Mike Waltz - The gift that keeps on giving

https://www.404media.co/mike-waltz-accidentally-reveals-obscure-app-the-government-is-using-to-archive-signal-messages/

Bei der Techniker Kasse hat man es anscheinend nicht verstanden:

"Bei Sicherheitsbedenken wägt der TK-Chef ab: Zwar gebe es keine absolute Sicherheit, aber auch analoge Daten seien nicht sicher. In eine Praxis einzubrechen und dort Aktenordner zu klauen sei einfach."

Bei der ePA kann man im Erfolgsfall Millionen Datensätze abziehen. Das ignoriert der TK Chef komplett. Die Attraktivität für Angreifer ist ebenso wie der mögliche Schaden deutlich höher.

#EFF Leads Prominent #Security Experts in Urging Trump Administration to Leave #ChrisKrebs Alone
Political Retribution for Telling the Truth Weakens the Entire #Infosec Community and Threatens Our #Democracy; Letter Remains Open for Further Sign-Ons
https://www.eff.org/press/releases/eff-leads-prominent-security-experts-urging-trump-administration-leave-chris-krebs
#ITSecurity #ITSec #CISA

Whoa, hearing ProtonMail got blocked in India... supposedly over deepfakes? That's pretty wild stuff.

It really drives home how fast new tech can spawn problems we just don't have easy answers for yet, doesn't it? You know, end-to-end encryption is super important, absolutely vital even, but let's be real – it's not some magic wand that fixes everything.

So, it leaves us wrestling with the big question: How do we actually protect people from misuse like this without just jumping straight to heavy-handed censorship?

Putting on my pentester hat for a sec, I can't help but feel the providers themselves have a part to play here. Do they need to step up their game? Or is this whole situation just way more complicated than it looks on the surface?

Seriously curious to hear what you all think about this. Drop your thoughts below!

alright, a vulnerability for educational institutions using the contentkeeper software.
if you are using the on prem appliance, and you have it reconfigured to reroute to a uRL (EG blockage.example.com) it obviously has strings.
these strings can be manipulated in order to turn it around and say someone else did it. for example, if the person is John do and their email is jdoh@studentschool.org and they got caught and redirected to this url, this means that they can manipulate the URL to change the email to say, a staff member, and make it seam like someone else visited that website. weather this can be done in realtime, I am sure it can.
my recommendation is that you do not have it redirect t9o a URL and in stead, just have it stay on that same webpage they are trying to access while displaing it there. alternatively, relay the block page someware static which doesn't reveal any of this information. for example https://blindsoft.net/sorry.html which has a static page. (if it's an option).
#cybersecurity #it #itsec

Мяу в ИБ часть 1

Сижу в ИБ очень долго, ещё с ранних лет, пора бы начать оставлять пару заметочек для мира.

Не люблю полумеры, антивирусы, блокировки USB и прочих накопителей, пароли на компах без инструктажа персонала, отсутствие шифрования, бесполезное затирание данных.

Все это фигня, потому что есть нормальные инструменты и меры которыми можно спасти ИБ, это-извращение.

Бонус: ИБ который защищает от сотрудников а не от злоумышленников. Зачем блокировать экран если нету FDE? Или зачем на охране бабушки которые проверяют твои сумки для галочки?

Who needs #phishing when your login's already in the wild?
Stolen #credentials edge out email tricks for cloud break-ins because they're so easy to get
Criminals used stolen credentials more frequently than email phishing to gain access into their victims' IT systems last year, marking the first time that compromised login details claimed the number two spot in Mandiant's list of most common initial infection vectors.
https://www.theregister.com/2025/04/23/stolen_credentials_mandiant/
#itsec #security

No, not #Microsoft #Copilot.

It's Microsoft Copirate!

First seen in this excellent talk by the security researcher Johann Rehberger:

SpAIware & More: Advanced Prompt Injection Exploits in #LLM Applications:

https://inv.nadeko.net/watch?v=84NVG1c5LRI
(or YT: https://www.youtube.com/watch?v=84NVG1c5LRI)

Hm.

https://www.golem.de/news/kurz-nach-offenlegung-chatgpt-und-claude-liefern-exploit-fuer-kritische-ssh-luecke-2504-195579.amp.html

"Whistleblower org says DOGE may have caused 'significant cyber breach' at US labor watchdog"

Within minutes of DOGE staffers creating accounts, servers in Russia started attaching to the computers affected.

Is anyone surprised at this point?

#doge #musk #trump #uspol #russia #itsec #itsecurity

https://www.reuters.com/technology/cybersecurity/whistleblower-org-says-doge-may-have-caused-significant-cyber-breach-us-labor-2025-04-15/

Found a Linux Security Cookbook (O'Reilly) of 2003 in the #straze #library - still interesting to browse through.
#greifswald #linux #itsec

I took an ITSec training today that gave "Thi5izmyP4ssWord!" as an example of a good password to use. I'm curious what people think of a password like this.
#ITSec #security #passwords