"How we found #TeaOnHer spilling users’ driver’s licenses in less than 10 minutes"
The geo-politics of resilience: On the historical convergence between ecology, artificial intelligence, and corporate strategy https://journals.sagepub.com/doi/abs/10.1177/14614448251336420?ai=2b4&mi=ehikzz&af=R #cybersecurity #infosec
Turkish Crypto Exchange Confirms Security Incident, Assures Users Funds Are Safe - Turkish crypto exchange Btc Turk has temporarily halted cryptocurrency deposit and... - https://news.bitcoin.com/turkish-crypto-exchange-confirms-security-incident-assures-users-funds-are-safe/ #cybersecurity #security #hack
Putin Widens Effort to Control Russia’s Internet https://www.nytimes.com/2025/08/03/world/europe/russia-putin-internet.html #cybersecurity #infosec
hey #programming, I just decided to summarize most of the security trainings and courses for devs.
Missed one of my past conference talks? Let’s fix that.
I’m sharing my favorites—packed with real-world advice, lessons, and a few laughs.
“Security Learns to Sprint” https://twp.ai/4ipgXU
Watch out as the new #PS1Bot malware steals crypto wallets, passwords, and sensitive data, spreading through #malvertising while evading detection.
Read: https://hackread.com/malvertising-attack-crypto-stealing-ps1bot-malware/
Choosing between robots and fruit
https://adguard.com/en/blog/techtok-10-android-ios-privacy.html
"Government officials outside the US now openly talk of decoupling from America on topics like AI, platform governance, and tech-enabled industry policy. Those conversations — framed around “technological sovereignty” — have sprung up in even the most ardent of US allies where local policymakers are wary of attaching their countries’ long-term interests to the world’s largest economy whose policy agenda can appear to shift, arbitrarily, from one day to the next.
Such potential “digital conscious uncoupling” could not come at the worst time.
Authoritarian governments, led by China and Russia, are pursuing aggressive tactics — embodied in the United Nations’ Convention Against Cybercrime — to embed mass surveillance, widespread suppression and government control over how technology develops.
Confronted with this widespread threat to the digital world, Western democracies must speak with one voice, and not become divided among themselves. Unfortunately, that is now unlikely as Washington pushes MAGA policymaking and the US’ long-standing allies demur on signing up to a digital agenda that, for many, no longer meets their geopolitical needs."
#Microsoft asks users to ignore certificate enrollment errors
"The change comes in response to the planned revision of the Ordinance on the Surveillance of Correspondence by Post and Telecommunications (OSCPT), introduced by the Swiss Federal Council in January 2025. As previously reported by CyberInsider, the proposal would compel telecom and “derived communication service” providers (FSCDs) to impose mandatory user identification once they reach 5,000 users, retain this data for six months after service ends, and, where encryption keys are held, decrypt communications on request. Larger providers with more than one million users or CHF 100 million in annual revenue would face round-the-clock compliance obligations and real-time interception capabilities.
The proposed rules have drawn sharp criticism from the Swiss privacy sector. Firms like Nym, Threema, and Proton argued the measures threaten to dismantle Switzerland’s carefully cultivated image as a privacy haven, while introducing risks of systemic backdoors. In a recent CyberInsider interview, the decentralized messenger project Session said it was “keeping a close eye” on the ordinance’s progress, but noted that its architecture makes it less directly vulnerable to the proposed rules.
Proton, which operates services including Proton Mail, Proton VPN, Proton Drive, and Proton Pass, has been headquartered in Geneva since its founding in 2014. The company has long promoted Switzerland’s legal framework as a cornerstone of its security model, alongside its use of end-to-end encryption and no-logs policies. While the infrastructure move is a major operational change, Proton insists its privacy protections remain intact:"
https://cyberinsider.com/proton-confirms-gradual-exit-from-switzerland-over-surveillance-law-fears/
Did you know that I created a list of "Cyber-Security & Hacker related Documentaries: A Historical Timeline" (German and English
) repository at @Codeberg?
You are invited to participate by adding new entries.
#Documentaries #Dokumentationen #Hacker #CyberSecurity
https://codeberg.org/phranck/Cyber-Security_and_Hacker_Documentaries
New Open-Source Tool Spotlight
The `awscurl` tool simplifies making signed AWS API requests directly from your terminal. It combines cURL with AWS Signature Version 4, so you can interact with AWS services securely without manually signing headers. #AWS #DevOps
Project link on #GitHub
https://github.com/okigan/awscurl
#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity
— P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking
https://www.europesays.com/2329616/ Ed Tech Co. That Provides Telehealth to L.A. Students Experiences Data Breach – The 74 #California #Cybersecurity #Data #DataBreach #KokomoSolutions #Kokomo24/7 #LosAngeles #LosAngelesUnifiedSchoolDistrict #News #School(in)security #StudentPrivacy
Sloppy #AI defenses take #cybersecurity back to the 1990s, researchers say
https://www.scworld.com/news/sloppy-ai-defenses-take-cybersecurity-back-to-the-1990s-researchers-say
1. V2 Encryption: Mandatory E2EE & Audited Cryptography
#DeltaChat V2 enforces end-to-end encryption by default, eliminating legacy "unencrypted chat" risks. The Rust-based core uses rPGP (audited OpenPGP library) with Ed25519 (same as Signal) and post-quantum algorithms. ETH Zurich’s 2024 audit fixed 20 vulnerabilities in SecureJoin/Autocrypt protocols .
➤ Security benefit: Protection against MITM attacks via QR-based verification .
#Cybersecurity #Encryption
NEW SECURITY CONTENT
watchOS 11.6.1 - no CVE entries
iOS 18.6.1 - no CVE entries
Fake Netflix job scam targets job seekers, using phishing emails to steal Facebook logins and gain access to personal and corporate accounts.
Read: https://hackread.com/netflix-job-phishing-scam-steals-facebook-login-data/