Boffins propose Pretty Good Phone Privacy to end pretty invasive location data harvesting by telcos • The Register
Apple Adds a Backdoor to iMesssage and iCloud Storage - Schneier on Security
Might be a nice tool after further development 🙂
GitHub - brightio/penelope: Penelope Shell Handler
Police Robots Are Not a Selfie Opportunity, They’re a Privacy Disaster Waiting to Happen | Electronic Frontier Foundation – https://www.eff.org/deeplinks/2021/01/police-robots-are-not-selfie-opportunity-theyre-privacy-disaster-waiting-happen
China Is Forcing Tourists to Install Text-Stealing Malware at its Border - VICE
Detection-Ideas-Rules/20210329_Sodinokibi_(aka_REvil)_Ransomware.yaml at main · vadim-hunter/Detection-Ideas-Rules · GitHub – https://github.com/vadim-hunter/Detection-Ideas-Rules/blob/main/Threat%20Intelligence/The%20DFIR%20Report/20210329_Sodinokibi_(aka_REvil)_Ransomware.yaml
Google: Linux kernel and its toolchains are underinvested by at least 100 engineers • The Register – https://www.theregister.com/2021/08/04/google_linux_kernel_security/
Not a single cent to their products anymore...
Blizzard Recruiters Asked Hacker If She ‘Liked Being Penetrated’ at Job Fair – https://www.vice.com/en/article/3aq4vv/blizzard-recruiters-asked-hacker-if-she-liked-being-penetrated-at-job-fair
Python packages caught attempting to steal Discord tokens, credit card numbers - The Record by Recorded Future – https://therecord.media/python-packages-caught-attempting-to-steal-discord-tokens-credit-card-numbers/
The Inevitable Weaponization of App Data Is Here – https://www.vice.com/en/article/pkbxp8/grindr-location-data-priest-weaponization-app
Pegasus spyware has been here for years. We must stop ignoring it https://blog.malwarebytes.com/privacy-2/2021/07/pegasus-spyware-has-been-here-for-years-we-must-stop-ignoring-it/
GitHub - t0thkr1s/allsafe: Intentionally vulnerable Android application. – https://github.com/t0thkr1s/allsafe
Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909) | Qualys Security Blog – https://blog.qualys.com/vulnerabilities-threat-research/2021/07/20/sequoia-a-local-privilege-escalation-vulnerability-in-linuxs-filesystem-layer-cve-2021-33909
VU#506989 - Microsoft Windows 10 gives unprivileged user access to SAM, SYSTEM, and SECURITY files – https://www.kb.cert.org/vuls/id/506989
Kremlin papers appear to show Putin’s plot to put Trump in White House | Vladimir Putin | The Guardian – https://www.theguardian.com/world/2021/jul/15/kremlin-papers-appear-to-show-putins-plot-to-put-trump-in-white-house
Zed Attack Proxy asks for feedback:
"We want to hear how you are using ZAP. Please fill in this one page questionnaire - your feedback is very important to us!"
Securing the Supply Chain: Lessons Learned from the Codecov Compromise https://blog.rapid7.com/2021/07/09/securing-the-supply-chain-lessons-learned-from-the-codecov-compromise/
An infosec guy. Mostly posting many links to good reads
This Mastodon instance is for people interested in technology. Discussions aren't limited to technology, because tech folks shouldn't be limited to technology either!