FreshRSS

πŸ”’
β–³ πŸ”ƒ
☐ β˜† βœ‡ WIRED

House Votes to Extendβ€”and Expandβ€”a Major US Spy Program

By Dell Cameron β€” April 12th 2024 at 19:30
The US House of Representatives voted on Friday to extend the Section 702 spy program. It passed without an amendment that would have required the FBI to obtain a warrant to access Americans’ information.
☐ β˜† βœ‡ WIRED

Change Healthcare Faces Another Ransomware Threatβ€”and It Looks Credible

By Andy Greenberg, Matt Burgess β€” April 12th 2024 at 18:25
Change Healthcare ransomware hackers already received a $22 million payment. Now a second group is demanding money, and it has sent WIRED samples of what they claim is the company's stolen data.
☐ β˜† βœ‡ /r/netsec - Information Security News & Discussion

CVE 10.0 vulnerability in PAN-OS

By /u/kerubi β€” April 12th 2024 at 09:29

This issue is applicable only to PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 firewalls with the configurations for both GlobalProtect gateway and device telemetry enabled.

No patch yet, apply mitigations. Actively exploited.

submitted by /u/kerubi
[link] [comments]
☐ β˜† βœ‡ WIRED

DuckDuckGo Is Taking Its Privacy Fight to Data Brokers

By Matt Burgess β€” April 11th 2024 at 12:00
Privacy-focused company DuckDuckGo is launching a tool to remove data from people-search websites, a VPN, and an identity theft restoration service.
☐ β˜† βœ‡ WIRED

Trump Loyalists Kill Vote on US Wiretap Program

By Dell Cameron β€” April 10th 2024 at 20:15
An attempt to reauthorize Section 702, the so-called crown jewel of US spy powers, failed for a third time in the House of Representatives after former president Donald Trump criticized the law.
☐ β˜† βœ‡ WIRED

How to Stop Your Data From Being Used to Train AI

By Matt Burgess, Reece Rogers β€” April 10th 2024 at 11:30
Some companies let you opt out of allowing your content to be used for generative AI. Here’s how to take back (at least a little) control from ChatGPT, Google’s Gemini, and more.
☐ β˜† βœ‡ WIRED

Section 702: The Future of the Biggest US Spy Program Hangs in the Balance

April 9th 2024 at 20:21
The US Congress will this week decide the fate of Section 702, a major surveillance program that will soon expire if lawmakers do not act. WIRED is tracking the major developments as they unfold.
☐ β˜† βœ‡ /r/netsec - Information Security News & Discussion

Streamline Threat Hunting: Shortemall Automates Short URL Analysis with a Click

By /u/osint_matter β€” April 8th 2024 at 18:13

Short'Em All is a URL scanning tool trusted by CTI Analysts and Security Researchers. It's designed to scan short URLs and provide insights into potential security risks or useful information. This tool automates the process of scanning URLs, allowing users to focus on analyzing the results.

submitted by /u/osint_matter
[link] [comments]
☐ β˜† βœ‡ WIRED

AI Scam Calls: How to Protect Yourself, How to Detect

By Reece Rogers β€” April 8th 2024 at 11:30
AI tools are getting better at cloning people’s voices, and scammers are using these new capabilities to commit fraud. Avoid getting swindled by following these expert tips.
☐ β˜† βœ‡ WIRED

A Breakthrough Online Privacy Proposal Hits Congress

By Makena Kelly β€” April 7th 2024 at 21:13
While some states have made data privacy gains, the US has so far been unable to implement protections at a federal level. A new bipartisan proposal called APRA could break the impasse.
☐ β˜† βœ‡ WIRED

Best Privacy Browsers (2024): Brave, Safari, Ghostery, Firefox, DuckDuckGo

By David Nield β€” April 6th 2024 at 12:30
Ad trackers are out of control. Use a browser that reins them in.
☐ β˜† βœ‡ WIRED

Identity Thief Lived as a Different Man for 33 Years

By Dell Cameron, Andrew Couts β€” April 6th 2024 at 09:00
Plus: Microsoft scolded for a β€œcascade” of security failures, AI-generated lawyers send fake legal threats, a data broker quietly lobbies against US privacy legislation, and more.
☐ β˜† βœ‡ /r/netsec - Information Security News & Discussion

Don't trust the cache :Exposing Web cache vulnerabilities

By /u/anasbetis94 β€” April 5th 2024 at 17:13

I tried to gather all the related Web Cache vulnerabilities techniques into one blog post.

submitted by /u/anasbetis94
[link] [comments]
☐ β˜† βœ‡ /r/netsec - Information Security News & Discussion

Wifi credential dumping

By /u/S3cur3Th1sSh1t β€” April 5th 2024 at 09:13

My latest blog post

submitted by /u/S3cur3Th1sSh1t
[link] [comments]
☐ β˜† βœ‡ WIRED

A Vigilante Hacker Took Down North Korea’s Internet. Now He’s Taking Off His Mask

By Andy Greenberg β€” April 4th 2024 at 09:00
As β€œP4x,” Alejandro Caceres single-handedly disrupted the internet of an entire country. Then he tried to show the US military how it canβ€”and shouldβ€”adopt his methods.
☐ β˜† βœ‡ WIRED

The Mystery of β€˜Jia Tan,’ the XZ Backdoor Mastermind

By Andy Greenberg, Matt Burgess β€” April 3rd 2024 at 13:54
The thwarted XZ Utils supply chain attack was years in the making. Now, clues suggest nation-state hackers were behind the persona that inserted the malicious code.
☐ β˜† βœ‡ /r/netsec - Information Security News & Discussion

/r/netsec's Q2 2024 Information Security Hiring Thread

By /u/netsec_burn β€” April 2nd 2024 at 18:53

Overview

If you have open positions at your company for information security professionals and would like to hire from the /r/netsec user base, please leave a comment detailing any open job listings at your company.

We would also like to encourage you to post internship positions as well. Many of our readers are currently in school or are just finishing their education.

Please reserve top level comments for those posting open positions.

Rules & Guidelines

Include the company name in the post. If you want to be topsykret, go recruit elsewhere. Include the geographic location of the position along with the availability of relocation assistance or remote work.

  • If you are a third party recruiter, you must disclose this in your posting.
  • Please be thorough and upfront with the position details.
  • Use of non-hr'd (realistic) requirements is encouraged.
  • While it's fine to link to the position on your companies website, provide the important details in the comment.
  • Mention if applicants should apply officially through HR, or directly through you.
  • Please clearly list citizenship, visa, and security clearance requirements.

You can see an example of acceptable posts by perusing past hiring threads.

Feedback

Feedback and suggestions are welcome, but please don't hijack this thread (use moderator mail instead.)

submitted by /u/netsec_burn
[link] [comments]
☐ β˜† βœ‡ WIRED

The XZ Backdoor: Everything You Need to Know

By Dan Goodin, Ars Technica β€” April 2nd 2024 at 08:00
Details are starting to emerge about a stunning supply chain attack that sent the open source software community reeling.
☐ β˜† βœ‡ WIRED

The Incognito Mode Myth Has Fully Unraveled

By Dell Cameron, Andrew Couts β€” April 1st 2024 at 21:22
To settle a years-long lawsuit, Google has agreed to delete β€œbillions of data records” collected from users of β€œIncognito mode,” illuminating the pitfalls of relying on Chrome to protect your privacy.
☐ β˜† βœ‡ /r/netsec - Information Security News & Discussion

Last part of Lord Of The Ring0

By /u/Idov31 β€” April 1st 2024 at 13:36

Last chapter of my windows kernel development series with usermode and kernel mode memory patching, AMSI bypass driver and more

submitted by /u/Idov31
[link] [comments]
☐ β˜† βœ‡ WIRED

A Ghost Ship’s Doomed Journey Through the Gate of Tears

By Matt Burgess β€” April 1st 2024 at 06:00
Millions lost internet service after three cables in the Red Sea were damaged. Houthi rebels deny targeting the cables, but their missile attack on a cargo ship, left adrift for months, is likely to blame.
☐ β˜† βœ‡ WIRED

You Should Update Apple iOS and Google Chrome ASAP

By Kate O'Flaherty β€” March 31st 2024 at 10:00
Plus: Microsoft patches over 60 vulnerabilities, Mozilla fixes two Firefox zero-day bugs, Google patches 40 issues in Android, and more.
☐ β˜† βœ‡ WIRED

Yogurt Heist Reveals a Rampant Form of Online Fraud

By Andy Greenberg, Andrew Couts β€” March 30th 2024 at 13:00
Plus: β€œMFA bombing” attacks target Apple users, Israel deploys face recognition tech on Gazans, AI gets trained to spot tent encampments, and OSINT investigators find fugitive Amond Bundy.
❌