Jump to content
programming.dev
menu
Communities
Create Post
Create Community
heart
Support Lemmy
search
Search
Login
Sign Up
Modlog
alert-triangle
CONTENT WARNING
: Some deleted posts may contain disturbing or adult material. Proceed with caution.
/c/cybersecurity
Modlog
Filter by action
All
Removing Posts
Locking Posts
Featuring Posts
Removing Comments
Removing Communities
Banning From Communities
Adding Mod to Community
Transferring Communities
Adding Mod to Site
Banning From Site
Filter by user
All
search
All
Time
mod
Action
13 days ago
mod
Banned
tal
@lemmy.today
from the community
Cybersecurity
@sh.itjust.works
reason: automod
14 days ago
mod
Banned
BroBot9000
@lemmy.world
from the community
Cybersecurity
@sh.itjust.works
reason: automod
1 month ago
mod
Banned
joshlocks6
@lemmy.zip
from the community
Cybersecurity
@sh.itjust.works
reason: automod
2 months ago
mod
Unbanned
Ⓜ3️⃣3️⃣ 🌌
@lemmy.zip
from the community
Cybersecurity
@sh.itjust.works
2 months ago
mod
Removed
Comment
[https://www.nooooooooooooooooooooooooo.com/](https://www.nooooooooooooooooooooooooo.com/)
by
Ⓜ3️⃣3️⃣ 🌌
@lemmy.zip
reason: Baned
2 months ago
mod
Banned
Ⓜ3️⃣3️⃣ 🌌
@lemmy.zip
from the community
Cybersecurity
@sh.itjust.works
reason: automod
2 months ago
mod
Banned
bad_news
@lemmy.billiam.net
from the community
Cybersecurity
@sh.itjust.works
reason: Pushing "Jewish supremacy" conspiracy garbage
2 months ago
mod
Banned
redsand
@lemmy.dbzer0.com
from the community
Cybersecurity
@sh.itjust.works
reason: Antisemitism
3 months ago
mod
Removed
Post
Perpatrator of all NYC major terror NYU Columbia UMN 10M in control of sacrificed Brian Thompson
reason: off topic
3 months ago
mod
Removed
Post
Read Instructions First- NY major terror UMN NYU Columbia distracted with Thompson all originated from same place
reason: off topic
4 months ago
mod
Removed
Post
Nightgridcybersecurity.
reason: SPAM
4 months ago
mod
Unbanned
TheDwZ
@lemmy.world
from the community
Cybersecurity
@sh.itjust.works
4 months ago
mod
Banned
TheDwZ
@lemmy.world
from the community
Cybersecurity
@sh.itjust.works
reason: automod
5 months ago
mod
Restored
Post
GrapheneOS: Another contributor attacked & banned by Daniel Micay
5 months ago
mod
Restored
Post
Why OAuth MUST share access token with 3rd party?!?
5 months ago
mod
Unbanned
maltfield
@monero.town
from the community
Cybersecurity
@sh.itjust.works
5 months ago
mod
Banned
maltfield
@monero.town
from the community
Cybersecurity
@sh.itjust.works
reason: Ban evasion
5 months ago
mod
Banned
maltfield
@monero.town
from the community
Cybersecurity
@sh.itjust.works
reason: Ban evasion
6 months ago
mod
Unbanned
hperrin
@lemmy.ca
from the community
Cybersecurity
@sh.itjust.works
6 months ago
mod
Banned
hperrin
@lemmy.ca
from the community
Cybersecurity
@sh.itjust.works
reason: automod
7 months ago
mod
Unbanned
Davriellelouna
@lemmy.world
from the community
Cybersecurity
@sh.itjust.works
7 months ago
mod
Banned
Davriellelouna
@lemmy.world
from the community
Cybersecurity
@sh.itjust.works
reason: automod
7 months ago
mod
Removed
Post
*Permanently Deleted*
reason: don't trust random git repos
7 months ago
mod
Banned
agedLikeMilk
@lemmings.world
from the community
Cybersecurity
@sh.itjust.works
reason: Fuck Israel's genocide, and also fuck antiyanks
9 months ago
mod
Banned
JokeDeity
@lemm.ee
from the community
Cybersecurity
@sh.itjust.works
reason: Harassment
9 months ago
mod
Restored
Comment
You posted this 12 times. That's very rude. Please only post once. Lemmy is small enough that most people will see all 12 posts and associate you with spam. ha, and the buskill person even downvoted this... so much for kind feedback.
by
jet
@hackertalks.com
9 months ago
mod
Restored
Comment
> The domains for Cracked and Nulled now redirect to FBI-controlled servers.
by
jet
@hackertalks.com
9 months ago
mod
Restored
Comment
>I'm experienced in the field of cyber security and I feel like I'm in denial because I really really don't want to buy a new phone. Then you know the answer already. Bite the bullet.
by
jet
@hackertalks.com
9 months ago
mod
Restored
Comment
Do not load EXTERNAL images, if the image is actually attached as part of the email it will render.
by
jet
@hackertalks.com
9 months ago
mod
Restored
Comment
If it can be bypassed, it's not a second factor
by
jet
@hackertalks.com
9 months ago
mod
Restored
Comment
I think it's important to be clear about the difference between antivirus, and an in resident black box agent. An antivirus that you run on static files, is perfectly fine in any environment. t's controllable it's known you know the inputs you know the outputs. You know what you're exposing to it. Even if the antivirus itself is a black box, you spin up a VM with the files you want to scan, you get the output of the scan, you destroy the virtual machine. So you don't leak anything An agent that stays with privileged access to the machine, is basically a root kit, and they're often black boxes. So a black box root kit is a huge security risk, especially if that black box needs to phone home to a service outside of your network. That's just crazy. That's more than an antivirus, that is I don't even know the right word, but it's a lot.
by
jet
@hackertalks.com
9 months ago
mod
Restored
Comment
That's a real roller coaster ride of a journey. Thanks for sharing it. Glad you got some bonus hardware out of it.
by
jet
@hackertalks.com
9 months ago
mod
Restored
Comment
I think the security researcher has a valid point. In a secure environment you don't want random things running in memory, sending samples to third parties. Would a static virus scanner run periodically on the volume itself been sufficient? If yes, then the researcher was being unreasonable.
by
jet
@hackertalks.com
9 months ago
mod
Restored
Comment
You might be expected to, but your not required to. Most people's workflows on their phones don't require much work, so the minimum skill level isn't very high
by
jet
@hackertalks.com
9 months ago
mod
Restored
Comment
If you have a internet attached device and it isn't getting systematic and timely updates, you have a time bomb. Doesn't matter who made the device initially Ubiquity has patched the issue identified in the article, people have these devices deployed and they are not patching them....
by
jet
@hackertalks.com
9 months ago
mod
Restored
Comment
> The zero-day, tracked as [CVE-2024-36971](https://nvd.nist.gov/vuln/detail/CVE-2024-36971), is a use after free (UAF) weakness in the Linux kernel's network route management. It requires System execution privileges for successful exploitation and allows altering the behavior of certain network connections.
by
jet
@hackertalks.com
9 months ago
mod
Restored
Comment
Can you imagine microsoft one-drive exfiltrating HIPPA data to MS cloud with their "opt-out" auto-enabling?
by
jet
@hackertalks.com
9 months ago
mod
Restored
Comment
I can't imagine a single corporation or government that wont cut a tattle tale like co-pilot out of its system... imagine the data-leak, ransom-ware, possibilities! HIPPA violations for everyone
by
jet
@hackertalks.com
9 months ago
mod
Restored
Comment
https://arxiv.org/pdf/2407.09717 The paper- Deep-Tempest https://en.wikipedia.org/wiki/Tempest_(codename) Tempest 2 - Bugaloo Old tempest used the electronic noise from the CRT itself to decode the signal, this paper is interesting in that it uses the HDMI cable as the transmission source, which is really cool! I highly recommend the paper, if this threat factors into your activities some thoughts come to mind * Use a Skif * Use a shielded HDMI cable and ground the shield * Use a self contained laptop (and ground it) for your very sensitive data (less cable length, less radio transmission loops) * Don't display passwords on your screen unless absolutely necessary *
by
jet
@hackertalks.com
9 months ago
mod
Restored
Comment
Your security is determined by the weakest link in the chain. Most security systems have a recovery system which is weaker than the main system, so their security is only as good as the recovery, usually SMS two factor.
by
jet
@hackertalks.com
9 months ago
mod
Restored
Comment
You might want to expand your search to include forensic USB devices, that's a arena where people absolutely want read only data acquisition, and that might help find what you want. "Forensic bridges" There is complexity to read only modes. Depending on the underlying technology the read-only switch could be implemented in software, or the host needs to honor it by protocol, but not physically. That's pretty common for SD cards, if the host computer wants to write to them it can Some of the better USB sticks, the Read only button, actually prevents the write enable signal from physically reaching the storage, that would be best in class. But you need the schematic to actually verify that. So you don't know if it's actually just implemented in software For the forensic bridges, they actually speak the USB protocol, because it's just a serial bus, and they simply don't relay any commands they believe are related to writes. That relies on them enumerating every possible serial command, and that both the talker and the listener both have the same understandings for the same commands... It's pretty good, but there is room for error Most encrypted USB devices, the ones with the keypads on them, have a read only mode. If you trust their software: https://www.kingston.com/en/usb-flash-drives/ironkey-kp200-encrypted-usb-flash-drive Honestly, your cheapest option is to get cheap USB drives, image them. Put some red gaffers tape on them, whenever you break the tape to plug them into a device they're now tainted, and you as a human must reimage the drives again before you put them into another computer. https://github.com/o7-machinehum/ovrdrive Here's a fully open source flash drive, if you look at the schematic you can see you just want to be able to disable the right enable pin. This drive is designed with some fancy controller in front of the USB controller so you could actually disable it in software if you wanted... https://www.crowdsupply.com/interrupt-labs/ovrdrive-usb/updates/a-look-at-our-firmware-and-how-to-modify-it
by
jet
@hackertalks.com
9 months ago
mod
Restored
Comment
https://discuss.grapheneos.org/d/12848-claims-made-by-forensics-companies-their-capabilities-and-how-grapheneos-fares Basically all phone, iphone and Android This is an arms race, at the moment the crackers are in the lead.
by
jet
@hackertalks.com
9 months ago
mod
Restored
Comment
Turn Bluetooth off, super effective They were always be ways to fingerprint and active system, you can change the current characteristics that are used, but you cannot make everything the same. There will always be a difference, be it timing, be at packet signing, be it's electrical signaling, there will always be some way to infer a fingerprint of the system active on the network. Because Bluetooth is not use constantly, it's better to turn it off when not in use, and not even worry about the fingerprinting because you're not participating
by
jet
@hackertalks.com
9 months ago
mod
Restored
Comment
> Snowblind targets apps that handle sensitive data by injecting a native library which loads before the anti-tampering code, and installs a *seccomp* filter to intercepts system calls such as the ‘open() syscall,’ commonly used in file access. > When the APK of the target app is checked for tampering, Snowblind's *seccomp* filter does not allow the call to proceed and instead triggers a SIGSYS signal indicating that the process sent a bad argument to the system call.
by
jet
@hackertalks.com
9 months ago
mod
Banned
jet
@hackertalks.com
from the community
Cybersecurity
@sh.itjust.works
reason: Ban unban test
9 months ago
mod
Unbanned
jet
@hackertalks.com
from the community
Cybersecurity
@sh.itjust.works
10 months ago
mod
Removed
Post
As I never made 1
reason: no context
10 months ago
mod
Removed
Post
cybersecuritydive.com/news/cis…
reason: No context
1 year ago
mod
Removed
Post
"Closer To Disinformation": Ex-Politico Reporters Reveal How "Cowardly Editors" Helped Biden Win 2020 Election
reason: not cybersecurity
1 year ago
mod
Removed
Post
Cyber
reason: garbage links
1 year ago
mod
Removed
Post
Ignoring Rape-Gangs: The Road To Hell Is Paved With Ass-Covering Cowardice
reason: nothing to do with cybersecurity
1 year ago
mod
Removed
Post
‘Two-thirds do not work. Many of them must go back,’ says Merz about Syrians living in Germany
reason: Not cybersecurity related
2 years ago
mod
Removed
Post
SimpleX Chat Group about Privacy & Security
reason: SPAM
2 years ago
mod
Removed
Post
3D-Printed USB Dead Man Switch (Prototype Demo)
reason: Not enough karma
2 years ago
mod
Removed
Post
Can Ghidra do inline strings?
reason: Not enough karma
2 years ago
mod
Removed
Post
What is something that 2020s kids will never get to experience?
2 years ago
mod
Appointed
Lanky_Pomegranate530
@midwest.social
as a mod to the community
Cybersecurity
@sh.itjust.works
2 years ago
mod
Removed
borari
@lemmy.ml
as a mod to the community
Cybersecurity
@sh.itjust.works
2 years ago
mod
Removed
borari
@sh.itjust.works
as a mod to the community
Cybersecurity
@sh.itjust.works
2 years ago
mod
Appointed
Kid
@sh.itjust.works
as a mod to the community
Cybersecurity
@sh.itjust.works
2 years ago
mod
Removed
Post
2024 AI Wars : The Rise of Technofascism
reason: Spam
Next
