Frühere Suchanfragen
Suchoptionen
#opsec
25 Beiträge22 Beteiligte1 Beitrag heute
Antwortete im Thread
@ulrichkelber gibt es Informationen darüber, wie @zendis sich gegen #supplyChain -Attacken und Sicherheitslücken in den zugrundeliegenden #OpenSource -Lösungen von #OpenDesk und #OpenCode wappnet, um zusätzlich zur #Souveränität auch die IT-Sicherheit der Systeme ausreichend sicherzustellen? Wie wird bei der Weiterenwicklung und Updates geprüft, damit kein Schadcode eingeschleust wird?
#ITSecurity #Zendis #OpenSource #HybriderKrieg #OpSec #Kritis
The chiropractors of IT #itsecurity #opsec #itsec
Here's a somewhat novel #LinkedIn connection request scam.
I am not, actually, connected to the person named in the message sent with this connection request. In other words, "Notice you're connected with her," is simply a lie. Did they think I wouldn't notice, or what? I suppose maybe some people wouldn't.
Needless to say I blocked this person. I am careful in general about whom I connect with on LinkedIn, but I especially don't want to interact with dirtbag scammers.
#infosec #opsec #scam
![LinkedIn connection request from "Paul Bereschi", whose bio line describes him as "Engineering Teams for Ambitious Founders | Sales and Marketing Specialist @ Duty…"
The message in the connection request says, "Hi Jonathan - do you know [blurred] personally? Noticed you're connected with her. We worked with her on the [blurred] website. Let's connect as well!"](https://cdn.masto.host/federatesocial/media_attachments/files/114/297/076/434/130/753/original/9914cdf56d4aca9c.png "LinkedIn connection request from \"Paul Bereschi\", whose bio line describes him as \"Engineering Teams for Ambitious Founders | Sales and Marketing Specialist @ Duty…\"
The message in the connection request says, \"Hi Jonathan - do you know [blurred] personally? Noticed you're connected with her. We worked with her on the [blurred] website. Let's connect as well!\"")
Are activists still using proton mail? What's a good provider for an antizionist group?
Antwortete Robert [KJ5ELX] 
@0xF21D The way I see it is that even if end-user device security is poor, proper E2EE such as that used by Signal still provides a significant benefit: It shifts the burden of an attacker from wholesale dragnet surveillance (which is easy to do in bulk) to focused attack targetting (very difficult to do in bulk, especially inconspiciously).
*Even if* device security sucks, which would equally impact other services as well, that *still* provides a privacy benefit.
Don't let the mainstream news media convince you that #signal is a bad choice for end-to-end encryption. What the media fails to do is convince you that the state of security on end user devices ends up bad because people are prone to making bad decisions.
It was the Iphone Contact algorithm all along!
https://www.theguardian.com/us-news/2025/apr/06/signal-group-chat-leak-how-it-happene
File under "if there are people there are security holes":
❝
Messages obtained by PressProgress suggest the group chat was created to give convoy leaders and their lawyers the ability to coordinate "media messaging / comms strategy" with "alt media/ influencers," who were cautioned that the "language we use. is incredibly important.
An 88-page document with instructions on messaging and narrative control was made available to the alt media personalities and influencers by a lawyer with the right-wing Justice Centre for Constitutional Freedoms. Numerous group chat messages show its members exchanging information, debating ways to counter anti-convoy narratives and identifying tweets to share and amplify
❞
So, folks - we need to have a chat. I've seen a large number of #handsoff #protest photos. While I am deeply grateful to anyone protesting in whatever form, please keep from posting photos that reveal faces and/or identities of people you haven't have explicit permission from.
#OpSec is incredibly hard - protestors might not be aware of the (possible) consequences of having their identities posted and shared online.
It still needs to be a choice, whether any individual wants to be linked to the protest they've partaken in. Even if they did not wear a mask.
1/
Don't be victim of corporate IT. Make sure your travels include Edgemap pouch which enhances your preparedness and resilience when you need them most. Check out my latest article on this [1].
[1] https://resilience-theatre.com/wiki/doku.php?id=articles:plan_ahead
this was forwarded to me via a third party to share with you.
these aren’t just big cities that this has been happening in.
Altoona, PA 
#handsoff
#resist
#apr5
#encrypted #opsec
#NAFO
@youranoncentral.bsky.social
#truthovernarrative
Talk about a wild story coming out about EncryptHub! 
Bagging bug bounties *while* simultaneously spreading malware? Seriously, what kind of mentality is that?
This whole situation really hammers home just how vital security awareness is, even for people deep in the tech world. Talk about a massive OPSEC fail! 
It's a stark reminder that you've *really* got to be vigilant about what you're doing and where you're doing it online.
And speaking of awareness... you know how it goes when you hear clients say, "Oh, we're totally secure, we've got a firewall!"? 
Riiiight...
#infosec #opsec #cybersecurity
So, spill the tea: what are some of the biggest OPSEC blunders you've personally witnessed out there? Let's hear 'em!
Ditching the Cloud: Running Syncthing Like a Ghost #OPSEC #Cybersecurity #PrivacyMatters #SelfHosting #Decentralization #DataSovereignty #Encryption #NoCloud #Surveillance #CyberGhost #SecureSync #PeerToPeer #DigitalAnonymity #DeadSwitch
Tom's IT Cafe · ⛈️ Ditching the Cloud: Running Syncthing Like a GhostBy DeadSwitch You love your cloud storage. Convenient. Always synced. Always backed up. Always watched. Google Drive, Dropbox, OneDrive—they aren’t your storage. They are surveillance-as-a-service.…
OPSEC Failure Exposes Coquettte’s Malware Campaigns on Bulletproof Hosting Servers – Source:thehackernews.com https://ciso2ciso.com/opsec-failure-exposes-coquetttes-malware-campaigns-on-bulletproof-hosting-servers-sourcethehackernews-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #TheHackerNews #OPSEC
CISO2CISO.COM & CYBER SECURITY GROUP · OPSEC Failure Exposes Coquettte’s Malware Campaigns on Bulletproof Hosting Servers – Source:thehackernews.comSource: thehackernews.com - Author: . A novice cybercrime actor has been observed leveraging the services of a Russian bulletproof hosting (BPH) provider cal
Crypto for Humans: Lessons from the Bybit Hack
https://www.coindesk.com/opinion/2025/03/18/crypto-for-humans-lessons-from-the-bybit-hack
CoinDesk · Crypto for Humans: Lessons from the Bybit Hack
Fortgeführter Thread
The review also will “review compliance with classification & records retention requirements,” Stebbins wrote. He requested that the #Defense Dept designate 2 points of contact within 5 days, with work done both in Washington & at the headquarters of US Central Command in Tampa, Florida.
Fortgeführter Thread
Steven Stebbins, the #Pentagon’s acting #IG, said in a memo to #SecDef #PeteHegseth & Dpty #DOD Secy Steve Feinberg that the review will “determine the extent to which the Secretary of #Defense & other DoD personnel complied with DoD policies & procedures for the use of a commercial messaging application for official business.”
The #Defense Dept inspector general’s office said Thurs that it will scrutinize top #Trump admin officials’ use of #Signal, an unclassified messaging app to coordinate a highly sensitive #military operation last month in Yemen, complying with a request from #Republicans & #Democrats in #Congress.
#Trump #NationalSecurity #OpSec #SignalGate
https://www.washingtonpost.com/national-security/2025/04/03/trump-signal-chat-inspector-general/
The Washington Post · Inspector general to scrutinize Trump team’s Signal chat
Waltz’s team set up at least 20 Signal group chats for crises across the world - POLITICO https://www.politico.com/news/2025/04/02/waltzs-team-set-up-at-least-20-signal-group-chats-for-crises-across-the-world-00266845