Notices tagged with infosec, page 4

By default, I am a bang-my-head-against-the-wall-until-something-breaks kind of worker. I have lots of stamina for long hours. However, I’m tired of that. I want to optimize.

Send tips! I am currently listening to one of my #infosec podcasts at 1.5x speed (at the suggestion of one of the guests), and it’s not as annoying as I’d thought.

#productivity

I'll be holding a workshop at this year's Hurenkongress (SW/ex-SW only) about #infosec for sex workers. It'll be mostly full service-centred, so if anyone who's not a full-service worker has any input, I'd be very interested.

If any non-SWs in #Berlin are interested in the topic, join us at Hearts' Fear (Wildenbruchstr 24) Aug 5th!

https://hurenkongress.de

(And yes, I'll annoy you with reminders often enough, don't worry)

#SexWork #SexWorkIsWork

After major security vulnerabilities or data breaches, "security people" show up and tell you to delete your account immediately. "Oh, time to delete your account! Switch to service/product … instead!"

Such statements totally ignore that security vulnerabilities are widespread and the vast majority of data breaches won't become publicly-known. Full control over your data and devices requires 100% isolation from the internet, not just arbitrarily switching services or products.

#infosec

2+ million IoT devices vulnerable to man-in-the-middle attacks, allowing attackers to steal passwords:

https://hacked.camera/

– the website contains a list, so you can check if your devices are vulnerable
– CVE-2019-11219, CVE-2019-11220
– mitigation: dispose your vulnerable devices, or block OUTBOUND traffic to 32100/udp

#iot #vulnerability #cve201911219 cve201911220 #infosec #mitm #cybersecurity #security

OpenSSH 8.0 available:

https://www.openssh.com/txt/release-8.0

– contains mitigations for an scp vulnerability (CVE-2019-6111)
– adds experimental post-quantum key exchange method, based on a combination of Streamlined NTRU Prime 4591^761 and X25519
– increases the default RSA key size to 3072 bits
– includes several bug fixes

#openssh #ssh #infosec #security #cybersecurity #postquantum #crypto #x25519 #rsa

Facebook :facebook: always in the news. This time: Millions of passwords of Instagram users stored in plaintext:

https://thehackernews.com/2019/04/instagram-password-plaintext.html

– millions of plaintext passwords of Instagram and Facebook users were accessible to Facebook
– besides, Facebook stored 1.5 million records of users without their consent or knowledge

#facebook #instagram #privacy #password #infosec #cybersecurity #security

Ecuador Says Hit by 40 Million Cyber Attacks Since Assange Arrest | SecurityWeek.Com http://www.securityweek.com/ecuador-says-hit-40-million-cyber-attacks-assange-arrest #infosec

Ugh.

Microsoft reveals hackers accessed some http://outlook.com accounts for months.

https://www.theverge.com/2019/4/13/18309192/microsoft-outlook-email-account-hack-breach-security

#infosec #outlook #email

'if you're a matrix.org user you should change your password now.'

It's running again, but:
'The hacker exploited a vulnerability in our production infrastructure'

https://matrix.org/blog/2019/04/11/security-incident/

#infosec #matrix