(x) Blogwatch—not a bot, nor a parody @xBlogwatch
Foolish columns for @SecurityBlvd @ReversingLabs: @RiCHi curates the best bloggy bits, finest forums, and weirdest websites—a/k/a OTOH. Also @DevOpsDotCom’s TLV richi.uk Formerly Computerworld, Forbes Joined August 2016-
Tweets1K
-
Followers74
-
Following1
-
Likes2K
#FourthAmendment is not for sale. So says a bipartisan group of congresscritters. Their bill of the same name passed in the House yesterday. It would prevent US from buying data about Americans. Although #AdTech users could buy whatever they wanted, the gov’t needs a warrant.
#FourthAmendment is not for sale. So says a bipartisan group of congresscritters. Their bill of the same name passed in the House yesterday. It would prevent US from buying data about Americans. Although #AdTech users could buy whatever they wanted, the gov’t needs a warrant.
It’s no secret that cellular carrier reps are subject to bribery. Here’s a great example. Yes, again with the #SIMswapping. Someone seems to have stolen a contact list of T-Mobile employees and is texting them offers of bribes. But T-Mobile denies it’s been hacked—again.
It’s no secret that cellular carrier reps are subject to bribery. Here’s a great example. Yes, again with the #SIMswapping. Someone seems to have stolen a contact list of T-Mobile employees and is texting them offers of bribes. But T-Mobile denies it’s been hacked—again.
#Sisense, a service provider to huge companies including Nasdaq, Verizon and Air Canada, has lost control of its customers’ credentials and access tokens. #CISA warned users of the service to drop everything and rotate or reset their secrets.
Security researchers have found four vulnerabilities that let scrotes take over your #LG TV. They managed to connect via the network and execute commands with root privileges. Sky falling? Or the standard “consumer #IoT” story?
It’s about time: After the EU and some states showed the way, we might finally see a U.S. #privacy law. The billmoms, Sen. Maria Cantwell and Rep. Cathy McMorris Rodgers “certainly have a lot of patience and courage.”
It’s about time: After the EU and some states showed the way, we might finally see a U.S. #privacy law. The billmoms, Sen. Maria Cantwell and Rep. Cathy McMorris Rodgers “certainly have a lot of patience and courage.”
Dusty, moldy, prehistoric protocols from the 1980s and ’90s still underpin our phone networks. Full of security holes, #SS7 and #Diameter allow scrotes to track our locations—whether mobile or wired (ask your parents). The #FCC is asking the industry to do something about it:
#CISA’s Cyber Safety Review Board thinks #Microsoft’s #cybersecurity is rotten. The company needs cultural reform and needs to stop releasing new features until it fixes the problem, the board says:
#CISA’s Cyber Safety Review Board thinks #Microsoft’s #cybersecurity is rotten. The company needs cultural reform and needs to stop releasing new features until it fixes the problem, the board says:
#Google agreed to purge some tracking info older than nine months, in case it was collected in #Chrome’s #Incognito mode. $GOOG is doing it to head off a class action lawsuit from people who believed Incognito was a majick talisman that made websites forget what you told them:
#Google agreed to purge some tracking info older than nine months, in case it was collected in #Chrome’s #Incognito mode. $GOOG is doing it to head off a class action lawsuit from people who believed Incognito was a majick talisman that made websites forget what you told them:
More software supply-chain security shenanigans: #PyPI came under attack earlier, with more than 500 fake packages with similar names to popular ones. Scrotes unknown have been trying to steal cryptocurrency credentials and other secrets:
More software supply-chain security shenanigans: #PyPI came under attack earlier, with more than 500 fake packages with similar names to popular ones. Scrotes unknown have been trying to steal cryptocurrency credentials and other secrets:
#Apple is under fire for not rate limiting its unskippable password-reset prompts. And for having iDevices go BLOOP in the wee small hours—even if on silent. Scrotes are exploiting the flaw, trying to steal your accounts:
#Apple is under fire for not rate limiting its unskippable password-reset prompts. And for having iDevices go BLOOP in the wee small hours—even if on silent. Scrotes are exploiting the flaw, trying to steal your accounts:
#Facebook set up a fake #VPN so it could steal app analytics from social media rivals: That’s the allegation just unsealed in a federal court. #MarkZuckerberg is said to have personally ordered the secret “theft” in the face of competition from #Snapchat, #YouTube and #Amazon:
The #Telegram messaging service has a new feature in testing: #P2PL is a way for people to avoid the expense or exposure of #SMS verification. Some countries charge an arm and a leg for text messages—and others block Telegram entirely.
The drumbeat is getting louder: The West is fed up of #China hacking it. The latest concern is the #PRC stealing defense secrets via two catastrophically bad bugs: By chaining flaws in F5 BIG-IP and ConnectWise ScreenConnect, Chinese state actors have broken into countless orgs.
#Apple chip designers tried to make CPUs more speedy, but in fact made them less secure. A team of academics found a way to exploit a bug in the #M1, #M2 and #M3 processors that let them steal secrets—such as #encryption keys. They’re calling it #GoFetch:
The #water sector is failing in its duty to resist attacks from foreign adversaries. That’s the blunt message from the #EnvironmentalProtectionAgency and the President’s advisor on national security:
The #water sector is failing in its duty to resist attacks from foreign adversaries. That’s the blunt message from the #EnvironmentalProtectionAgency and the President’s advisor on national security:
As House bill to force #ByteDance to divest #TikTok gains momentum, #EFF weighs in against it. In a nutshell, the argument is: We need privacy protections from all apps—not just TikTok—and the #constitution prevents laws limiting speech (even state sponsored #misinformation).
As House bill to force #ByteDance to divest #TikTok gains momentum, #EFF weighs in against it. In a nutshell, the argument is: We need privacy protections from all apps—not just TikTok—and the #constitution prevents laws limiting speech (even state sponsored #misinformation).
Hackers stole 20 years of personal data relating to job seekers from a #French agency. And it went unnoticed for five weeks. The boss of #FranceTravail, Alexandre Saubot, has a right to look grim (as pictured).
Hackers stole 20 years of personal data relating to job seekers from a #French agency. And it went unnoticed for five weeks. The boss of #FranceTravail, Alexandre Saubot, has a right to look grim (as pictured).
#Google announced its 2023 payout tally for the #VulnerabilityRewardsProgram (VRP). #BugBounty cash for flaws in #Chrome, #Android, #Bard and other Googly code totaled eight figures last year alone.
#Google announced its 2023 payout tally for the #VulnerabilityRewardsProgram (VRP). #BugBounty cash for flaws in #Chrome, #Android, #Bard and other Googly code totaled eight figures last year alone.
#CISA had to take down two important systems last month after an #Ivanti bug was exploited. The U.S. agency won’t say whodunnit, but it had previously fingered #China. Sounds like they just didn’t take their own good advice—don’t you think?
US intelligence community urging #Congress to ban #TikTok. Or, at least, to force Chinese parent #ByteDance to divest the #privacy-busting app. We already know it’s been abusing kids’ data, we’re told it’s been spying on journalists, and the feds say it’s a #Communist Party tool
US intelligence community urging #Congress to ban #TikTok. Or, at least, to force Chinese parent #ByteDance to divest the #privacy-busting app. We already know it’s been abusing kids’ data, we’re told it’s been spying on journalists, and the feds say it’s a #Communist Party tool
Elon Musk @EMusk47497
8 Followers 355 Following Passionate about shaping the future with Elon Musk's ventures. SpaceX aficionado, and Tesla believer. Join me as we journey into the next frontier.#Elon#TeslaMaybe I'm Dave Liny. .. @SteveLINY
1K Followers 749 Following Breaking products you know & love for the betterment of humanity. Opinions made under duress & not those of my employer, family, friends or myself. Send help.Security Boulevard @securityblvd
7K Followers 2K Following The primary destination for leading cybersecurity news and discourse. Powered by @TechstrongGroup.soussv @soussvv
1 Followers 53 FollowingTechstrong Group @TechstrongGroup
725 Followers 113 Following The power source for people and technology. Home of @DevOpsdotcom, @SecurityBoulevard, @ContainerJrnl, @DigCxO, @Techstrongai, @TechstrongTV & @TechstrongLrn.StarWind @starwindsan
9K Followers 7K Following All about #StarWind and #virtualization #VSAN #HyperConverged #HCI #SDS #StarWind_handy #StarWind_how_to #StarWind_webinar #StarWind_success_storySharon Florentine @MyShar0na
2K Followers 749 Following Editor. Writer. Mom. SJW. Hockey fan, thrift-store shopper extraordinaire, music geek, pit bull lover, punk, anarcha-feminist, nerd. Tweets are my own.7urn3r.d @dturner_tech
471 Followers 2K Following cybersecurity:: technophile:: we're all going to die:: wear a mask::Tim Schuebel @PGobblefarts
907 Followers 5K Following “Truth is like poetry. And most people hate poetry.” https://t.co/mEgmfk2RvzTechBeacon @TechBeaconCom
14K Followers 3K Following Independent network by/for practitioners of #agile #appsec #infosec #DataSecurity #DevOps #ITOps #quality. A guiding light brought to you by @MicroFocusChristine Hall @Bride.. @BrideOfLinux
5K Followers 1K Following FOSS loving tech journalist. Publishes FOSS Force. Formerly with ITPro Today, Data Center Knowledge, & Informa Tech. #Linux #OpenSource Tweets are my own.Silent Storm @Silent_Strom1
93 Followers 730 Following تَهِہ قـــِصِہ مـیدونے ڪُجآس؟ جــــــــــآے ڪِہ بــــــــــِہ خودِه خُــــــــــدآم بِــــــــــڱے تُرُو خُــــــــــــدآshihab vadakkedath @mallfanns
10 Followers 75 FollowingGiuseppe Fragapane @peppeallsell
106 Followers 687 FollowingJim Shade @theshades4
58 Followers 308 Following I love Jesus and my awesome sons Isaac and Ben and my wonderful wife Jeni!!!Crypto / Stock Tradin.. @10lambert
972 Followers 3K Following INFORMATION ONLY - NOT INVESTMENT ADVICE, it's been said that beauty is skin deep but real beauty springs out from your soul like lightning from the skyعلي الكعبي @moon13011
359 Followers 2K Following *كل كاتب يفنى ويبقي الدهر ماكتبت يداه فلاتكتب بخطك غير شيء يسرك في القيامة ان تراه*أبو الدكتور.. @sayed_Elwakil
338 Followers 893 Following ضاكتور علاج طبيعي اطفال واعصاب وعنايات مركزة و بصلح رداوي كهربائية 😂#هذا_البروفايل_هزلي_ساخر_لاعلاقة_له_بالواقعPaul J. Scardicchio @PJScardicchio23
49 Followers 158 FollowingGary Anderson @UnsocialGander
319 Followers 2K Followingakinoye olutayo @DrTmIgHtY
251 Followers 2K Following I AM A COOL HEADED ,GENTLE AND GOD FEARING GUY....I ALWAYS THINK ABOUT WHAT I CAN DO TO IMPROVE.Everton Edwards @Evertone111
203 Followers 2K Following I'm Afro-British Jamerican Citizen. A single dad with daughter & grandson. A carpenter, a christain likes entertainment, sports, etc.Viviane T Canalonga @VCanalonga
251 Followers 2K FollowingTortas Bionicos Nice @TortasBionicos
214 Followers 533 Following -- Call in and pick up -- (714) 557-2810 222 E Warner Ave. We have the best Mexican food in Orange County. Fresh fruit salads, Famous Tortas, Tacos & more.qasim @KacemShaaban
28 Followers 47 FollowingMynor Ruben Argueta @RubenMynor
81 Followers 281 FollowingAbo MOSTAFA @elhamdmktb
489 Followers 1K Following ﷽:﴿إنّ اللَّهَ ومَلَائِكَتهُ يُصَلُّون على النبيِّ ياأيُّها ٱلّذين آمنُوا صَلُّواْ عَلَيهِ وسلِّمُوا تَسْلِيمًا﴾(اﻷحزاب:56)Md Ahmad Raza @MdAhmadRaza20
77 Followers 526 FollowingClintJocoy @ClintJocoy
197 Followers 2K Following Employed by #FullThrottleSaloon, Was Executive #Chef -Ex-I.T. Guy. #FreeThinker, Uber-geek, and/or nerdologist. Lover of #Food and #Tech!Peter Hulbert @Peterhulbert195
6K Followers 12K Following CEO @ Firkem Hall. The Truth Is Out There But The Media Won't Tell You. RT is not necessarily an endorsement and calling me a racist is a waste of your time.Richi Jennings @richi.. @RiCHi
47K Followers 7K Following Foolish #analyst/#editor: @TechstrongGroup @ReversingLabs @OstermanRschAre you a #FANFSA fan? The #WhiteHouse isn’t. It says the bill “threatens national security.” It’s a privacy win, some say, but the #Biden administration is set against the bill. In #SBBlogwatch, we’re of two minds. At @TechstrongGroup’s @securityblvd: securityboulevard.com/2024/04/fourth…
Not OK: #SMS #2FA — Widespread spam targets carrier employees, as scrotes try harder to evade 2FA. Here’s the soft underbelly of the insider threat model. In #SBBlogwatch, we balk at the three-Benjamin bribes. At @TechstrongGroup’s @securityblvd: securityboulevard.com/2024/04/sim-sw…
A hard-coded credential catastrophe: The analytics firm kept big companies’ secrets in an insecure #AWS bucket. Sources say #Sisense stopped storing secrets securely. In #SBBlogwatch, we facepalm hard. At @TechstrongGroup’s @securityblvd: securityboulevard.com/2024/04/sisens… #CISA
4×CVE=RCE or Merely CE? Update your LG TV now, or let hackers root it. But is #Bitdefender overhyping the issue? Is it really possible to hack #LG TVs remotely? In #SBBlogwatch, we update anyway. At @TechstrongGroup’s @securityblvd: securityboulevard.com/2024/04/lg-sma…
Enter the lobbyists: A draft federal #privacy act has DC buzzing. But it’s just a bill—and it’s a long, long journey to be a law. Let’s face it, we’ve been here before. In #SBBlogwatch, we hope against hope. At @TechstrongGroup’s @securityblvd: securityboulevard.com/2024/04/apra-u… #APRA
Fast enough for government work: The Federal Communications Commission is finally minded to do something about decades-old vulns. We’ve known about the problems since the mid-1990s. In #SBBlogwatch, we ask, “Why now?” At @TechstrongGroup’s @securityblvd: securityboulevard.com/2024/04/fcc-ss…
Short term gain for long term pain? Class action asked for $5,000 per user, but got nothing—except assurances #Google will delete data it no longer needs. In #SBBlogwatch, we wonder if Google’s opened the floodgates. At @TechstrongGroup’s @securityblvd: securityboulevard.com/2024/04/chrome…
Emergency stop button: #Python Package Index was drowning in malicious code again, so they had to shut down registration. Yes, it’s happened yet again. In #SBBlogwatch, we ask if it’s time for a #CodeReuse rethink. At @TechstrongGroup’s @securityblvd: securityboulevard.com/2024/03/pypi-s…
Rethink different: First, fatigue frightened users with multiple modal nighttime notif’s. Next, call and pretend to be #Apple support. The idea is to wear down your defenses. In #SBBlogwatch, forewarned is forearmed. At @TechstrongGroup’s @securityblvd: securityboulevard.com/2024/03/mfa-bo…
#Meta #MITM #IAAP #SSLbump: Zuck ordered “Project #Ghostbusters”—with criminal consequences, says class action lawsuit. NOW will you stop using that “free” #VPN? In #SBBlogwatch, we are the product. At @TechstrongGroup’s @securityblvd: securityboulevard.com/2024/03/ghostb…
Scary #SMS shenanigans: Avoid #Telegram’s new “Peer-To-Peer Login” program if you value your privacy or your cellular service. And you can help people in those places! In #SBBlogwatch, we think we might not want to. At @TechstrongGroup’s @securityblvd: securityboulevard.com/2024/03/telegr…
#UNC5174 ❤ #UNC302: CVSS 10 and 9.8 vulnerabilities exploited by Chinese threat actor for People’s Republic. And now the Brits are ratcheting up #sanctions. In #SBBlogwatch, we duck and cover. At @TechstrongGroup’s @securityblvd: securityboulevard.com/2024/03/china-…
GoFAIL: Researchers worm their way into broken #cache-filling microcode in most Macs and iPads. It’s yet another #prediction faux pas. In #SBBlogwatch, we cache in on the #GoFetch story. At @TechstrongGroup’s @securityblvd: securityboulevard.com/2024/03/apple-…
#Iran and #China fingered: #Biden admin. chides governors: #Water infra. lacks “even basic #cybersecurity precautions.” “We appreciate your attention to this important issue.” In #SBBlogwatch, we avoid the K-word. At @TechstrongGroup’s @securityblvd: securityboulevard.com/2024/03/water-…
7521 momentum builds: Shou Zi Chew plays for time, while #EFF says #TikTok-kill bill is DOA. EFF: Useful idiots? Or concerned guardians of freedom? In #SBBlogwatch, we see the irony. At @TechstrongGroup’s @securityblvd: securityboulevard.com/2024/03/tiktok…
Wanna be a #VRP VIP? Last year, $GOOG paid $10 million to #EthicalHackers for finding #vulnerabilities. But was it worth it? In #SBBlogwatch, we visualize 100,000 Benjamins. At @TechstrongGroup’s @securityblvd: securityboulevard.com/2024/03/google…
Free rides and traffic jams: #Cybersecurity Agency penetrated in February, via vuln in #Ivanti. Agency director Jen Easterly (pictured) is a bit red faced. In #SBBlogwatch, we shelter from the rain on your wedding day. At @TechstrongGroup’s @securityblvd: securityboulevard.com/2024/03/cisa-i…
Hilltop BillTok: #ByteDance mobilizing addicted user base, as U.S. #TikTok ban steamrolls through Capitol Hill after unanimous committee vote. Is ByteDance playing dirty? In #SBBlogwatch, we cheer on democracy. At @TechstrongGroup’s @securityblvd: securityboulevard.com/2024/03/tiktok…
Shooper Choosday: Was yesterday’s #Meta #outage outrage caused by a Russian #DDoS? #AnonymousSudan If it was, Zuck&Co. need to beef up a weak point, pronto. In #SBBlogwatch, we can’t help notice yesterday’s date. At @TechstrongGroup’s @securityblvd: securityboulevard.com/2024/03/meta-d…
Skrik: Researchers #worm themselves into your nightmares. #GenerativeAI can be fooled into stealing info, sending spam and spreading disinformation. Think about it: That’s frightening. In #SBBlogwatch, we try not to. At @TechstrongGroup’s @securityblvd: securityboulevard.com/2024/03/compro…