Shortly after, suspicious activity from the employee’s laptop triggered a SOC alert and an investigation began.

looks like what happened is the employee had their company issue laptop mailed to a “laptop mule” (someone residing within the US who would operate the laptop on their behalf). The laptop mule then installed remote access software, allowing the real worker to control the laptop remotely from North Korea.

KnowBe4 Security Reports They Were Infiltrated By North Korean Worker

https://blog.knowbe4.com/how-a-north-korean-fake-it-worker-tried-to-infiltrate-us

This is an interesting one because it goes into details about what prompted the company to investigate one of their remote workers, concluding that they were a North Korean resident posing as a US citizen - The employee applied for a remote security job using a stolen US passport, along with an AI altered photo. They were able to pass a 4 round interview process and get the job.

According to Dragos, a threat actor dubbed FrostyGoop was able to gain access to the systems of a Ukrainian energy provider and disable heating to over 600 apartment buildings for two days during subzero temperatures.

#Ukraine

The threat actors had spent over 10 months inside the provider’s network mapping systems and gathering credentials

(PDF report)

https://share.counter.social/s/4f3399

If you haven't already

Use Aegis instead

https://github.com/beemdevelopment/Aegis

/nosanitize

https://play.google.com/store/apps/details?id=com.beemdevelopment.aegis

Organizations Warned of Exploited Twilio Authy Vulnerability

#CoSoSec

CISA warns of the in-the-wild exploitation of CVE-2024-39891, a Twilio Authy bug leading to the disclosure of phone number data

https://www.securityweek.com/organizations-warned-of-exploited-twilio-authy-vulnerability

ICYMI

https://counter.social/@ecksmc/112724348565843090

https://counter.social/@ecksmc/108832534223878404

@john_b that one I never actually tried myself, does look good though, was someone elsewhere that put me onto it 👍

@john_b Fossify Calendar?

https://github.com/FossifyOrg/Calendar

https://f-droid.org/packages/org.fossify.calendar/

Or Simple Calendar Pro

https://github.com/SimpleMobileTools/Simple-Calendar

https://f-droid.org/packages/com.simplemobiletools.calendar.pro/

Two that spring to mind - personally I use tuta-mail calendar for most of my private stuff & google calendar & tasks for other less private stuff just cause it syncs with all my devices

FACT FOCUS: A look at false claims around Kamala Harris and her campaign for the White House

https://apnews.com/article/harris-trump-biden-election-misinformation-d4efb8f48904d71e914e4d1376ca9b28

There are some right outlandish things being spread around that's for sure

Just wait till they are in a cell & cameras are off 😆

The days of cops rushing in a cell mob handed covering you with blankets to beat the living shte oot you might be over but hitting a female cop still warrants a beat down

ERM..... Well if you break an officers nose and punch other officers they are gonna hit back wither your on ground or not

female officer sustained a broken nose and two other officers were “subject to a violent assault” and “punched to the ground” as they attempted to arrest one of the suspects

Armed police officer filmed kicking man in face as he lay on ground at Manchester airport

https://www.theguardian.com/uk-news/article/2024/jul/24/armed-police-officer-filmed-kicking-man-in-face-at-manchester-airport

I don't see why this is being made out to be "outrageous behaviour" by some

@opie 👍

@feloneouscat 😂😂😂

DDG is a good search engine, that and StartPage,
DDG browser I'm not a fan of really

GoGoDuck 😆

@opie 😂😂 yup I feel ya on that

Tried a few workarounds for that before but they ended up more cumbersome than useful URL check is flawless tap a link window opens dropdown menu for picking browser

Just mind and make sure certain apps don't use in-app-browsers via their settings and when in a browser itself long press & share will open the window if you need to switch browsers or just wanna check URL safety via modules 😜

@opie 👍

Its pretty awesome

One module uses Steven black hosts for adware\malware, fake news, gambling and adult content - that along with VirusTotal module 🤓😎

And other handy modules you can enable or not it's deffo well worth using - the allowing to pick what browser to open links in is a bonus & something I've missed since Android forces us to pick a default browser

@MichaelTalon dicktim syndrome

Dicktim (noun): Someone who acts like a dick, then acts like a victim about it.

Yup she sure does

@opie I mainly use it for sites I know I will only be reading one page

Like clicking URLs from SM sites mainly

It is very limited on features other than privacy stuff there is none lol

I use URL check

https://counter.social/@ecksmc/112637034324970454

Which then allows me to select what browser I wanna open links in - set URL check as default browser - really handy for that alone but with loadsa modules to help determine if a link is safe and tools like a URL sanitizer, unshorten short URLs etc....

Owens parted ways in March with The Daily Wire, after having spoken of “secret Jewish gangs” in Hollywood; liked a tweet accusing Jews of drinking Christian blood; suggested Ben Shapiro, The Daily Wire’s Jewish founder, cared more about money than God

https://www.middleeastmonitor.com/20240310-candace-owens-says-secret-jewish-gangs-commit-horrific-things-on-people-in-hollywood/

people like Candace Owens have built their audience by trafficking in medieval anti-Jewish tropes.

Trump’s campaign announced that Donald Trump Jr would host an event featuring antisemitic conspiracy theorist Candace Owens

https://jewishinsider.com/2024/07/candace-owens-scheduled-to-headline-trump-campaign-fundraiser/

Tuesday evening, it appeared that Owens had been scrubbed from the event

https://x.com/StopAntisemites/status/1815845881494790507

Firefox focus is another good browser for Android better than Firefox itself

FF-Focus as the name suggests focuses on privacy

Cromite I've been using, on a device, and it's pretty good privacy wise

https://counter.social/@ecksmc/112636722050190978

Thing is people have choices

If folk wanna allow chrome browser to suck up all their info for google can't blame google for that really.... Data is money to these companies after all

Folk shouldn't just use something cause its convenient - they folk don't care about their data anyway - instead of actually looking for ways to limit their data sharing they just accept all data will be taken & 🤷‍♂️