security

#Privacy folks are allies, #security folks are mercenaries.

Know the difference.

STOLEN & CONCEALED NATIONAL DEFENSE DOCUMENTS CASE

Remember:
Cannon was deemed *unqualified* by the American Bar Association.

#DoJ filed a rebuke to Cannon, in what I think is a situation most ripe for an appeal to the Eleventh Circuit for her "clear error" and "manifest injustice."

#DoJ:
“She worked on almost no cases. She had very little courtroom experience. To find a case that actually she worked on and that resulted in a published opinion is in itself improbable... “It’s a brilliant maneuver..."

Unqualified #Judge keeps making bizarre rulings clearly favoring the man who appointed her, federal prosecutors have resorted to citing case law that Cannon should know for one major reason: She worked on it herself.

DoJ fired off a quiet shot across the bow at Cannon in a recent court filing—a filing that seeks to block Trump’s latest ploy to morph this criminal case into some kind of wild goose chase.
🧵 1️⃣

https://www.thedailybeast.com/jack-smiths-subtle-shot-at-trump-mar-a-lago-judge-aileen-cannon?ref=home?ref=home

#traitor #traitortrump #crime #national #security #threat #DoJ #natsec

Mastodon 再次发布紧急安全更新。
请站长立刻更新。

更新描述为
安全性：修正对远端贴文的检查不足。
https://github.com/mastodon/mastodon/releases/tags/v4.2.7

目前暂时没有公开的安全告知：
https://github.com/mastodon/mastodon/security/advisories/GHSA-jhrq-qvrm-qr36

#Mastodon #MastoAdmin #Security

@board @board@a.gup.pe

RE: https://tech.lgbt/users/ShadowJonathan/statuses/111940983829390502

Ukraine says it hacked Russia's Ministry of Defense

https://t.me/DIUkraine/3545 #infosec #cybersecurity #security

If you got a tip & need anonymity you can message me here. (i don’t respond to corporate flacks on signal)

#privacy #security #natsec

Some fascinating research out on hacking a Subaru via STARLINK connected vehicle service.

"On November 20, 2024, Shubham Shah and I discovered a security vulnerability in Subaru’s STARLINK connected vehicle service that gave us unrestricted targeted access to all vehicles and customer accounts in the United States, Canada, and Japan.

Using the access provided by the vulnerability, an attacker who only knew the victim’s last name and ZIP code, email address, phone number, or license plate could have done the following:

Remotely start, stop, lock, unlock, and retrieve the current location of any vehicle.

Retrieve any vehicle’s complete location history from the past year, accurate to within 5 meters and updated each time the engine starts.

Query and retrieve the personally identifiable information (PII) of any customer, including emergency contacts, authorized users, physical address, billing information (e.g., last 4 digits of credit card, excluding full card number), and vehicle PIN.

Access miscellaneous user data including support call history, previous owners, odometer reading, sales history, and more.

After reporting the vulnerability, the affected system was patched within 24 hours and never exploited maliciously."

https://samcurry.net/hacking-subaru#introduction

#cars #security #subaru @starlink

Upgrade your systems now!

The xz package has been backdoored

https://archlinux.org/news/the-xz-package-has-been-backdoored/

#ArchLinux #Linux #xz #security

Hey! Let's talk about #SSH and #security!

If you've ever looked at SSH server logs you know what I'm about to say: Any SSH server connected to the public Internet is getting bombarded by constant attempts to log in. Not just a few of them. A *lot* of them. Sometimes even dozens per second. And this problem is not going away; it is, in fact, getting worse. And attackers' behavior is changing.

The graph attached to this post shows the number of attempted SSH logins per day to one of @cloudlab s clusters over a four-year period. It peaks at about 3.4 million login attempts per day.

This is part of a study we did on our production system, using logs of more than 640 million login attempts, covering more than 1,500 hosts on our side and observing more than 840 thousand incoming IP addresses.

A paper presenting our analysis and a new, highly effective means to block SSH brute force attacks ("Where The Wild Things Are: Brute-Force SSH Attacks In The Wild And How To Stop Them") will be presented next week at #NSDI24 by @sachindhke . The full paper is at https://www.flux.utah.edu/paper/singh-nsdi24

Let's dive in. 🧵

ALT

some people were saying #linux is insecure, even less than Windows

where do these claims come from? are they true? what can we users do? #security #cybersecurity

If you are the tech-savvy person within your family or friends group :

Never ever shame someone for coming to you for advice after being the victim of a scam, malware, or for using an unsecure product.

If you do this,
they might never come back to you later. They might just feel so ashamed they will just stay alone with their tech problems.

Instead, always tell them:

1. It was a good idea to come to you with this. Be empathetic with them 💚

2. Give them advice on how to minimize the damage now. Actionable advice 🚑

3. Help them harden their security for now and for the future. Recommend better products to them. But be careful not to overwhelm them with advice. One step at the time 🔒

4. Talk to them with respect and empathy. Tell them how the people who abused their trust are horrible and anyone can fall for the right scam. Remind them there are things to do to reduce the risks of being victimized again in the future, and help them slowly implementing these 💪

5. Be thankful they trusted you with this. It means they think highly of you 🥰

#Security #Privacy

went down to the hotel lobby to retrieve my dinner delivery in a yoga outfit + snuggly cardigan + face mask.

some men with #RSAC2024 lanyards exited the elevator as I re-entered; they turned back to look at me and one said (very loudly, very pointedly staring at me) to the other, “I was like, did you hire me a hooker?”

if you are a man attending #rsac, please shut that kind of shit down when your peers do it. let’s not let insecurity rule our #security industry.

What is your favorite app for
Multifactor Authentication, and why do you like it most? 2️⃣✌️👀

#Security #MFA #2FA #Authenticator

#PSA #openssh #ssh #security
OpenSSH 高危漏洞
影响版本
8.5p1 <= OpenSSH < 9.8p1

处置建议
更新 OpenSSH > 9.8p1
或
LoginGraceTime=0

https://www.secrss.com/articles/67636?app=1
https://ubuntu.com/security/CVE-2024-6387

Libera IRC Channels Sorted by Number of Users
----
- 2 hours ago | 4 points | 0 comments
- URL: https://netsplit.de/channels/?net=Libera.Chat
- Discussions: https://news.ycombinator.com/item?id=40983500
- Summary: Libera.Chat, an IRC network, reported an average of 33,386 users and 23,157 chat rooms. Notable channels include #linux, #python, #archlinux, #ubuntu, #rust, #security, #kde, #debian, and #thelounge.

Top #Hezbollah commander killed in Israeli strike on #Beirut - 2 security sources

Top Hezbollah commander #IbrahimAqil was killed on Friday in an Israeli strike on Beirut's southern suburos, 2 #security sources told Reuters.

One of the sources said he was killed alongside members of Hezbollah's elite Radwan unit as they were holding a meeting.

#Israel #Lebanon #Iran #Gaza #MiddleEast #war #geopolitics
https://www.reuters.com/world/middle-east/top-hezbollah-commander-killed-israeli-strike-beirut-two-security-sources-2024-09-20/

#Hezbollah exploding #pager trail runs from #Taiwan to #Hungary

A snr Lebanese #security source identified a photograph of the model of the pager, an AR-924.

The source said the #pagers had been modified by #Israel's spy service, #Mossad, "at the production level."

"The Mossad injected a board inside of the device that has explosive material that receives a code. It's very hard to detect it through any means.”

#lebanon #geopolitics
https://www.reuters.com/world/middle-east/israel-planted-explosives-hezbollahs-taiwan-made-pagers-say-sources-2024-09-18/

I've noticed a concerning trend of "slop security reports" being sent to open source projects. Here are thoughts about what platforms, reporters, and maintainers can do to push back:

#oss #opensource #security

https://sethmlarson.dev/slop-security-reports?utm_campaign=mastodon

Urgent Warning for Fedi Admins

We've discovered an ongoing Denial-of-Service attack against Misskey-based instances. The attacks exploit a zero-day vulnerability impacting Misskey, Sharkey, IceShrimp, and other related software. Patches are in progress and will be released ASAP. We encourage all admins to update immediately!

Note: this is a different vulnerability from the ones that were recently announced! You should update today and again tomorrow at the scheduled time.

Update: Sharkey version 2024.9.2 has been released with a patch. You can get the update here: https://activitypub.software/TransFem-org/Sharkey/-/releases/2024.9.2

#Misskey #Sharkey #IceShrimp #FediAdmins #Security

I hope it is no surprise when I tell you that you don't have #privacy and #digitalsovereignty (and #security) if you do not have the right #motivation as well as the #knowledge and/or #money to act accordingly.

Therefore, most people are excluded here because of at least one reason.

In that sense, #postprivacy has arrived long time ago.

https://karl-voit.at/tags/privacy/
https://karl-voit.at/tags/security/
https://karl-voit.at/tags/pim/
https://karl-voit.at/cloud-data-conditions/

#education #publicvoit #PIM #souverainity #cloud

📢 #ANNOUNCEMENT: ALL #CENTRALIZED_EXCHANGES #KYC (aka ILLEGAL 🚔 REGULATIONS) HAVE BEEN OFFICALLY #RENDERED_ILLEGAL 🚔 AND #OBSOLETE by #TASTINGTRAFFIC_LLC as of #NOVEMBER 1. 2024

☮️ Freedom Money:) 🕊️ Doug Visits Local #Grocery Store in #NEW_YORK_CITY, #NEW_YORK ;) That Accepts 100% #INTERNATIONAL_PRIVACY_COIN called #Monero! 07/27/24 (GUEST EPI 176) aka #FREEDOM_MONEY!!

Doug Visits Local Grocery Store That Accepts Monero!

https://youtu.be/SOiECv36iag

#ANNOUNCEMENT: ALL #CENTRALIZED_EXCHANGES HAVE BEEN OFFICALLY RENDERED ILLEGAL AND OBSOLETE AS OF NOVEMBER 1. 2024

TASTINGTRAFFIC LLC has DECLARED ALL #CENTRALIZED_EXCHANGES UTILIZING (KYC) #KNOW_YOUR_CUSTOMER -- a 100% #ILLEGAL BREACH of the ORIGINAL BLOCKCHAIN INTENT since 1999 with PROOF! >> In ORDER To #PIERCE the PROTECTION of the #CORPORATE_BLOCKCHAIN_VAIL in order for the ASHKEANZI JEWS, NAZI ZIONISTS, CENTRALIZED BANKS & GOVERNMENTS to retain national control over its citizens which has now been REJECTED BY TASTINGTRAFFIC LLC!

USA has #RENDERED ITS OWN #BICOIN VALUELESS! Which DOES NOT APPLY TO INTERNATIONAL MARKETS!! #USA, #EUROPE AND #ISRAEL ARE ALL #OUT OF YOUR #JURISDICITONS! BITCOIN A (LOCAL) NATIONAL GAMBLING VEHICLE; THE BIGGEST PONZI SCHEME IN HISTORY TO DATE! imho. Current Bitcoin CASE USE? #MONEY_LAUNDERING BY THE #USA AND #EUROPE AND #ISREAL.

This coin IS considered the " #King " that #guarantees your #online #anonymity and #security. #ENDORSED BY TASTINGTRAFFIC LLC #FOUNDER OF #DEVSECOPS since 1999.

Timestamps:

00:00 | How Monero fare in year 2024?
00:42 | Monero and anonymous coins market
03:53 | Monero price dynamic
06:07 | Does Monero have a chance to shoot up again?
07:01 | In Conclusion

https://youtu.be/tv3RqGOcNHU

📛 DISCLAIMER: We Cover the 'Way' the #News is #COVERED_UP! 👿

🔴 The #Next #Global_Superpower Isn't Who You #Think 🧠

WHO is TastingTraffic.com? | #WELCOME to #DECENTRALIZED #GLOBALIZATION! #GLOBALIZATION is NOT Dead! It's just the Beginning!..
#DECENTRALIZED #GLOBALIZATION! The NEW DIGITAL GLOBAL ORDER | NO NATIONALITY LEFT BEHIND | COMING SOON! 🌐 🌏 🌍 🌎 🗺️

🧠 https://youtu.be/uiUPD-z9DTg

~Give a Man a Gun 🔫, HE Will Rob a Bank 🏦 ; Give a Man a Bank; HE Will Rob the World~ #JP_MORGAN
🌏 🌍 🌎

~Give a Man a Gun HE Will Rob a Bank; Give a #GOOD_MAN a Bank; HE Will #SOLVE_WORLD_HUNGER~ #TASTINGTRAFFIC_LLC
🥓 🍞 🌶️ 🐟 🥑 🍗 🍊 🍕 🍉 🌽 🍐 🍈 🍑 🍅 🍟 😋

💼 JOBS FOR ALL = UNLIMITED OPPORTUNITIES FOR ALL GLOBALLY!

https://youtu.be/uiUPD-z9DTg

* JOBS FOR ALL #GLOBALLY!
* #WORK_FROM_HOME
* BE YOU #OWN_BOSS.
* #SIGN YOUR OWN #PAYCHECKS!
* WORK YOUR OWN #HOURS
* MAKE IN EXCESS OF 300K PER #MONTH NET! 🤑 💰 👍
* #UNLIMITED_OPPORTUNITIES 🤑

DavidV: 25 YEARS 24/7 Experience:

* Software Architect (PhD) Supervisor -25 years 300K PMS (project management) hours
* EXPERT BLACK BOX TESTER (1999)
* Founder of WebTafficCops.com the 1ST Dedicated CLICK FRAUD ENGINE on the Planet (1999)
* Founder of SEO (Search Engine Optimization, (1999)
* Founder of RTB (Real Time Bidding (1999)
* Founder of HFT (High Frequency Trading 2001)
* Founder of the first Screen Recorder (Applets) on the Planet (2000)

🍷 🍾 #TASTINGTRAFFIC_LLC | The Largest (WWW) #DIGITAL_TRAFFIC PROVIDER in the WORLD since 1999.

🌐 WORLD WIDE BUSINESS HOURS?? 24/7 ;)
JOBS FOR ALL WORLDWIDE COMING SOON;!

http://Withbrains.com/@wemoveeyeballs ® (HOT! HOT! DIGITAL TRAFFIC ALERTS! Traffic is King! >> Got Content?);
https://TastingTraffic.net ® ( #International_Tech_News | Decentralized Social);
http://JustBlameWayne.com ® (Just Blame Wayne & Post it | Decentralized Social);
http://Davidv.TV ® (Big Faith | Christianity RAW 101 | Decentralized Social);
https://withbrains.com/@davidv ® (Decentralized Social--Building Human Peripherals Since 1999)
TASTINGTRAFFIC_LLC are NOT affiliates of this provider or referenced images used. This is NOT an endorsement OR Sponsored (Paid) Promotion/Reshare.

A list of digital service providers outside the jurisdiction of the United States of America. 😉

https://codeberg.org/Linux-Is-Best/Outside_Us_Jurisdiction

My list was getting bigger than a Fedi post could hold, so it is now hosted on Codeberg, an alternative to GitHub or GitLab, but based out of Germany. 👍

#CodeBerg #GitHub #GitLab #WebHosting #Vpn #Dns #Cdn #PasswordManager #Email #Privacy #Security #Project2025 #Fascism #UnitedStates #RuleOfLaw #Justice

Angenommen es gäbe nur diese beiden Messenger, welchen würdet ihr bevorzugen?

#messenger #signal #threema #sicherheit #security

Good morning to readers; Kyiv remains in Ukrainian hands.

#Zelenskyy said a deal with #Russia is pointless w/o #security #guarantees.

Here’s why: #Kyiv made this mistake before.

#Moscow broke ceasefire after #Minsk agreements. International lawyer Oleksandr watched it all unfold.

New from Francesca D'Annunzio: Under Governor Greg Abbott's multi-billion dollar border security bonanza, Operation Lone Star, the Rio Grande no longer holds back law enforcement efforts. Today's digital border reaches across Texas and beyond. https://www.texasobserver.org/texas-dps-surveillance-arsenal-artificial-intelligence-lege/

This story is presented in partnership with the Pulitzer Center.

#surveillance #tech #SocialMedia #GregAbbott #police #border #privacy #security #USpol #politics #news