On the latest "Smashing Security" podcast: The Darkside ransomware gang donates extorted Bitcoins to charity, the micro-targeted ad industry could pop like a bubble, and would you trust a burger-flipping robot?

Find it in your favourite podcast app or at smashingsecurity.com/listen

This story is filled with incredible details, gathered from an internal FBI document, court documents, and several interviews with people who were part of this international crime ring.

This is also an important chapter in the modern war on encryption.

vice.com/en/article/v7m4pj/the

@rysiek @gcluley

I totally agree with you.

If this story it true, it's more a failure by Twitter's security team than anything else.

They could have protected his account and Trump would have never known.

@rysiek @gcluley

I would think this is the case. However we all know C level executives who refuse to use 2fa and they are the boss. So they don't have to.

If this is true I wouldn't be surprised.

Donald Trump’s Twitter password is “maga2020!”, and there’s no 2FA, claims hacker.

You don't need an IQ of 197 to know that's pretty dumb...

grahamcluley.com/donald-trumps

More than 2,000 law enforcement agencies across every state now have access to technology that allows them to extract data from confiscated phones.

A new report by @TeamUpturn details the dangerous growth of these tools: upturn.org/reports/2020/mass-e

The October maintenance releases of BIND are available and can be downloaded from the ISC software download page,

isc.org/download

A summary of changes in the new releases can be found in their release notes:

current supported stable branches:

9.11.24 - downloads.isc.org/isc/bind9/9.

9.16.8 - downloads.isc.org/isc/bind9/9.

It's finally official! Debian is donating $10,000 to the Peertube crowdfunding campaign to add livestreaming functionality. bits.debian.org/2020/10/debian

The thing that Meat Loaf would not do for love 

Click "agree" without reading the terms and conditions

@r000t

"Nobody gets hacked"

😆

Unfortunately he's saying out loud what many C level executives think.

Testing one of my servers performance.

Not hard to make a default instance of with be unavailable with . Make it parallel and really crush things.

Not a new article but very clear and easy to implement. Useful for you web admins who like to keep it simple and beat on a site before going live.

simonholywell.com/post/2015/06

Apple’s T2 security chip has an unfixable flaw

The jailbreak could [be] weaponized by malicious hackers [to] disable macOS security … and install malware.

There are a few important limitations of the jailbreak… an attacker would need physical access to target devices…

"There really isn't much that Apple can do to fix it. It's not the end of the world, but this chip, which was supposed to provide all this extra security, is now pretty much moot."

arstechnica.com/information-te

#infosec #Apple

New! From "Smashing Security" it's our 200th podcast! Check it out if you think you're hard enough:

smashingsecurity.com/listen

(The real version isn't quite as potty-mouthed as this teaser)

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.