-
5 votes
-
When you browse Instagram and find former Australian Prime Minister Tony Abbott's passport number
32 votes -
How police are using 'super recognizers' to track criminals
9 votes -
Beyond the end of the Transban: How to make a 21st-century military
5 votes -
Online voting is much more difficult to do securely, and a fundamental problem with the concept is that most voters won't be able to understand whether it's secure or not
21 votes -
An exploration of Project Zero Issue 2046, a seemingly unexploitable and simple bug in the V8 JavaScript engine that turns out to be exploitable in a very complex manner
7 votes -
A secure operating system
11 votes -
Malware in the wild using DNS-over-HTTPS (DoH) to pull payload
8 votes -
Threat modelling case study: bicycles
7 votes -
Sendgrid under siege from hacked accounts
7 votes -
Denmark suspends Lars Findsen, head of the country's foreign intelligence service – Danish Defense Intelligence Service had initiated operations that were contrary to Danish law
9 votes -
Why and where you should plant your flag
12 votes -
Former Chief Security Officer for Uber charged with obstruction of justice for attempted cover-up of 2016 hack that compromised data from millions of users and drivers
9 votes -
Mozilla signs fresh Google search deal worth mega-millions as 25% staff cut hits Servo, MDN, security teams
16 votes -
NSA and FBI warn that previously undisclosed Drovorub malware for Linux threatens national security
22 votes -
Achilles: Over 400 vulnerabilities found in Qualcomm’s Snapdragon DSP chip, threatening the security of hundreds of millions of Android devices
17 votes -
Microsoft faces complex technical challenges in TikTok carveout
5 votes -
Reddit moderator accounts compromised in coordinated hack, hundreds of subreddits vandalized
29 votes -
Reversing Lyft’s ride history API to analyze 6 years worth of rides
4 votes -
20GB of Intel's internal source code, schematics, specs, and documents released, allegedly found on an unsecured CDN server
20 votes -
GitLab Support will no longer process MFA resets for free accounts as of August 15th, 2020 - make sure you have a valid backup recovery method set up
14 votes -
US Treasury Secretary Steven Mnuchin confirms TikTok is under review by the Committee on Foreign Investment in the US following national security concerns
11 votes -
Seventeen-year-old in Tampa, Florida arrested and accused of "masterminding" the compromises of prominent Twitter accounts on July 15, charged with thirty felonies
34 votes -
Bitwarden review
11 votes -
More than 1,000 people at Twitter had ability to aid hack of accounts
8 votes -
New ‘Meow’ attack has deleted almost 4000 unsecured databases
14 votes -
Hardening Debian
6 votes -
Garmin services and production go down after ransomware attack
16 votes -
A timeline of Wednesday's epic Twitter hack, and some clues about who may have been behind it
19 votes -
Twilio's TaskRouter JavaScript SDK was in a world-writeable S3 bucket, and had what appears to be a precursor to a payment-card skimmer inserted for about 12 hours
10 votes -
The massive Twitter hack could be a global security crisis
20 votes -
Apple, Elon Musk, Kanye West, and other accounts are tweeting a bitcoin scam in giant Twitter hack
49 votes -
Twitter is removing images of an internal tool sources say enables account takeover
11 votes -
The phone bill security hole in HIPAA
5 votes -
The TikTok war - How TikTok exposed Facebook's blindspot, and why its Chinese roots make TikTok a genuine concern
8 votes -
Why is a tech executive installing security cameras around San Francisco?
10 votes -
Amazon orders employees to remove TikTok from phones, then backtracks
10 votes -
Climate change has likely already affected global food production
5 votes -
Sandboxing in Linux with zero lines of code
7 votes -
Can our electronic ballots be both secret and secure? A mathematician's quest to make American elections more trustworthy
4 votes -
Indian government bans fifty-nine Chinese apps for security reasons
11 votes -
Picking and disassembling an Assa Abloy Zeiss Ikon padlock
7 votes -
Exploiting Bitdefender Antivirus: RCE from any website
13 votes -
Increasing personal security online and Yubikey
I have recently noticed an uptick in phishing emails and SMSs, getting me to click on some malicious link and this has been troubling me. I am fairly good about what I click and so far I haven't...
I have recently noticed an uptick in phishing emails and SMSs, getting me to click on some malicious link and this has been troubling me.
I am fairly good about what I click and so far I haven't clicked anything malicious (I think). However, this has motivated me to up my online security.All my computers run Linux and I use an Android phone.
For browsing I use Firefox, with NoScript (and uBlock) and use containers for separating personal/shopping sites, etc.
I also have host file blocking on my computers and phone (using AdAway).I do have a pi-hole setup at home as well.
I also have 2FA setup on all my banking accounts, email accounts etc.
However all my banking account 2FA is still just using SMS. Which I think is now easily circumvented.
Email accounts do use Authenticator apps (like Authy and Google Authenticator).I also use a password manager (this one), which works well for me, but is only available on my computer and not from my phone. I am split between having my password manager available on my phone tho, since it is always on me and could be stolen or have something malicious installed on. What do you guys think? I am wary of services like LastPass, is that valid?
So I wanted to start a thread to discuss what do you guys do to stay safe online?
I am also considering getting a pair of Yubikey (one backup), are there any caveats/pitfalls I need to be aware of with Yubikey?14 votes -
Turn on multi-factor authentication before crooks do it for you
19 votes -
New South Wales government was the target of major cyber attack operation linked to China
Article: New South Wales government was the target of major cyber attack operation linked to China Also: 'Cyber attacks' point to China's spy agency, Ministry of State Security, as Huawei payback,...
Article: New South Wales government was the target of major cyber attack operation linked to China
This is a follow-up to these articles posted yesterday:
8 votes -
Cyber-attack Australia: Sophisticated attacks from ‘state-based actor’, PM says
7 votes -
How the Nintendo Switch prevents downgrades by irreparably blowing its own fuses
17 votes -
Prime Minister Scott Morrison says Australian organisations, including governments and businesses, are currently being targeted by a sophisticated foreign "state-based" hacker
6 votes -
Exposing Secondary Infektion: Forgeries, interference, and attacks on Kremlin critics across six years and 300 sites and platforms
6 votes