Show more
ᏤⵁŁ₮ƦⵁИł€  

SwiftOnSecurity digs into the Apple CSAM scanning fiasco. Some of the points they touch on haven't been widely discussed before.

twitter.com/SwiftOnSecurity/st

1+
ᏤⵁŁ₮ƦⵁИł€  

TIL that the hak5 O.mg cable is based on tech the NSA has been using since at least 2009. I suppose I'm late to the party on this part of the Snowden leaks.

NSA ANT catalog - Wikipedia (see items 2-5 under Capabilities List)
en.wikipedia.org/wiki/NSA_ANT_

1
ᏤⵁŁ₮ƦⵁИł€  

Apple Delays Rollout of Controversial Child Safety Features to Make Improvements - MacRumors
macrumors.com/2021/09/03/apple

0
ᏤⵁŁ₮ƦⵁИł€  

Google Chrome to remove detailed cookie and site data controls
lapcatsoftware.com/articles/ch

1
ᏤⵁŁ₮ƦⵁИł€  

TikToker Makes Script to Flood Texas Abortion 'Whistleblower' Site With Fake Info - VICE
vice.com/en/article/z3x9ba/tik

1+
ᏤⵁŁ₮ƦⵁИł€  

QNAP Working on Patches for OpenSSL Flaws Affecting its NAS Devices
thehackernews.com/2021/09/qnap

1
ᏤⵁŁ₮ƦⵁИł€  

0
ᏤⵁŁ₮ƦⵁИł€  

If you care about personal privacy and oppressive regimes using extremely powerful spying tools against people they don't like, please listen to episodes 99 and 100 of Darknet Diaries.

Some of you might know about Black Cube, the NSO Group, and Pegasus. If not, you will be shocked by what you learn here.

It's a two-episode set and you really need to listen to both, as it comes full circle. Jack and his team really did an exceptional job on this one.

darknetdiaries.com/episode/

1+
ᏤⵁŁ₮ƦⵁИł€  

After Storms, Watch Out for Scams | Federal Communications Commission

"Natural disasters and severe weather can create opportunities for fraud in their wake, occurring at a time when people may be especially vulnerable, or targeting charitable intentions.
Scammers use phone, text, mail, email, and even go door to door to target residents of affected areas following hurricanes and damaging storms."

fcc.gov/consumers/guides/after

1
ᏤⵁŁ₮ƦⵁИł€  

Here is the latest reason to not blindly click links from your email.

Microsoft Warns of Widespread Phishing Attacks Using Open Redirects

Microsoft is warning of a widespread credential phishing campaign that leverages open redirector links in email communications as a vector to trick users into visiting malicious websites while effectively bypassing security software.

thehackernews.com/2021/08/micr

1
ᏤⵁŁ₮ƦⵁИł€  

Related to the Razr story posted the other day: Here is another peripheral from a different company that can get you privilege escalation in Windows.

It stands to reason there are devices from even more companies whose installers have similar loopholes.

0xsp | Local administrator is not just with Razer.. it is possible for ALL
0xsp.com/security%20research%2


nosanitize

1
ᏤⵁŁ₮ƦⵁИł€  

GitHub - nuvious/pam-duress: A Pluggable Authentication Module (PAM) which allows the establishment of alternate passwords that can be used to perform actions to clear sensitive data, notify IT/Security staff, close off sensitive network connections, etc if a user is coerced into giving a threat actor a password.
github.com/nuvious/pam-duress

1
ᏤⵁŁ₮ƦⵁИł€  

Installing Razr devices on Windows allows privilege escalation!

//

Need local admin and have physical access?
- Plug a Razer mouse (or the dongle)
- Windows Update will download and execute RazerInstaller as SYSTEM
- Abuse elevated Explorer to open Powershell with Shift+Right click

Tried contacting @Razer, but no answers. So here's a freebie t.co/xDkl87RCmz

1+
ᏤⵁŁ₮ƦⵁИł€  

"With good intentions, Apple has ​​paved the road to mandated security weakness around the world, enabling and reinforcing the arguments that, should the intentions be good enough, scanning through your personal life and private communications is acceptable."

If You Build It, They Will Come: Apple Has Opened the Backdoor to Increased Surveillance and Censorship Around the World | Electronic Frontier Foundation
eff.org/deeplinks/2021/08/if-y

1+
ᏤⵁŁ₮ƦⵁИł€  

🚨 BREAKING 🚨

Earlier today, I received the full source code for the suspect Dominion voting machines. I assured my source that this would only be shared with a select group of the most trustworthy cyber people.

Please use extreme discretion in your analysis.

youtu.be/EX2M90OzYQY

1
ᏤⵁŁ₮ƦⵁИł€  

One of my neighbors is playing a dangerous game.

1+
ᏤⵁŁ₮ƦⵁИł€  

🚨 Home Router Alert 🚨

Millions Of Wi-Fi Routers Could Be Enslaved In Nasty Mirai Botnet, Check Your Model Here | HotHardware
hothardware.com/news/new-route

1
ᏤⵁŁ₮ƦⵁИł€  

The creator of Foto Forensics goes into detail with the claims Apple is making about its new on-device CSAM scanning, including some potential legal problems with their approach.

One Bad Apple - The Hacker Factor Blog
hackerfactor.com/blog/index.ph

nosanitize

1
ᏤⵁŁ₮ƦⵁИł€  

Apple Privacy Letter: An Open Letter Against Apple's Privacy-Invasive Content Scanning Technology
appleprivacyletter.com/

1+
ᏤⵁŁ₮ƦⵁИł€  

This is a great thread from the person who broke the news yesterday about Apple doing client-side scanning on user devices.

Anyone who considers Apple to be a model of protecting their customer's data should consider the points he raises.

twitter.com/matthew_d_green/st

1+
Show more

ᏤⵁŁ₮ƦⵁИł€
@[email protected]

cosomusic

720

cososec

622

cosoclassical

347

musictheory

138

cosoteachers

59

caffeineclub

42

CounterSocial is the first Social Network Platform to take a zero-tolerance stance to hostile nations, bot accounts and trolls who are weaponizing OUR social media platforms and freedoms to engage in influence operations against us. And we're here to counter it.

Resources

Developers

What is CounterSocial?

Created by potrace 1.15, written by Peter Selinger 2001-2017

counter.social

More…