photog.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A place for your photos and banter. Photog first is our motto Please refer to the site rules before posting.

Administered by:

Server stats:

243
active users

#exploits

0 posts0 participants0 posts today
Christoph Schmees<p>Digitalisierung in Deutschland, ein Trauerspiel</p><p>Nein, hier soll nicht von der völlig verkorksten Digitalisierung des Gesundheitswesens die Rede sein, sondern von "besonders sicheren" Mobiltelefonen für die Polizei. - Wer herausfinden möchte, woran Digitalisierung in Deutschland immer wieder scheitert, fange bei der Kleinstaaterei an - ach nein, das wird ja wohlklingend 'Föderalismus' genannt. Viele Bereiche, in denen eine Vereinheitlichung sinnvoll wäre, liegen leider in der Befugnis der Bundesländer, so auch die Polizei.</p><p><a href="https://www.pc-fluesterer.info/wordpress/2025/07/17/digitalisierung-in-deutschland-ein-trauerspiel/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">pc-fluesterer.info/wordpress/2</span><span class="invisible">025/07/17/digitalisierung-in-deutschland-ein-trauerspiel/</span></a></p><p><a href="https://social.tchncs.de/tags/Allgemein" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Allgemein</span></a> <a href="https://social.tchncs.de/tags/Empfehlung" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Empfehlung</span></a> <a href="https://social.tchncs.de/tags/Hintergrund" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hintergrund</span></a> <a href="https://social.tchncs.de/tags/Mobilfunk" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Mobilfunk</span></a> <a href="https://social.tchncs.de/tags/Warnung" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Warnung</span></a> <a href="https://social.tchncs.de/tags/0day" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>0day</span></a> <a href="https://social.tchncs.de/tags/cybercrime" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybercrime</span></a> <a href="https://social.tchncs.de/tags/datenleck" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>datenleck</span></a> <a href="https://social.tchncs.de/tags/digitalisierung" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>digitalisierung</span></a> <a href="https://social.tchncs.de/tags/exploits" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>exploits</span></a> <a href="https://social.tchncs.de/tags/hersteller" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hersteller</span></a> <a href="https://social.tchncs.de/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a> <a href="https://social.tchncs.de/tags/politik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>politik</span></a> <a href="https://social.tchncs.de/tags/sicherheit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sicherheit</span></a> <a href="https://social.tchncs.de/tags/smartphone" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>smartphone</span></a> <a href="https://social.tchncs.de/tags/UnplugTrump" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UnplugTrump</span></a> <a href="https://social.tchncs.de/tags/vorf%C3%A4lle" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vorfälle</span></a></p>
Christoph Schmees<p>Citrix Netscaler schon wieder sehr hohes Risiko</p><p>Die Produktlinie NetScaler begann als Marke der US-Firma Citrix. Inzwischen sind beides getrennte Marken unter dem Dach einer Firma mit Namen Cloud Software Group (CSG). - Aktuell gibt es Warnungen vor drei Sicherheitslücken in mehreren NetScaler Produkten. Die schlimmste der Sicherheitslücken, CVE 2025-5777, wird mit einem Risiko von 9,3 (von 10) eingestuft. Oder sollte man sagen Hintertür? Die Sicherheitslücke beruht nämlich darauf, dass Eingaben nicht ausreichend geprüft werden ("insufficient input validation"). Ah, ja.</p><p><a href="https://www.pc-fluesterer.info/wordpress/2025/06/25/citrix-netscaler-schon-wieder-sehr-hohes-risiko/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">pc-fluesterer.info/wordpress/2</span><span class="invisible">025/06/25/citrix-netscaler-schon-wieder-sehr-hohes-risiko/</span></a></p><p><a href="https://social.tchncs.de/tags/Empfehlung" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Empfehlung</span></a> <a href="https://social.tchncs.de/tags/Warnung" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Warnung</span></a> <a href="https://social.tchncs.de/tags/exploits" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>exploits</span></a> <a href="https://social.tchncs.de/tags/foss" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>foss</span></a> <a href="https://social.tchncs.de/tags/hersteller" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hersteller</span></a> <a href="https://social.tchncs.de/tags/hintert%C3%BCr" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hintertür</span></a> <a href="https://social.tchncs.de/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a> <a href="https://social.tchncs.de/tags/router" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>router</span></a> <a href="https://social.tchncs.de/tags/sicherheit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sicherheit</span></a> <a href="https://social.tchncs.de/tags/spionage" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>spionage</span></a> <a href="https://social.tchncs.de/tags/UnplugTrump" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UnplugTrump</span></a> <a href="https://social.tchncs.de/tags/usa" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>usa</span></a> <a href="https://social.tchncs.de/tags/vorbeugen" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vorbeugen</span></a> <a href="https://social.tchncs.de/tags/vpn" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vpn</span></a> <a href="https://social.tchncs.de/tags/wissen" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>wissen</span></a> <a href="https://social.tchncs.de/tags/closedsource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>closedsource</span></a> <a href="https://social.tchncs.de/tags/propriet%C3%A4r" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>proprietär</span></a> <a href="https://social.tchncs.de/tags/citrix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>citrix</span></a></p>
Christoph Schmees<p>Meloni bespitzelt Andersdenkende mit Pegasus Graphite</p><p>Heimlich, still und leise hat sich der Riege der Spionage-Apps aus Israel ein weiteres Schätzchen hinzu gesellt: Graphite von der Firma Pegasus Solutions. Die Firma steckt inzwischen unter einem amerikanischen Dach. Die Firma rühmt sich, nur ethisch/moralisch einwandfreie Einsätze ihres gefährlichen Werkzeugs zuzulassen. Spätestens seit Anfang diesen Jahres wissen wir, dass das nichts als hohles Wortgeklingel ist, wie immer in dieser Branche.</p><p><a href="https://www.pc-fluesterer.info/wordpress/2025/06/14/meloni-bespitzelt-andersdenkende-mit-pegasus-graphite/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">pc-fluesterer.info/wordpress/2</span><span class="invisible">025/06/14/meloni-bespitzelt-andersdenkende-mit-pegasus-graphite/</span></a></p><p><a href="https://social.tchncs.de/tags/Allgemein" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Allgemein</span></a> <a href="https://social.tchncs.de/tags/Hintergrund" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hintergrund</span></a> <a href="https://social.tchncs.de/tags/Mobilfunk" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Mobilfunk</span></a> <a href="https://social.tchncs.de/tags/Warnung" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Warnung</span></a> <a href="https://social.tchncs.de/tags/0day" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>0day</span></a> <a href="https://social.tchncs.de/tags/cybercrime" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybercrime</span></a> <a href="https://social.tchncs.de/tags/exploits" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>exploits</span></a> <a href="https://social.tchncs.de/tags/hintert%C3%BCr" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hintertür</span></a> <a href="https://social.tchncs.de/tags/messenger" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>messenger</span></a> <a href="https://social.tchncs.de/tags/meta" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>meta</span></a> <a href="https://social.tchncs.de/tags/politik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>politik</span></a> <a href="https://social.tchncs.de/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> <a href="https://social.tchncs.de/tags/privatsph%C3%A4re" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privatsphäre</span></a> <a href="https://social.tchncs.de/tags/sicherheit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sicherheit</span></a> <a href="https://social.tchncs.de/tags/smartphone" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>smartphone</span></a> <a href="https://social.tchncs.de/tags/spionage" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>spionage</span></a> <a href="https://social.tchncs.de/tags/UnplugTrump" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UnplugTrump</span></a> <a href="https://social.tchncs.de/tags/verfolgung" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>verfolgung</span></a> <a href="https://social.tchncs.de/tags/vorbeugen" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vorbeugen</span></a> <a href="https://social.tchncs.de/tags/vorf%C3%A4lle" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vorfälle</span></a> <a href="https://social.tchncs.de/tags/whatsapp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>whatsapp</span></a> <a href="https://social.tchncs.de/tags/wissen" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>wissen</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://grapheneos.social/@GrapheneOS" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>GrapheneOS</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon-belgium.be/@thpar" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>thpar</span></a></span> <span class="h-card" translate="no"><a href="https://mstdn.games/@chris" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>chris</span></a></span> <span class="h-card" translate="no"><a href="https://lemmy.ml/c/fairphone" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>fairphone@lemmy.ml</span></a></span> <span class="h-card" translate="no"><a href="https://mas.to/@fairphone" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>fairphone@mas.to</span></a></span> I don't have an <a href="https://infosec.space/tags/eOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>eOS</span></a> device to run a tool like <a href="https://infosec.space/tags/SnoopSnitch" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SnoopSnitch</span></a> <a href="https://f-droid.org/de/packages/de.srlabs.snoopsnitch/" rel="nofollow noopener" target="_blank">that has</a> a <a href="https://infosec.space/tags/Android" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Android</span></a> <a href="https://infosec.space/tags/PatchLevel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PatchLevel</span></a> tester to check against common <a href="https://infosec.space/tags/exploits" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>exploits</span></a> and <a href="https://infosec.space/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a>|Issues.</p>
PrivacyDigest<p>Found in the wild: 2 <a href="https://mas.to/tags/SecureBoot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecureBoot</span></a> <a href="https://mas.to/tags/exploits" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>exploits</span></a>. <a href="https://mas.to/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a> is patching only 1 of them. <br><a href="https://mas.to/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a></p><p><a href="https://arstechnica.com/security/2025/06/unearthed-in-the-wild-2-secure-boot-exploits-microsoft-patches-only-1-of-them/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">arstechnica.com/security/2025/</span><span class="invisible">06/unearthed-in-the-wild-2-secure-boot-exploits-microsoft-patches-only-1-of-them/</span></a></p>
≡ʀʀ🇵🇱<p>The story about chinese prison guards exploiting inmates by forcing them to do the world of warcraft gold farming... insane<br><a href="https://mastodon.social/tags/games" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>games</span></a> <a href="https://mastodon.social/tags/exploits" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>exploits</span></a> <a href="https://mastodon.social/tags/china" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>china</span></a></p>
Marcus "MajorLinux" Summers<p>Time to go update yo shit again!</p><p>Microsoft Urges Immediate Action to Address Five Actively Exploited Windows Zero-Days </p><p><a href="https://particle.news/share/PPocp" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">particle.news/share/PPocp</span><span class="invisible"></span></a></p><p><a href="https://toot.majorshouse.com/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a> <a href="https://toot.majorshouse.com/tags/Windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows</span></a> <a href="https://toot.majorshouse.com/tags/ZeroDay" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ZeroDay</span></a> <a href="https://toot.majorshouse.com/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a> <a href="https://toot.majorshouse.com/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://toot.majorshouse.com/tags/Exploits" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Exploits</span></a> <a href="https://toot.majorshouse.com/tags/Tech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tech</span></a></p>
The Spamhaus Project<p>With a +61% ⬆️ increase, 🇺🇸 US-based "charter.com" is #1 for hosting IPs associated with exploited devices: 193, 782 detections over the last 30 days....</p><p>....as well as 167 Spamhaus Blocklist (SBL) listings. </p><p>Spamhaus reputation statistics:<br>👉 <a href="https://www.spamhaus.org/reputation-statistics/networks/exploit/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">spamhaus.org/reputation-statis</span><span class="invisible">tics/networks/exploit/</span></a></p><p>SBL listings:<br>👉 <a href="https://check.spamhaus.org/sbl/listings/charter.com/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">check.spamhaus.org/sbl/listing</span><span class="invisible">s/charter.com/</span></a></p><p><a href="https://infosec.exchange/tags/IPs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IPs</span></a> <a href="https://infosec.exchange/tags/Exploits" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Exploits</span></a> <a href="https://infosec.exchange/tags/Spamhaus" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Spamhaus</span></a> <a href="https://infosec.exchange/tags/ReputationStatistics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ReputationStatistics</span></a> <a href="https://infosec.exchange/tags/ThreatIntel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThreatIntel</span></a></p>
Markus Feilner<p>Wahnsinn. <a href="https://mastodon.social/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a> <a href="https://mastodon.social/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>linux</span></a> <a href="https://mastodon.social/tags/log4j" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>log4j</span></a> <a href="https://mastodon.social/tags/itsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>itsec</span></a> <a href="https://mastodon.social/tags/exploits" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>exploits</span></a><br>"I am no hero" Unfassbar gut, lieber <span class="h-card" translate="no"><a href="https://ard.social/@br_data" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>br_data</span></a></span> ! <a href="https://mastodon.social/tags/br" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>br</span></a> <a href="https://mastodon.social/tags/bayerischerrundfunk" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bayerischerrundfunk</span></a></p><p>Linkempfehlung ARD Audiothek</p><p><a href="https://www.ardaudiothek.de/episode/wild-wild-web-geschichten-aus-dem-internet/das-wichtigste-hobby-der-welt/br/14442077/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">ardaudiothek.de/episode/wild-w</span><span class="invisible">ild-web-geschichten-aus-dem-internet/das-wichtigste-hobby-der-welt/br/14442077/</span></a></p>
Marcus "MajorLinux" Summers<p>Please make sure to update your devices!</p><p>Update Now: iOS 18.4.1 and macOS Sequoia 15.4.1 Address Actively Exploited Vulnerabilities </p><p><a href="https://www.macrumors.com/2025/04/16/ios-18-4-1-security-fixes/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">macrumors.com/2025/04/16/ios-1</span><span class="invisible">8-4-1-security-fixes/</span></a></p><p><a href="https://toot.majorshouse.com/tags/Apple" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Apple</span></a> <a href="https://toot.majorshouse.com/tags/iOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>iOS</span></a> <a href="https://toot.majorshouse.com/tags/macOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>macOS</span></a> <a href="https://toot.majorshouse.com/tags/Sequoia" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Sequoia</span></a> <a href="https://toot.majorshouse.com/tags/Exploits" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Exploits</span></a> <a href="https://toot.majorshouse.com/tags/Vulnerabilities" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vulnerabilities</span></a> <a href="https://toot.majorshouse.com/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a> <a href="https://toot.majorshouse.com/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://toot.majorshouse.com/tags/Tech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tech</span></a></p>
Christoph Schmees<p>Apple aktualisiert alles 2025-03</p><p>Genau so wie Microsoft (MS) veröffentlicht Apple monatlich Updates, die Sicherheitslücken schließen (sollen) und die neue Funktionen mitbringen (KI, mehr Spionage). Noch mehr als MS strengt Apple sich an, die Updates zu unentwirrbaren Paketen zu schnüren</p><p><a href="https://www.pc-fluesterer.info/wordpress/2025/04/10/apple-aktualisiert-alles-2025-03/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">pc-fluesterer.info/wordpress/2</span><span class="invisible">025/04/10/apple-aktualisiert-alles-2025-03/</span></a></p><p><a href="https://social.tchncs.de/tags/Hintergrund" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hintergrund</span></a> <a href="https://social.tchncs.de/tags/Mobilfunk" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Mobilfunk</span></a> <a href="https://social.tchncs.de/tags/Warnung" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Warnung</span></a> <a href="https://social.tchncs.de/tags/0day" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>0day</span></a> <a href="https://social.tchncs.de/tags/apple" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>apple</span></a> <a href="https://social.tchncs.de/tags/browser" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>browser</span></a> <a href="https://social.tchncs.de/tags/exploits" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>exploits</span></a> <a href="https://social.tchncs.de/tags/ios" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ios</span></a> <a href="https://social.tchncs.de/tags/macos" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>macos</span></a> <a href="https://social.tchncs.de/tags/sicherheit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sicherheit</span></a> <a href="https://social.tchncs.de/tags/smartphone" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>smartphone</span></a> <a href="https://social.tchncs.de/tags/usb" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>usb</span></a> <a href="https://social.tchncs.de/tags/vorbeugen" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vorbeugen</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@JessTheUnstill" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>JessTheUnstill</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@Pibble" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Pibble</span></a></span><br><br>And yes, I treat all devices as insecure and would rather invest the time and effort needed get <a href="https://infosec.space/tags/TechIlliterates" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechIlliterates</span></a> up to speed on the <a href="https://infosec.space/tags/OfflinePGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OfflinePGP</span></a> <a href="https://www.youtube.com/watch?v=vdab4T_CoN8" rel="nofollow noopener" target="_blank">method!</a></p><ul><li>Sounds cumbersome, but when your threat model literally goes against the #1 <a href="https://infosec.space/tags/Hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hacking</span></a> <a href="https://infosec.space/tags/Regime" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Regime</span></a> (<a href="https://infosec.space/tags/USA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>USA</span></a>) with more <a href="https://infosec.space/tags/Exploits" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Exploits</span></a> stockpiled than any hacking forum (cuz <a href="https://infosec.space/tags/NOBUS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NOBUS</span></a> <a href="https://en.wikipedia.org/wiki/NOBUS" rel="nofollow noopener" target="_blank">doctrine</a>), you gotta have to upgrade.</li></ul><p>Given the cheapness of storage (legitimate 1TB microSD cards exist and they ain't 4-digit items!) I'd legitimately look into <a href="https://infosec.space/tags/OTP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OTP</span></a> <a href="https://infosec.space/tags/encryption" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>encryption</span></a> and (<em>IF I had the €€€€€€ to do so!</em>) would even sponsor implementing it in <a href="https://infosec.space/tags/OpenVPN" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenVPN</span></a>, <a href="https://infosec.space/tags/WireGuard" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WireGuard</span></a> and <a href="https://infosec.space/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSSH</span></a> (for <a href="https://infosec.space/tags/SSH" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSH</span></a>-Tunmeling).</p><ul><li>The <a href="https://infosec.space/tags/US" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>US</span></a> is a <a href="https://infosec.space/tags/RogueNation" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RogueNation</span></a> with a Rogue Government! The sooner we accept this reality the sooner we can not only adjust to it but act accordingly…</li></ul><p>I <em>sincerely wish</em> y'all could legitimately call me a tinfoilhat but so far I've been proven right all the time...</p>
Christoph Schmees<p>Warnung vor Online-Konvertern</p><p>Im Internet bieten viele Online-Dienste eine Bearbeitung von Benutzerdaten an. Beispiele sind OCR oder Formatwandler. Hier sind zwei Warnungen angebracht. Man muss immer im Hinterkopf behalten, dass die Anbieter ihre Dienste nicht aus reiner Menschenfreundlichkeit betreiben. </p><p><a href="https://www.pc-fluesterer.info/wordpress/2025/03/22/warnung-vor-online-konvertern/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">pc-fluesterer.info/wordpress/2</span><span class="invisible">025/03/22/warnung-vor-online-konvertern/</span></a></p><p><a href="https://social.tchncs.de/tags/Allgemein" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Allgemein</span></a> <a href="https://social.tchncs.de/tags/Empfehlung" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Empfehlung</span></a> <a href="https://social.tchncs.de/tags/Hintergrund" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hintergrund</span></a> <a href="https://social.tchncs.de/tags/Warnung" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Warnung</span></a> <a href="https://social.tchncs.de/tags/cybercrime" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybercrime</span></a> <a href="https://social.tchncs.de/tags/exploits" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>exploits</span></a> <a href="https://social.tchncs.de/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> <a href="https://social.tchncs.de/tags/privatsph%C3%A4re" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privatsphäre</span></a> <a href="https://social.tchncs.de/tags/sicherheit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sicherheit</span></a> <a href="https://social.tchncs.de/tags/vorbeugen" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vorbeugen</span></a> <a href="https://social.tchncs.de/tags/wissen" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>wissen</span></a></p>
PrivacyDigest<p>Thousands of <a href="https://mas.to/tags/TPLink" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TPLink</span></a> routers have been infected by a <a href="https://mas.to/tags/botnet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>botnet</span></a> to spread malware | Tom's Guide</p><p>report from the Cato CTRL team, the <a href="https://mas.to/tags/Ballista" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ballista</span></a> botnet <a href="https://mas.to/tags/exploits" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>exploits</span></a> a remote code execution vulnerability that directly impacts the TP-Link Archer AX-21 router.</p><p>The botnet can lead to command injection which then makes remote code execution (RCE) possible so that the <a href="https://mas.to/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a> can spread itself across the internet automatically. has also been used to spread other <a href="https://mas.to/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a> families</p><p><a href="https://www.tomsguide.com/computing/malware-adware/thousands-of-tp-link-routers-have-been-infected-by-a-botnet-to-spread-malware" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">tomsguide.com/computing/malwar</span><span class="invisible">e-adware/thousands-of-tp-link-routers-have-been-infected-by-a-botnet-to-spread-malware</span></a></p>
PrivacyDigest<p>From <a href="https://mas.to/tags/Pegasus" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Pegasus</span></a> to <a href="https://mas.to/tags/Predator" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Predator</span></a> - The evolution of Commercial <a href="https://mas.to/tags/Spyware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Spyware</span></a> on <a href="https://mas.to/tags/iOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>iOS</span></a> - media.ccc.de</p><p>My talk explores the trajectory of iOS spyware from the initial discovery of Pegasus in 2016 to the latest cases in 2024.</p><p>The talk will start with an analysis how <a href="https://mas.to/tags/exploits" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>exploits</span></a> , <a href="https://mas.to/tags/infection" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infection</span></a> vectors and methods of commercial spyware on iOS have changed over time<br><a href="https://mas.to/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> <a href="https://mas.to/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://mas.to/tags/ccc" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ccc</span></a> </p><p><a href="https://media.ccc.de/v/38c3-from-pegasus-to-predator-the-evolution-of-commercial-spyware-on-ios" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">media.ccc.de/v/38c3-from-pegas</span><span class="invisible">us-to-predator-the-evolution-of-commercial-spyware-on-ios</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.bsd.cafe/@chesheer" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>chesheer</span></a></span> yeah, I'd see this as classic <a href="https://infosec.space/tags/Disinfo" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Disinfo</span></a> given metrics like <a href="https://infosec.space/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a>|s and actual <a href="https://infosec.space/tags/exploits" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>exploits</span></a> and <a href="https://infosec.space/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a> in the wild.</p><ul><li><a href="https://infosec.space/tags/OpenBSD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenBSD</span></a> definitely is <em>more secure</em> than <a href="https://infosec.space/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> even if it's just by virtue of shedding functionality and support!</li></ul>
PrivacyDigest<p>Code found online <a href="https://mas.to/tags/exploits" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>exploits</span></a> <a href="https://mas.to/tags/LogoFAIL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LogoFAIL</span></a> to install <a href="https://mas.to/tags/Bootkitty" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Bootkitty</span></a> <a href="https://mas.to/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> <a href="https://mas.to/tags/backdoor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>backdoor</span></a> <br><a href="https://mas.to/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a></p><p><a href="https://arstechnica.com/security/2024/11/code-found-online-exploits-logofail-to-install-bootkitty-linux-backdoor/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">arstechnica.com/security/2024/</span><span class="invisible">11/code-found-online-exploits-logofail-to-install-bootkitty-linux-backdoor/</span></a></p>
Manuel 'HonkHase' Atug<p>Kritischer Firewall-Bug: Über 2000 Palo-Alto-Geräte weltweit bereits <a href="https://chaos.social/tags/geknackt" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>geknackt</span></a></p><p>"Im deutschsprachigen Raum gibt es nur wenige Dutzend <a href="https://chaos.social/tags/Betroffene" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Betroffene</span></a>, zwei Länder hat es jedoch besonders stark erwischt. <a href="https://chaos.social/tags/Exploits" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Exploits</span></a> sind mittlerweile öffentlich."<br><a href="https://chaos.social/tags/Lieferkette" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Lieferkette</span></a> <a href="https://chaos.social/tags/fail" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fail</span></a> <a href="https://www.heise.de/news/Kritischer-Firewall-Bug-Ueber-2000-Palo-Alto-Geraete-weltweit-bereits-geknackt-10105274.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">heise.de/news/Kritischer-Firew</span><span class="invisible">all-Bug-Ueber-2000-Palo-Alto-Geraete-weltweit-bereits-geknackt-10105274.html</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@adamshostack" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>adamshostack</span></a></span> And now you know why my current car doesn't even have a remote to open / close it's doors/windows! </p><ul><li>Because this level of <a href="https://infosec.space/tags/Enshittification" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Enshittification</span></a> is how we end up with <a href="https://infosec.space/tags/OwnStar" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OwnStar</span></a> and other <a href="https://infosec.space/tags/Exploits" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Exploits</span></a> that <em>SHOULD NOT HAVE BEEN POSSIBLE TO BEGIN WITH!</em> But hey thanks to <span class="h-card" translate="no"><a href="https://ec.social-network.europa.eu/@EUCommission" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>EUCommission</span></a></span> we'll now have <a href="https://infosec.space/tags/mandatory" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mandatory</span></a> <a href="https://infosec.space/tags/Govware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Govware</span></a> <a href="https://infosec.space/tags/Backdoors" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Backdoors</span></a> with <a href="https://infosec.space/tags/OTA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OTA</span></a> <a href="https://infosec.space/tags/Updates" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Updates</span></a> for <a href="https://infosec.space/tags/Cars" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cars</span></a> in the <a href="https://infosec.space/tags/EU" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EU</span></a>, enshuring that - [besides the whole mandatory <a href="https://infosec.space/tags/tracker" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tracker</span></a> aka. <a href="https://infosec.space/tags/eCall" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>eCall</span></a> <a href="https://infosec.space/tags/Spyware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Spyware</span></a>] I'll never ever buy or drive a car made after 2016.</li></ul>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@malwaretech" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>malwaretech</span></a></span> thanks for adding another legendary <a href="https://infosec.space/tags/ITsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ITsec</span></a> <a href="https://infosec.space/tags/fuckup" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fuckup</span></a> by <a href="https://infosec.space/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a> to the long list of *"<a href="https://infosec.space/tags/WontFix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WontFix</span></a>" <a href="https://infosec.space/tags/Exploits" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Exploits</span></a> that prevent me from even touching <a href="https://infosec.space/tags/Windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows</span></a> at all...</p><p>If a literal <a href="https://infosec.space/tags/Govware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Govware</span></a> <a href="https://infosec.space/tags/Backdoor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Backdoor</span></a> in the <a href="https://infosec.space/tags/CryptoAPI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CryptoAPI</span></a> <a href="https://github.com/kkarhan/windows-ca-backdoor-fix" rel="nofollow noopener" target="_blank">wasn't worse enough already</a>...</p>