“MyTerms” wants to become the new way we dictate our privacy on the web
It’s not a “do not track” request, it’s a set of terms you demand from sites.
Data Safety and Information Security
Malicious npm Package Modifies Local 'ethers' Library to Launch Reverse Shell Attacks
Trojan npm package downloaded 73 times modifies 'ethers' locally, enabling persistent reverse shell access
A Customer Had A Mysterious USB Stick On Their Keys, But When He Plugged in It Things Got Even Weirder
Stay cyber safe out there!
Google Chrome Attack Warning—Stop Using Your Passwords
You’re not ready for these attacks—what you do now.
Opsec and you: how to navigate having things to hide
A discussion on operational security and privacy in modern life.
Here’s A Spy Movie-Grade Access Card Sniffing Implant
Some of our devices look like they’re straight out of hacker movies. For instance, how about a small board you plant behind an RFID reader, collecting access card data and then replaying it w…
jkramarz/TheTick: The Tick is the next evolution in covert access control system implants for simulating adversary-in-the-middle attacks.
The Tick is the next evolution in covert access control system implants for simulating adversary-in-the-middle attacks. - jkramarz/TheTick
Microsoft 365 URLs and IP address ranges - Microsoft 365 Enterprise
Summary: Microsoft 365 requires connectivity to the Internet. The endpoints in this article should be reachable for customers using Microsoft 365 plans, including Government Community Cloud (GCC).
ZAP – Download
The world’s most widely used web app scanner. Free and open source. ZAP is a community project actively maintained by a dedicated international team, and a GitHub Top 1000 project.
The Business Case for Dynamic Authorization
The least secure TOTP code possible
If you use Multi-Factor Authentication, you'll be well used to scanning in QR codes which allow you to share a secret code with a website. These are known as Time-based One Time Passwords (TOTP). As I've moaned about before, TOTP has never been properly standardised. It's a mish-mash of half-finished proposals with no active development, no test suite, and no-one looking after it. Which is exactly what you want from a security specification, right?! So let's try to find some edge-cases and…
This Surprisingly Simple Email Trick Will Stop Spam With One Click
Some 320 billion spam emails are sent every day, and 94% of malware is delivered via this medium. What if I were to tell you a surprisingly simple one-click email trick could stop them?
Why Can't We End Spam? Ask An Economist. - JSTOR Daily
Law enforcement recently took out a bot network capable of sending 1.5 billion spam emails a day. So what are the economic incentives—and costs—of spam?
The Cyber-Cleanse: Take Back Your Digital Footprint
New Year, New Digital You! New Years are an opportunity for committing to resolutions, starting new habits, discarding what no…
The US Military’s Unsecured UFO Satellites And Their Use By Russia
Something that you generally don’t expect as a North-America-based enthusiast, is to listen in on Russian military communications during their war in Ukraine via WebSDR, or that these communi…
Why is it so hard for companies to protect your privacy? - Stack Overflow
privus - Wiktionary, the free dictionary
secret - Wiktionary, the free dictionary
Building a Community Privacy Plan
Everyone's security plans and situations will always be different, which is why we often say that security and privacy are a state of mind, not a purchase. But the first step is always taking a look
Decoy Killswitch Triggers Alarm Instead
There are a few vehicles on the road that are targeted often by car thieves, whether that’s because they have valuable parts, the OEM security is easily bypassed, or even because it’s a…
A 2023 study concluded CAPTCHAs are 'a tracking cookie farm for profit masquerading as a security service' that made us spend 819 million hours clicking on traffic lights to generate nearly $1 trillion for Google
Is that good?
ID-card - e-Estonia
GeoBlockThe.UK
The Bad Space|About
IFTAS
Nonprofit trust and safety support for volunteer social web content moderators
Bad Bits Denylist
Denylist of bad bits
Barrion
Barrion automates vulnerability detection, helping tech teams secure web apps with comprehensive security scans, real-time alerts, and actionable insights.
Surviving the Brave New World
It's a dangerous world, learn to protect and educate yourself.
Smart appliances should come with an expiration date
The smart home zombies are coming.
Here’s How Standardization Can Fix the Identity Security Problem
Eighty percent of breaches stem from broken identity security systems. Learn how frameworks like IPSIE can help fix this.