https://www.vox.com/recode/22419794/authenticator-apps-and-you-authy-google-authenticator
Posts Tagged ‘security’
How to use authenticator apps like Google Authenticator to protect yourself online – Vox
February 6, 2022Creator behind viral Tom Cruise deepfakes says they’re a warning
March 29, 2021https://news.yahoo.com/deepfake-videos-tom-cruise-went-150232443.html Quote: “Think about the implications for national security… about the implications if I create a video of Jeff Bezos saying that $AMZN stock profits are down 20% — how much can I move the markets?”
Secondary_appt NYTimes.com: Thousands of Microsoft Customers May Have Been Victims of Hack Tied to China
March 29, 2021Thousands of Microsoft Customers May Have Been Victims of Hack Tied to China
The hackers started their attack in January but escalated their efforts in recent weeks, security experts say. Business and government agencies were affected.
https://www.nytimes.com/2021/03/06/technology/microsoft-hack-china.html
The Untold Story of NotPetya, the Most Devastating Cyberattack in History | WIRED
September 12, 2020https://www.wired.com/story/notpetya-cyberattack-ukraine-russia-code-crashed-the-world/
The code that crashed the world
Instacart Hack? You Need to Change Your Password Now
July 27, 2020Instacart Hack? You Need to Change Your Password Now
https://gizmodo.com/you-need-to-change-your-instacart-password-right-now-1844486340
Knoxville Ransomware Attack
June 22, 2020Knoxville Ransomware Attack Leads to IT Network Shutdown
QT:{{”
“In 2019, a total of 113 state or municipal entities were impacted by ransomware. Knoxville is the 51st city to be hit in 2020, Callow said.
Last year, two Florida cities – Lake City and Riviera Beach – were both hit by ransomware attacks and decided to pay off the hackers…. ”
‘ “These smaller government agencies often chug along old legacy infrastructure, and that old legacy infrastructure is easy for bad actors to exploit.” ‘
“}}
https://threatpost.com/knoxville-ransomware-attack-leads-to-it-network-shutdown/156537/
Opinion | 7 Simple Ways to Protect Your Digital Privacy
September 30, 2019QT:{{”
“How: A browser extension like uBlock Origin blocks ads and the data they collect. The uBlock Origin extension also prevents malware from running in your browser and gives you an easy way to turn the ad blocking off when you want to support sites you know are secure. Combine uBlock with Privacy Badger, which blocks trackers, and ads won’t follow you around as much. To slow down stalker ads even more, disable interest-based ads from Apple, Facebook, Google and Twitter. A lot of websites offer means to opt out of data collection, but you need to do so manually. Simple Opt Out has direct links to opt-out instructions for major sites like Netflix, Reddit and more. Doing this won’t eliminate the problem completely, but it will significantly cut down on the amount of data collected.
You should also install the HTTPS Everywhere extension. HTTPS Everywhere automatically directs you to the secure version of a site when the site supports that, making it difficult for an attacker — especially if you’re on public Wi-Fi at a coffee shop, airport or hotel — to digitally eavesdrop on what you’re doing.
Some people may want to use a virtual private network (VPN), but it’s not necessary for everyone. If you frequently connect to public Wi-Fi, a VPN is useful because it adds a layer of security to your browsing when HTTPS isn’t available. It can also provide some privacy from your internet service provider and help minimize tracking based on your IP address. But all your internet activity still flows through the VPN provider’s servers, so in using a VPN you’re choosing to trust that company over your ISP not to store or sell your data. Make sure you understand the pros and cons first, but if you want a VPN, Wirecutter recommends IVPN.”
“}}
Opinion | 7 Simple Ways to Protect Your Digital Privacy
https://www.nytimes.com/2019/05/06/opinion/7-simple-ways-to-protect-your-digital-privacy.html
SKS Keyserver Network Under Attack
July 5, 2019a good example of a hypothetical attack that now becomes real
https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f QT:{{”
“The number one use of OpenPGP today is to verify downloaded packages for Linux-based operating systems, usually using a software tool called GnuPG. If someone were to poison a vendor’s public certificate and upload it to the keyserver network, the next time a system administrator refreshed their keyring from the keyserver network the vendor’s now-poisoned certificate would be downloaded. At that point upgrades become impossible because the authenticity of downloaded packages cannot be verified. Even downloading the vendor’s certificate and re-importing it would be of no use, because GnuPG would choke trying to import the new certificate. It is not hard to imagine how motivated adversaries could employ this against a Linux-based computer network.”
“}}
How North Korea’s Hackers Became Dangerously Good
July 1, 2018QT:{{”
“Once you have been selected to get into the cyber unit, you receive a title that makes you a special citizen, and you don’t have to worry about food and the basic necessities,” says a defector familiar with North Korea’s cyber training.”
“}}
https://www.wsj.com/articles/how-north-koreas-hackers-became-dangerously-good-1524150416
Spam: A Shadow History of the Internet Excerpt, Part 1: Scientific American
June 28, 2018https://www.amazon.com/Spam-Shadow-History-Internet-Infrastructures-ebook/dp/B00C4UU2E8
Spam: A Shadow History of the Internet [excerpt, Part 1]: Scientific
American http://www.scientificamerican.com/article.cfm?id=spam-shadow-history-of-internet-excerpt-part-one
discusses naive bayes
linkstream2 microblog 