Search
Items tagged with: cybersecurity
I've personally grown to hate the security theatre of rotating my bank passwords every six months, especially because of requirements like "must contain one uppercase, one symbol, one lowercase, one special case and the blood of a unicorn."
When mathematically, a simple, grammatically incorrect sentence of 25 characters is much harder for a machine to crack than a gibberish 8-character password with symbols.
Entropy loves length.
I love the idea that the most secure key to your digital life could just be a weird little poem or an inside joke that only you know. Security doesn't have to be painful.
#infosec #passwords #cybersecurity #UX #security #sysadmin #programming #foss #linux #privacy #enshittification #reading #finance
#UnderArmour says it’s ‘aware’ of #DataBreach claims after 72M customer records were posted online
techcrunch.com/2026/01/22/unde…
#cybersecurity #privacy #fitness #fashion #clothing
Under Armour says it's 'aware' of data breach claims after 72M customer records were posted online | TechCrunch
TechCrunch obtained a sample of the stolen data, which contained names, email addresses, dates of birth, and the user's approximate geographic location. Under Armour confirmed some sensitive information was taken in the breach.Zack Whittaker (TechCrunch)
#Google adds your #Gmail and #Photos to #AI Mode to enable “#PersonalIntelligence”
arstechnica.com/google/2026/01…
#privacy #cybersecurity #Gemini
Google adds your Gmail and Photos to AI Mode to enable "Personal Intelligence"
Personal Intelligence is optional and rolling out first to AI Pro and AI Ultra subscribers.Ryan Whitwam (Ars Technica)
#Kimwolf #Botnet Lurking in Corporate, Govt. Networks
krebsonsecurity.com/2026/01/ki…
Kimwolf Botnet Lurking in Corporate, Govt. Networks
A new Internet-of-Things botnet called Kimwolf has spread to more than 2 million devices, forcing infected systems to participate in massive distributed denial-of-service (DDoS) attacks and to relay other malicious and abusive Internet traffic.krebsonsecurity.com
#Fortinet confirms critical #FortiCloud auth bypass not fully patched
#AI models are showing a greater ability to find and exploit vulnerabilities on realistic cyber ranges
Hackers get $1,047,000 for 76 zero-days at #Pwn2Own Automotive 2026
bleepingcomputer.com/news/secu…
#cybersecurity #IoT #cars
#Microsoft Gave #FBI Keys To Unlock Encrypted Data, Exposing Major #Privacy Flaw
#Apple's Secret Product Plans Stolen in #Luxshare #Cyberattack
macrumors.com/2026/01/21/apple…
Apple's Secret Product Plans Stolen in Luxshare Cyberattack
The Apple supplier subject to a major cyberattack last month was China's Luxshare, it has now emerged. More than 1TB of confidential Apple...Hartley Charlton (MacRumors.com)
Researchers say Russian government hackers were behind attempted #Poland power outage
techcrunch.com/2026/01/23/rese…
#cybersecurity #Russia #infrastructure
Researchers say Russian government hackers were behind attempted Poland power outage | TechCrunch
Security researchers have attributed the attempted use of destructive "wiper" malware across Poland's energy infrastructure in late December to a Russian-backed hacking group known for causing power outages in neighboring Ukraine.Zack Whittaker (TechCrunch)
From #Protest to Peril: #Cellebrite Used Against Jordanian Civil Society
citizenlab.ca/research/from-pr…
#Jordan #privacy #cybersecurity #surveillance #activism
From Protest to Peril: Cellebrite Used Against Jordanian Civil Society - The Citizen Lab
Through a multi-year investigation, we find that the Jordanian security apparatus has deployed forensic extraction products manufactured by Cellebrite against civil society devices.The Citizen Lab
#Linux #Snap Users Warned as Attackers Push #Malware Through Old Trusted Apps
linuxiac.com/linux-snap-users-…
Linux Snap Users Warned as Attackers Push Malware Through Old Trusted Apps
A new Snap Store scam campaign abuses expired publisher domains to bypass trust signals and deliver malicious app updates.Bobby Borisov (Linuxiac)
Saudi satirist hacked with #Pegasus #spyware wins damages in court battle
techcrunch.com/2026/01/26/saud…
#SaudiArabia #privacy #cybersecurity
Saudi satirist hacked with Pegasus spyware wins damages in court battle | TechCrunch
The London High Court awarded the London-based satirist and human rights activist Ghanem Al-Masarir more than £3 million, after finding the Saudi government hacked his phone and was likely behind a physical attack targeting him in London.Zack Whittaker (TechCrunch)
How to encrypt your PC’s disk without giving the keys to #Microsoft
arstechnica.com/gadgets/2026/0…
#Windows #BitLocker #cybersecurity
How to encrypt your PC's disk without giving the keys to Microsoft
Storing recovery keys with Microsoft allows the company to unlock your disk.Andrew Cunningham (Ars Technica)
New #malware service guarantees #phishing extensions on #Chrome web store
Who Operates the #Badbox 2.0 #Botnet?
krebsonsecurity.com/2026/01/wh…
Who Operates the Badbox 2.0 Botnet?
The cybercriminals in control of Kimwolf -- a disruptive botnet that has infected more than 2 million devices -- recently shared a screenshot indicating they'd compromised the control panel for Badbox 2.krebsonsecurity.com
#China hacked #DowningStreet phones for years
telegraph.co.uk/news/2026/01/2…
#UK #privacy #cybersecurity #politics
China hacked Downing Street phones for years
Spying operation targeted senior government members, including aides to Boris Johnson and Rishi SunakRozina Sabur (The Telegraph)
Have I Been Pwned: #SoundCloud #DataBreach impacts 29.8 million accounts
Over 6,000 #SmarterMail servers exposed to automated hijacking attacks
#Apple patches ancient #iOS versions to keep #iMessage, #FaceTime, other services working
arstechnica.com/gadgets/2026/0…
#cybersecurity #privace #iPhone
Apple patches ancient iOS versions to keep iMessage, FaceTime, other services working
Apple renews certificates for old iOS versions to keep the lights on longer.Andrew Cunningham (Ars Technica)
Happy Data Protection Day!
20th anniversary online event: coe.int/web/data-protection/da…
#Data #DataProtection #DataPrivacy #Privacy #InfoSec #InformationSecurity #CyberSecurity #Encryption #E2EE #Security #PasswordManager #SelfHost #SelfHosted #SelfHosting #Linux #DataSovereignty #CouncilOfEurope #CoE #EDPS #EuropeanDataProtectionSupervisor #DPD #DPD2026 #OpenPGP #PGP #GnuPG #GPG #VeraCrypt #Tomb #LUKS #AES #P2P #VPN #LetsEncrypt #Argon2 #Tor #XMPP #OMEMO #TorBrowser #Tails #PrivacyBadger #JShelter
Ecu CERT reports 15 ransomware cases in Ecuador in 2025 report.
security-chu.com/2026/01/infor…
#CERT #cybersecurity #Ecuador #ransomware
Informe de EcuCERT reporta 15 casos de ransomware en el 2025 en Ecuador.
El Centro de Respuesta a Incidentes Informáticos de la Agencia de Regulación y Control de las Telecomunicaciones (ARCOTEL) de Ecuador inform...newschu (www.security-chu.com)
Es ist wohl die erste staatliche Ransomware-Zahlung in nennenswerter Höhe - und nun wird versucht, sie zu verschleiern. Ich habe Staatstheater, Ministerium, Staatsanwaltschaft und LKA gefragt. Die ersten beiden beteuern, dass sie nicht gezahlt haben. Die letzten beiden wollen nichts dazu sagen. Und ein externer IT-Fachmann sagt, er habe die Zahlung auf Bitten des LKA geleistet, „weil der Staat nicht zahlen darf.“
Hier ein Geschenklink zu meinem Text:
zeit.de/digital/datenschutz/20…
#cybersecurity
Digitale Erpressung: Plötzlich war da also dieser Verhandler
Die Stuttgarter Theater wurden erpresst. Gezahlt wurden 15.000 Dollar Lösegeld, das aber niemand überwiesen hat. Ein Prozess gegen Cyberkriminelle zeigt absurde Szenen.Eva Wolfangel (DIE ZEIT)