Firefox & AppArmor hardening - Custom rules

submitted by TheRealPanzer from dedoimedo.com

Wi-Fine - it is fine to use public Wi-Fi

submitted by TheRealPanzer from wifine.gitlab.io

More Pixel 6a owners find that any fingerprint can unlock the phone

submitted by TheRealPanzer from 9to5google.com

Router Security

submitted by TheRealPanzer from routersecurity.org

Discovery of new UEFI rootkit exposes an ugly truth: The attacks are invisible to us

submitted by TheRealPanzer from arstechnica.com

Critical flaws in GPS tracker enable “disastrous” and “life-threatening” hacks

submitted by TheRealPanzer from arstechnica.com

The US requests access to national databases of fingerprints and faces in exchange for visaless entry to the US for up to 90 days. At least 5 countries already gave the US access to their police databases.

submitted by TheRealPanzer from self.Security

Researchers have discovered a vulnerability in Honda vehicles that could allow hackers to unlock doors and start the cars remotely. Affects all Honda models released between 2012 and 2022.

submitted by TheRealPanzer from bogleheads.org

Threema: Three Strikes, You’re Out

submitted by Drewski from soatok.blog

Oblivious DNS-over-HTTPS - security engineers are proposing an experimental protocol that promises greater privacy in how DNS operates.

submitted by TheRealPanzer from portswigger.net

The HDMI firewall prevents devices from hacking HDMI equipment, and vice-versa.

submitted by TheRealPanzer from git.cuvoodoo.info

Mega says it can’t decrypt your files. New POC exploit shows otherwise.

submitted by TheRealPanzer from arstechnica.com

All Chromium browsers store passwords and sensitive data in clear text in memory

submitted by TheRealPanzer from borncity.com

LastPass no longer requires a password to access your vault, moving to flawed FIDO

submitted by SoCo from engadget.com

Add Privacy and Security Using Email Aliases With Bitwarden

submitted by TheRealPanzer from bitwarden.com

Netbird is an open-source VPN management platform built on top of WireGuard making it easy to create secure private networks for your organization or home.

submitted by TheRealPanzer from github.com

Defending against malicious bots with a zip bomb

submitted by TheRealPanzer from kerkour.com

Tor Browser in Tails 5.0 and earlier is unsafe to use. You should stop using Tails until the release of 5.1 (May 31) if you use Tor Browser for sensitive information (passwords, private messages, personal information, etc.).

submitted by TheRealPanzer from tails.boum.org

The passwords most used by CEOs are startlingly dumb

submitted by TheRealPanzer from pcgamer.com

Firefox debuts improved process isolation to reduce browser attack surface

submitted by TheRealPanzer from portswigger.net

NSA Swears It Won't Allow Backdoors in New Encryption Standards

submitted by Drewski from gizmodo.com

Some Cryptography Books I Like - Cronokirby

submitted by Drewski from cronokirby.com

Researchers Identify ‘Master Problem’ Underlying All Cryptography

submitted by Drewski from quantamagazine.org

deSEC is a free DNS hosting service, designed with security in mind

submitted by TheRealPanzer from desec.io

Mistborn is your own virtual private cloud platform and WebUI that manages self hosted services, and secures them with firewall, Wireguard VPN w/ PiHole-DNSCrypt, and IP filtering

submitted by TheRealPanzer from gitlab.com

WebApps provides a secure way to browse popular webapps by eliminating referrers, 3rd party requests, cookies, cross-site scripting, etc.

submitted by TheRealPanzer from f-droid.org

7-Zip up to 21.07 on Windows allows privilege escalation and command execution

submitted by Drewski from github.com

Researchers Uncover a Hardware Security Vulnerability on Android Phones

submitted by Drewski from cyberkendra.com

Lupinia Studios - I'm a Scam Prevention Expert, and I Got Scammed

submitted by Drewski from lupinia.net

Kicksecure - a secure by default operating system

submitted by TheRealPanzer from kicksecure.com

AppTotal - analyze suspicious OAuth apps to identify malicious apps, highlight risks, ...

submitted by TheRealPanzer from apptotal.io

North Korean hackers exploit Chrome zero-day weeks before patch

submitted by Drewski from bleepingcomputer.com

A team of Ukrainian software engineers have developed a game called “Play for Ukraine” that crowdsources and gamifies participation in DDOS attacks against selected Russian government and media websites

submitted by TheRealPanzer from fastcompany.com

Another data-leaking Spectre bug found, smashes Intel, Arm defenses

submitted by TheRealPanzer from theregister.com

"I can probably hack your password in MINUTES!"

submitted by TheRealPanzer from docs.aista.com

SentryPeer - a distributed peer to peer list of bad actor IP addresses and phone numbers collected via a SIP Honeypot

submitted by TheRealPanzer from sentrypeer.org

Merry Maker is a fully scalable tool to detect the presence of digital skimmers

submitted by TheRealPanzer from csoonline.com

LAN port scan forbidder - forbid untrusted web to scan localhost or LAN

submitted by TheRealPanzer from github.com

wolfBoot will secure the boot process of your device against malicious attacks that seek to replace your firmware and take control of your device, and/or steal its data

submitted by TheRealPanzer from wolfssl.com

Rogueport identifies network ports which are not supposed to be open

submitted by TheRealPanzer from github.com

JShelter - an anti-malware Web browser extension to mitigate potential threats from JavaScript, including fingerprinting, tracking, and data collection

submitted by TheRealPanzer from jshelter.org

SafeToOpen detects never-before-seen phishing websites by inspecting the visual and non-visual elements of the websites in real-time and preventing users give away their sensitive information

submitted by TheRealPanzer from safetoopen.com

Researchers shared technical details of NSA Equation Group’s 'Bvp47' Backdoor

submitted by infocom6502 from cybersecurityworldconference.com

Block malware, spyware, ads, and trackers across all apps with RethinkDNS

submitted by [deleted] from rethinkdns.com

ESSE - an open source encrypted peer-to-peer system for data security, and allow data to be sent securely from one terminal to another without going through third-party services

submitted by [deleted] from github.com

TOR Fone - p2p secure and anonymous VoIP tool

submitted by [deleted] from torfone.org

Are the Tutanota and Ctemplar Encrypted Email Providers, Honeypots?

submitted by raven9 from self.Security

Log4Shell: RCE 0-day exploit found in log4j2, a popular Java logging package

submitted by Drewski from lunasec.io

Public CDNs Are Useless and Dangerous

submitted by infocom6502 from news.ycombinator.com

A mysterious threat actor is running hundreds of malicious Tor relays

submitted by Drewski from therecord.media

Missouri Admits It Fucked Up In Exposing Teacher Data, Offers Apology To Teachers -- But Not To Journalists It Falsely Accused Of Hacking

submitted by Drewski from techdirt.com

Confessions of a ransomware negotiator

submitted by Drewski from theregister.com

Hackers claim significant Epik breach

submitted by Drewski from domainnamewire.com

Hackers leak passwords for 500,000 Fortinet VPN accounts

submitted by Drewski from bleepingcomputer.com

How I re-over-engineered my home network for privacy and security

submitted by [deleted] from ben.balter.com

Cambridge Locksmith 247

submitted by locksmithcambridgema from self.Security

“Worst cloud vulnerability you can imagine” discovered in Microsoft Azure

submitted by Drewski from arstechnica.com

Github Now Demanding Device Verification

submitted by raven9 from self.Security

GitHub Kisses Passwords Goodbye

submitted by [deleted] from thenewstack.io

Tinder Will Soon Require Users To Verify Their Account Using Local ID For Added Security Online

submitted by [deleted] from indiatimes.com

Wapiti allows you to audit the security of your websites or web applications

submitted by [deleted] from wapiti.sourceforge.io

Wanted: Disgruntled Employees to Deploy Ransomware

submitted by Drewski from krebsonsecurity.com

Secret terrorist watchlist with 2 million records exposed online

submitted by Drewski from bleepingcomputer.com

Should browsers remember 2FA codes?

submitted by [deleted] from shkspr.mobi

Apple's disregard for security and privacy is mind-boggling

submitted by [deleted] from evermeet.cx

Large batch of high score Vulnerabilities in Mozilla Firefox are disclosed. High risk for government, businesses, and targeted individuals who use Mozilla open sores.

submitted by infocom6502 from cisecurity.org

Hidden Radios in Home Devices (IOT)! The next Cyberthreat

submitted by [deleted] from youtube.com

pwn.college - learn about, and practice, core cybersecurity concepts in a hands-on fashion

submitted by [deleted] from pwn.college

The problems with Antivirus software and how in 2021, they actually detract from security and privacy and not enhance it.

submitted by [deleted] from youtube.com

How to keep your smartphone safe from spying

submitted by [deleted] from archive.is

Canary tokens are a free, quick, painless way to help you discover that you've been breached

submitted by [deleted] from canarytokens.org

‘Master Faces’ That Can Bypass Over 40% Of Facial ID Authentication Systems

submitted by Drewski from unite.ai

Facebook is reportedly trying to analyze encrypted data without decrypting it

submitted by [deleted] from techspot.com

Molly is a hardened version of Signal for Android

submitted by [deleted] from github.com

Windscribe VPN servers seized by Ukrainian authorities weren’t encrypted

submitted by Drewski from arstechnica.com

With help from Google, impersonated Brave.com website pushes malware

submitted by [deleted] from arstechnica.com

We can't believe people use browsers to manage their passwords, says maker of password management tools

submitted by [deleted] from theregister.com

HTTP Security Headers: Why? How? What?

submitted by [deleted] from kerkour.com

Do a Security Checklist for Your Digital Life

submitted by [deleted] from brianlovin.com

VisibleV8 allows users to track and record the behavior of JavaScript programs without alerting the websites that run those programs

submitted by [deleted] from kapravelos.com

Is Microsoft a National Security Threat?

submitted by [deleted] from techrights.org

JavaScript will probably ruin your life. Disable it, block it, and stay safe from the most common vector of malware infection.

submitted by [deleted] from youtube.com

Lantern - fast, reliable and secure access to the open internet (no logging, no cooperation with law enforcement)

submitted by [deleted] from getlantern.org

Ybits - Firefox send alternative with malware protection

submitted by [deleted] from ybits.io

APKPure app contained malicious adware, say researchers

submitted by Drewski from techcrunch.com

+Link - a simple link shortening service to combat phishing

submitted by [deleted] from plus.link

How to Secure and Optimize your Website or Blog

submitted by [deleted] from cyberhost.uk

Passwords cross all boundaries, how can we manage them?

submitted by [deleted] from viewfromtheweb.com

Carrier suspected of injecting ads into two-factor SMS messages

submitted by [deleted] from xda-developers.com

Yes, we want cryptographic protection for email

submitted by [deleted] from sequoia-pgp.org

How to Make Sure Your Browser Extensions Are Safe

submitted by [deleted] from archive.is

Tinfoil Chat - onion-routed, endpoint secure messaging system

submitted by [deleted] from github.com

Mirotalk - free browser based real-time video calls

submitted by [deleted] from mirotalk.up.railway.app

Hey Signal! Great Encryption Needs Great Authentication

submitted by Drewski from sequoia-pgp.org

ESET SysRescue Live disc - a malware cleaning tool that runs independent of the operating system from a CD, DVD, or a USB. It has direct access to the disc and the file system, and therefore is capable of removing the most persistent threats.

submitted by [deleted] from eset.com

1ty.me - One Time Self Destructing Links For Sharing Sensitive Information

submitted by [deleted] from 1ty.me

sploitus - exploits & tools search engine

submitted by [deleted] from sploitus.com

DerivePass - compute secure passwords without storing them anywhere

submitted by [deleted] from derivepass.com

Trackmedown - Identify potential scammers to safeguard yourself and others

submitted by [deleted] from trackemdown.com

SpiderFoot provides an easy-to-use interface that enables you to automatically collect Open Source Intelligence about IP addresses, domain names, e-mail addresses, usernames, names, subnets and ASNs from many sources such as AlienVault, HaveIBeenPwned, SecurityTrails, SHODAN and more

submitted by [deleted] from spiderfoot.net

view more: next ›