute to the feed using the hashtag #CyberSecBrief.

https://surf.social/feed/surf%2Fcustom%2F01jfjvb3ntxvjtaze9xf08vb3f

If you have any recommendations for a source that I can add to the feed, just let me know.

If you are not in the Surf beta, I have an invite code that can get you in. Just DM me, and I will share it with you. This is all due to the huge thanks of @marci, @mike, and all of the @surf team. They are such great people.

You can learn more about Surf by is from this great article from The Verge.

https://www.theverge.com/2024/12/18/24323903/flipboard-surf-fediverse-social-web-app

#Surf #Flipboard #News

Rate my setup
#KaliLinux #Nederland #cybersecurity

🚨 Time is Running Out to Save Encryption 🔐

Ofcom is consulting on implementing message scanning powers in the UK Online Safety Act.

This would break end-to-end encryption on the messaging apps we all use!

⏰ CLOSES Monday 10 March, 5pm.

Use our tool to tell Ofcom #PracticeSafeText 💬

ACT NOW ⬇️

https://action.openrightsgroup.org/48-hours-tell-ofcom-practice-safe-text

#e2ee #encryption #OnlineSafetyAct #ukpolitics #ukpol #privacy #ofcom #security #cybersecurity #whatsapp #signal

Compromised? In this interview, https://www.muellershewrote.com/p/a-fork-in-the-road-is-federal-employee I speak to a systems security specialist who found privacy problems surrounding the HR@opm.gov email servers #IT #security #natsec #nationalsecurity #cybercrime #cybersecurity #hacking #surveillance #malware #email #DOGE #Musk #treasury #OPM #FAA #FEMA #education #privacy #PII

#Cybersecurity tip: don't forward texts, emails, or links without pausing!

✋ #Take9 #CyberCivilDefense @paustake9