jbz
@jbz@indieweb.social  ·  activity timestamp 3 hours ago

O⁠_⁠o

「 According to the research published Tuesday by Cisco Talos, it is possible for an attacker to break into the ControlVault chip and modify the firmware inside, allowing them to steal credentials from the “bank” and to plant malware inside it at a level that remains hidden from anti-virus tools running at the operating system level 」

https://therecord.media/critical-firmware-vulnerability-security-professionals

#cybersecurity#ControlVault
jbz
@jbz@indieweb.social  ·  activity timestamp 7 hours ago

(⁠⊙⁠_⁠◎⁠)

「 The threat actor claimed yesterday to BleepingComputer that they breached a trillion-dollar company, and were considering just leaking the data rather than attempting to extort them. It is unclear if this company is Google 」

#google #salesforce #databreach #cybersecurity
https://www.bleepingcomputer.com/news/security/google-suffers-data-breach-in-ongoing-salesforce-data-theft-attacks/

jbz
jbz boosted
activity timestamp 11 hours ago

¯⁠\⁠_⁠(⁠ツ⁠)⁠_⁠/⁠¯

「 The information stolen includes demographic data, names, addresses, dates of birth, Social Security numbers, health insurance information and other clinical information like health conditions, dialysis lab test results and treatment information 」

#ransomware #databreach #cybersecurity
https://therecord.media/davita-dialysis-company-ransomware-attack-data-breach-notifications
jbz
@jbz@indieweb.social  ·  activity timestamp 11 hours ago

¯⁠\⁠_⁠(⁠ツ⁠)⁠_⁠/⁠¯

「 The information stolen includes demographic data, names, addresses, dates of birth, Social Security numbers, health insurance information and other clinical information like health conditions, dialysis lab test results and treatment information 」

#ransomware #databreach #cybersecurity
https://therecord.media/davita-dialysis-company-ransomware-attack-data-breach-notifications
jbz
@jbz@indieweb.social  ·  activity timestamp 2 days ago

🪤 Mozilla warns Firefox add-on devs of new phishing attacks • The Register

"At this point, it's safest to assume that most crypto-related Firefox extensions contain malware. Especially those that are new, or have few users. In fact, every such extension should be considered compromised by default and avoided completely. Stay alert."

https://www.theregister.com/2025/08/04/mozilla_add_on_phishing/

#mozilla #firefox #opensource #cybersecurity
AI6YR Ben
@ai6yr@m.ai6yr.org  ·  activity timestamp 3 days ago

Malwarebytes on why you should not respond to the obvious smishing texts...

"Why you should never respond

Responding confirms your number is active.
It flags you as someone who reads texts and might engage.
The scammer may sell or share your number.
Some groups build long-term “mark profiles” for future scams. Even though you think you’re only providing them with little to none information, scammers often track who replies, how they reply, and how easily they engage. That data becomes part of a “mark profile”, a digital dossier on you that might include your phone number, the time of response (which suggests your schedule or time zone), and any other information you share.
"

https://www.malwarebytes.com/blog/news/2025/07/that-seemingly-innocent-text-is-probably-a-scam

#scams #cybersecurity #smishing #phishing
AI6YR Ben
@ai6yr@m.ai6yr.org  ·  activity timestamp 3 days ago

Malwarebytes on why you should not respond to the obvious smishing texts...

"Why you should never respond

Responding confirms your number is active.
It flags you as someone who reads texts and might engage.
The scammer may sell or share your number.
Some groups build long-term “mark profiles” for future scams. Even though you think you’re only providing them with little to none information, scammers often track who replies, how they reply, and how easily they engage. That data becomes part of a “mark profile”, a digital dossier on you that might include your phone number, the time of response (which suggests your schedule or time zone), and any other information you share.
"

https://www.malwarebytes.com/blog/news/2025/07/that-seemingly-innocent-text-is-probably-a-scam

#scams #cybersecurity #smishing #phishing

alcinnz
alcinnz boosted
Brian Greenberg :verified:
@brian_greenberg@infosec.exchange  ·  activity timestamp 6 days ago

🔐 A VPN can improve your privacy, or just give you a false sense of it. The EFF’s guide is a solid reminder that choosing a VPN is less about speed or price, and more about who runs it, what they log, and whether they actually deliver the protection they claim.

TL;DR
🧠 VPNs don’t guarantee anonymity
📜 “No logs” claims often lack proof
👤 Your threat model shapes your VPN needs
🔎 Look into ownership and reputation

https://ssd.eff.org/module/choosing-vpn-thats-right-you
#cybersecurity #privacy #vpn #digitalrights #security #privacy #cloud #infosec#EFF @eff
Brian Greenberg :verified:
@brian_greenberg@infosec.exchange  ·  activity timestamp 6 days ago

🔐 A VPN can improve your privacy, or just give you a false sense of it. The EFF’s guide is a solid reminder that choosing a VPN is less about speed or price, and more about who runs it, what they log, and whether they actually deliver the protection they claim.

TL;DR
🧠 VPNs don’t guarantee anonymity
📜 “No logs” claims often lack proof
👤 Your threat model shapes your VPN needs
🔎 Look into ownership and reputation

https://ssd.eff.org/module/choosing-vpn-thats-right-you
#cybersecurity #privacy #vpn #digitalrights #security #privacy #cloud #infosec#EFF @eff