Asyn
4921
Asyn
4922
Eddy
4923
Protecting users from repeatedly dangerous sites
https://security.googleblog.com/2016/11/protecting-users-from-repeatedly_8.html
I hope they also will maintain something like a “3 strikes and you are out” policy or…
first offend - 1 month out
second offend - 3 months out
third offend - out for ever
Asyn
4925
polonus
4926
Is facebook rewarding cybercriminals here?:
Facebook buys black market passwords to keep your account safe
https://www.cnet.com/news/facebook-chief-security-officer-alex-stamos-web-summit-lisbon-hackers/
polonus
polonus
4927
Data breach on 421 million users:
https://www.leakedsource.com/blog/friendfinder
making this the largest hack of 2016.
The password 123456 brought 900.000 hits,
and so is the most popular and most insecure password of the planet. :
Your security out of the window before you can count to ten ;D
polonus
bob3160
4928
It’s always nice when you see a massive breach like this and know you aren’t in any way effected.
polonus
4929
Threats on smartdevices mapped out for you.
'In order to fully address the inherent threats of mobile devices, a wider view of the mobile ecosystem is necessary. This repository contains the Mobile Threat Catalogue, which describes, identifies, and structures the threats posed to mobile information systems. Readers of the catalogue will notice there are gaps; some threats are not tied to a documented source or lack countermeasures, and other threats not identified here may exist. The National Cybersecurity Center of Excellence (NCCoE) seeks comment on current mobile threats addressed in the Catalogue as well as ideas for additional threats to add...........'
See: https://pages.nist.gov/mobile-threat-catalogue/
info link credits go to: cowboysec.
My advice to mitigate would be : https://daplie.github.io/browser-authenticator/ & https://www.authy.com/app/mobile/
polonus
polonus
4930
700 million mobile phones may have phoned home to Shanghai: http://www.prnewswire.com/news-releases/kryptowire-discovered-mobile-phone-firmware-that-transmitted-personally-identifiable-information-pii-without-user-consent-or-disclosure-300362844.html
pol
P.S. Funny as there is nothing here: http://toolbar.netcraft.com/site_report?url=http://bigdata.adups.com
Just the index default page and this for all the addresses Kryptowire discusses. Just the welcome to nginx/1.8.0. (port 80 (with a 404) and 443 only)
Is this some demonizing?
Certification for adups dot com - Root installed on the server. Global Trust CA & Rapid SSL256 -CA -G3
For best practices, remove the self-signed root from the server.
Registrar - Alibaba Group China aka Bo Zhang Store.
D
bob3160
4931
http://screencast-o-matic.com/screenshots/u/Lh/1479328602176-74351.png
[b]http://blog.pch.com/blog/2013/04/05/5-ways-to-know-if-its-a-publishers-clearing-house-scam/[/b]
I just received one of these phone calls here in New Mexico. So the scammers are out there. Don’t send any money and,
Sorry you’re not a winner. You will be a big looser if you fall for this.
Pondus
4933
polonus
4934
Why Ghostery facilitates Google’s profiling to be more profound?
Using Ghostery extension will enable Google to even better and more uniquely profiling you,
combining your use of the extension and other tracking and fingerprinting vectors.
Bad for the over one million users of the extension.
Check your browser here: https://panopticlick.eff.org/
You wanna read on this fingerprinting with Ghostery,
go to : https://blog.securitee.org/?p=277
A better extension to use is Tracker SSL telling you where,
insecure IDs tracking continues on “secure” SSL-websites.
Think that extensions are only tolerated in Google’s Webshop,
when they do not interfere with Google’s main income flow (ads and data-selling)
Firefox also does not much towards better end-user privacy,
despite of the fact they have all it takes under the hood in about:config.
Could it be they won’t loose Google sponsoring their browser?
Check your factial tracking on certain websites here and you might feel shocked about the results:
https://tools.digitalmethods.net/beta/trackerTracker/
polonus
DavidR
4935
I tried Ghostery a long time ago when it first came out (and I think you were promoting it), I never really liked it as it conflicted with one of my other add-ons. I preferred to stick with my security add-ons NoScript and RequestPolicy. Cookie Monster is another handy add-on to control cookies.
The main issue with some of these so called security add-ons is they require a degree of user management and that puts off many users.
So looks like I dodged that bullet.
polonus
4936
A lot ado about loosing the last remnants of our privacy.
Two new browsers with privacy at heart launched recently.
(We of course all know and have Avast SafeZone browser on the desktop).
New promising concepts are Firefox Focus versus Blaze.
Allthough the CEO at Blaze is being criticized for his Christian fundamental constitutional views,
he still is the inventor of Javascript and i.m.h.o. did a fine job on Blaze (Win64).
For Android I like his Blaze LinkBubble app.
The only “?” for such browsers is you cannot choose a privacy friendly search engine,
that forms a good alternative to google,
which search engine again turns the browser in one big ongoing tracking and profiling machine.
With Google it is like the Eagles sang: “You can check in but never leave”.
polonus
polonus
4937
Ask dot com toolbar, long by some considered to be a kind of adware on its own,
now has been hacked by malcreants to spread malware.
Read: https://blog.redcanary.com/ask-partner-network-compromise
polonus
polonus
4938
polonus
4939
As more of EU-countries want a grab in the cloud data for surveillance, without even having to put in a Mutual Legal Assistance Treaty request,
it is high time to improve on general cloud protection.
With all the data breaches and the questionable security status of a greater part of the know CDNs, cloudsecurity is at stake.
polonus
bob3160
4940
Some advise that you should switch to SAFE Linux. :o
Maybe not so safe ???
Elegant 0-day unicorn underscores “serious concerns” about Linux security
