-
11 votes
-
More than 1,000 people at Twitter had ability to aid hack of accounts
8 votes -
New ‘Meow’ attack has deleted almost 4000 unsecured databases
14 votes -
Hardening Debian
6 votes -
Garmin services and production go down after ransomware attack
16 votes -
A timeline of Wednesday's epic Twitter hack, and some clues about who may have been behind it
19 votes -
The massive Twitter hack could be a global security crisis
20 votes -
Apple, Elon Musk, Kanye West, and other accounts are tweeting a bitcoin scam in giant Twitter hack
49 votes -
Twitter is removing images of an internal tool sources say enables account takeover
11 votes -
The phone bill security hole in HIPAA
5 votes -
The TikTok war - How TikTok exposed Facebook's blindspot, and why its Chinese roots make TikTok a genuine concern
8 votes -
Why is a tech executive installing security cameras around San Francisco?
10 votes -
Amazon orders employees to remove TikTok from phones, then backtracks
10 votes -
Can our electronic ballots be both secret and secure? A mathematician's quest to make American elections more trustworthy
4 votes -
Indian government bans fifty-nine Chinese apps for security reasons
11 votes -
Increasing personal security online and Yubikey
I have recently noticed an uptick in phishing emails and SMSs, getting me to click on some malicious link and this has been troubling me. I am fairly good about what I click and so far I haven't...
I have recently noticed an uptick in phishing emails and SMSs, getting me to click on some malicious link and this has been troubling me.
I am fairly good about what I click and so far I haven't clicked anything malicious (I think). However, this has motivated me to up my online security.All my computers run Linux and I use an Android phone.
For browsing I use Firefox, with NoScript (and uBlock) and use containers for separating personal/shopping sites, etc.
I also have host file blocking on my computers and phone (using AdAway).I do have a pi-hole setup at home as well.
I also have 2FA setup on all my banking accounts, email accounts etc.
However all my banking account 2FA is still just using SMS. Which I think is now easily circumvented.
Email accounts do use Authenticator apps (like Authy and Google Authenticator).I also use a password manager (this one), which works well for me, but is only available on my computer and not from my phone. I am split between having my password manager available on my phone tho, since it is always on me and could be stolen or have something malicious installed on. What do you guys think? I am wary of services like LastPass, is that valid?
So I wanted to start a thread to discuss what do you guys do to stay safe online?
I am also considering getting a pair of Yubikey (one backup), are there any caveats/pitfalls I need to be aware of with Yubikey?14 votes -
Turn on multi-factor authentication before crooks do it for you
19 votes -
New South Wales government was the target of major cyber attack operation linked to China
Article: New South Wales government was the target of major cyber attack operation linked to China Also: 'Cyber attacks' point to China's spy agency, Ministry of State Security, as Huawei payback,...
Article: New South Wales government was the target of major cyber attack operation linked to China
This is a follow-up to these articles posted yesterday:
8 votes -
Cyber-attack Australia: Sophisticated attacks from ‘state-based actor’, PM says
7 votes -
Exposing Secondary Infektion: Forgeries, interference, and attacks on Kremlin critics across six years and 300 sites and platforms
6 votes -
Obscure Indian cyber firm spied on politicians, investors worldwide
5 votes -
What are secure alternatives to slack, and what are your experiences with them?
First, some context. The latest from the US justice department saying that they will be focusing on finding "ANTIFA leaders" is incredibly troubling for anyone involved in leftist groups. I...
First, some context. The latest from the US justice department saying that they will be focusing on finding "ANTIFA leaders" is incredibly troubling for anyone involved in leftist groups. I foresee a lot of good activists, regardless of how far left they actually are, arrested on trumped up charges in order to squash opposition.
Organizing is essential to resist fascism. This is made more difficult by the pandemic, as in person meetings bring a huge, almost unacceptable risk. As such, many orgs have been turning to platforms like Slack instead. Trouble is, Slack logs are not encrypted and I am certain that as a business based in the US Slack will not put up a fight to keep user data safe if the feds come calling.
I'd like to collect a decent list of alternatives. Important factors include encryption, ownership, open source status, ease of use, federation, scalability, hosting, cross platform, and anything else you can think of.
23 votes -
macOS 10.15.5 has a trivial bug or a ‘reprehensible’ security decision
7 votes -
Gopass - The team password manager
7 votes -
Edison Mail vulnerability allowing unauthorized access to email accounts of other users
4 votes -
The confessions of Marcus "MalwareTech" Hutchins, the hacker who stopped WannaCry and was arrested by the FBI in 2017
33 votes -
Zoom acquires Keybase and announces goal of developing the most broadly used enterprise end-to-end encryption offering
38 votes -
CISSP qualification given cert status equivalent to Master’s degree level in Europe
3 votes -
Adobe patches sixteen critical flaws in Acrobat and Reader, Digital Negative SDK
5 votes -
Microsoft and Intel project converts malware into images before analyzing it
10 votes -
Firefox Private Relay - Generate unique, random, anonymous email addresses
33 votes -
Microsoft's GitHub account allegedly hacked, 500GB stolen
11 votes -
Face ID doesn’t work when you’re wearing a mask—Apple’s about to address that
12 votes -
Love Bug's creator tracked down to repair shop in Manila
7 votes -
The real impact of an open redirect vulnerability
4 votes -
Hyperdome - the safest place to reach out
5 votes -
Is Border Gateway Protocol safe yet? No
4 votes -
After 9/11, Americans gave up privacy for security. Will we make the same trade-off after COVID-19?
21 votes -
Microsoft buys Corp.com so bad guys can’t
17 votes -
Thousands of Zoom cloud recordings have been exposed on the web because of the way Zoom names its recordings in unprotected AWS buckets
24 votes -
zWarDial, an automated tool to find unprotected Zoom meetings
7 votes -
Webcam hacking—The story of how I gained unauthorized Camera access on iOS and macOS
4 votes -
Does Linux need antivirus?
18 votes -
EARN IT act is a direct attack on end-to-end encryption
25 votes -
The case for limiting your browser extensions
9 votes -
Sophos has received an offer to be acquired for $3.9 billion by private-equity firm Thoma Bravo
8 votes -
EU Commission to staff: Switch to Signal messaging app
14 votes -
Policy vs technology
15 votes -
I got a Ring doorbell camera. It scared the hell out of me.
11 votes -
Amazon Ring updates device security and privacy, including adding mandatory two-factor auth—but continues ignoring larger concerns
9 votes