You can have a strong, unique password, you can have multi-factor authentication in place, but good luck trying to prevent a member of your social media team ‘going rogue’.

grahamcluley.com/civil-service

This week in Between the Hacks, Apple adds contact tracing to the iPhone, a new LogMeIn phish, Windows 7 use is increasing, Verizon releases their 13th annual DBIR report, and Mikko Hyppönen’s Disobey keynote from February, 2020. bth.news/bth-news-22may2020

Cybersecurity reports are rich resources for infosec professionals, academics, journalists and anyone interested in . This week, Between The Hacks reviews the newly released Verizon Data Breach Investigations Report. bth.news/blog/2020/5/19/dbir20

@gcluley Maybe that is the French-Canadian way of writing her name. We may not be sophisticated enough to read it properly.

This is good news

Signal to move away from using phone numbers as user IDs | ZDNet

Signal launches profile PINs, the first step in supporting Signal user accounts that are not tied to phone numbers.

zdnet.com/article/signal-to-mo

@gcluley I think you may be on to something. Carole appears to have signed this with a stylus in her non-dominant hand. I'm not sure what's happening at the end of her signature but it looks like a Spirograph project.

Apparently the U.S. Customs and Border Protection thought this envelope of Smashing Security stickers from the U.K. was worth investigating. Come to think of it, there was no cash in the envelope. I'm SURE Graham and Carole would have sent more than just stickers! ;) @gcluley

RSS never disappeared, it just became a bit forgotten about as people got sucked into proprietary platforms. I have used many different RSS apps and services and have come back to hosting my own (apps.nextcloud.com/apps/news) but Feedly, Inoreader and Tiny Tiny RSS are all good alternatives.

It's Time to Get Back Into RSS | Daniel Miessler

danielmiessler.com/blog/its-ti

Who led the digital transformation of your company?
Credit: businessillustrator.com

This week Between the Hacks reports on a 238% increase in cyberattacks against the financial sector, Windows 10 quietly gets a packet sniffer, Google plans to unload resource-hogging ads, a Nigerian crime ring files fraudulent unemployment claims in multiple U.S. states, and a browser plug-in that helps prevent websites from tracking you online. ckd3.com/blog/bth-news-15may20

Push-button installer of macOS Catalina, Mojave, and High Sierra guests in Virtualbox for Windows, Linux, and macOS

github.com/myspaghetti/macos-g

"WRONG IS WRONG, even if everyone is doing it.
RIGHT IS RIGHT, even if no one is doing it."

- Attributed to Saint Augustine (and also to William Penn)

In 2015 I was first to point at APT28 as the likely culprit for the breach of the German Bundestag. Then, plenty tried to discredit me and my analysis. Today the German authorities issued an arrest warrant for an alleged APT28 operative.

via @botherder

tagesschau.de/investigativ/ndr

Ghost blogging platform suffers security breach - hackers exploited Salt vulnerability in attempt to mine cryptocurrency.

grahamcluley.com/ghost-bloggin

This week Between the Hacks reports on movie files infected with malware, the NSA shares tips for teleworkers, a gif hijacks Microsoft Teams, and for the third time in 7 years, the iPhone has a word of death! Also bolster your security and privacy by changing DNS servers and a proof that robots can lie. ckd3.com/blog/2020/05/01/bth-n

This week the U.S. AIr Force invites hackers to try and hack into an orbiting satellite, your employer may be infecting your home network, sextortion pays big for scammers, an iOS vulnerability may have silently infected your device just by receiving an email and this week’s tip will help you secure your home network. www.ckd3.com/blog/2020/4/24/bth-news-24apr2020

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.