Scott Mortimer @ScottMortimer@infosec.exchange

5 Mistakes to Avoid When Buying a MicroSD Card

Buying MicroSD cards may seem simple, but here are a few critical mistakes to avoid if you don't want to regret your purchase.

https://www.makeuseof.com/tag/5-mistakes-avoid-buying-next-microsd-card/

Setting up a killswitch for attacks with ufw and fail2ban on Ubuntu Linux – The Mergy Notes

https://mergy.org/2019/08/setting-up-a-killswitch-for-attacks-with-ufw-and-fail2ban-on-ubuntu-linux/

Start Your Own ISP

This site is dedicated to helping you start your own Internet Service Provider. Specifically this guide is about building a Wireless ISP (WISP).

https://startyourownisp.com/

I personally like Private Internet Access and my own home IPSec VPN, but YMMV.

The Best VPN Service for 2019"

TunnelBear is the most transparent and trustworthy VPN provider offering fast, secure connections and easy setup."

https://thewirecutter.com/reviews/best-vpn-service/

Congrats to the FastMail folks for helping modernize and secure email comms for the 21st century.

We’re making email more modern with JMAP

The specifications for JMAP Email have been published by the Internet Engineering Task Force (IETF), marking a big victory for email tools now and in the future.

https://fastmail.blog/2019/08/16/jmap-new-email-open-standard/

Long live SFTP & SCP

Google Has Started Removing FTP Support From Chrome

Google developers have wanted to remove FTP support from the Chrome browser for quite some time and have been slowly whittling away at its support. In a series of proposed code changes and an "Intent to Remove", the end is near for the FTP protocol in Chrome.

https://www.bleepingcomputer.com/news/google/google-has-started-removing-ftp-support-from-chrome/

~Open Source Security Tool of the Day~

#OSSTotD

Dr.Semu runs executables in an isolated environment, monitors the behavior of a process, and based on Dr.Semu rules created by you or community, detects if the process is malicious or not.

https://github.com/secrary/DrSemu/blob/master/README.md

I suggest obtaining a VoIP number like Google Voice or similar and using that to provide to any public requests instead of your cell or home phone.

I Shared My Phone Number. I Learned I Shouldn’t Have.

Our personal tech columnist asked security researchers what they could find out about him from just his cellphone number. Quite a lot, it turns out.

https://www.nytimes.com/2019/08/15/technology/personaltech/i-shared-my-phone-number-i-learned-i-shouldnt-have.html

Here is another way to protect yourself at the gas station.

Meet Bluetana, the Scourge of Pump Skimmers

Meet Bluetana, the Scourge of Pump Skimmers https://krebsonsecurity.com/2019/08/meet-bluetana-the-scourge-of-pump-skimmers/

~Open Source Security Tool of the Day~

#OSSTotD

Mignis is a semantic based tool for firewall configuration. It is designed to help writing iptables rules using an more human-readable syntax, without restricting iptables functionalities.

https://github.com/secgroup/Mignis

Thank to @maxeddy for the tip

Meet NordLynx – the new solution for a fast and secure VPN connection

Being forever-curious and imaginative geeks, we at NordVPN are always open to innovation. Today we are excited to announce our latest project: the NordLynx technology built around the WireGuard® protocol.

https://nordvpn.com/blog/nordlynx-protocol-wireguard/

Google Online Security Blog: Making authentication even easier with FIDO2-based local user verification for Google Accounts

https://security.googleblog.com/2019/08/making-authentication-even-easier-with_12.html

Google Hackers Found 10 Ways to Hack an iPhone Without Touching It - VICE

https://www.vice.com/en_us/article/ywazj5/google-hackers-found-10-ways-to-hack-an-iphone-without-touching-it

Just in time for the next election cycle.

Input a Reddit username and discover potential bots, trolls, spammers, and other social media deviants.

https://atomiks.github.io/reddit-user-analyser/

~Open Source Security Tool of the Day~

#OSSTotD

Cabot is a free, open-source, self-hosted infrastructure monitoring platform that provides some of the best features of PagerDuty, Server Density, Pingdom and Nagios without their cost and complexity. 

https://github.com/arachnys/cabot/blob/master/README.md

~Open Source Security Tool of the Day~

#OSSTotD

Autopsy® is an easy to use, GUI-based program that allows you to efficiently analyze hard drives and smart phones. It has a plug-in architecture that allows you to find add-on modules or develop custom modules in Java or Python.

https://www.sleuthkit.org/autopsy/