Checking your own phone for signs of compromise is easy using Amnesty International Security Lab's Mobile Verification Toolkit. Here's how iPhone users can do it now:

https://scidsg.medium.com/how-to-check-your-iphone-for-pegasus-338bafb2358e

#threatmodel #security #iPhone #hacking #phishing #amnesty #journalism #opensource #press #law

"AT&T. Ticketmaster. Santander Bank. Neiman Marcus. Electronic Arts. These were not entirely isolated incidents. Instead, they were all hacked thanks to “infostealers,” a type of malware that is designed to pillage passwords and cookies stored in the victim’s browser. In turn, infostealers have given birth to a complex ecosystem that has been allowed to grow in the shadows and where criminals fulfill different roles. There are Russian malware coders continually updating their code; teams of professionals who use glitzy advertising to hire contractors to spread the malware across YouTube, TikTok, or GitHub; and English-speaking teenagers on the other side of the world who then use the harvested credentials to break into corporations. At the end of October, a collaboration of law enforcement agencies announced an operation against two of the world’s most prevalent stealers. But the market has been able to grow and mature so much that now law enforcement action against even one part of it is unlikely to make any lasting dent in the spread of infostealers.

Based on interviews with malware developers, hackers who use the stolen credentials, and a review of manuals that tell new recruits how to spread the malware, 404 Media has mapped out this industry. Its end result is that a download of an innocent-looking piece of software by a single person can lead to a data breach at a multibillion-dollar company, putting Google and other tech giants in an ever-escalating cat-and-mouse game with the malware developers to keep people and companies safe."

https://www.wired.com/story/inside-the-massive-crime-industry-thats-hacking-billion-dollar-companies/

#CyberSecurity #CyberCrime #Hacking #Malware #InfoStealers #DataBreaches

"A man in Canada who is suspected of being the hacker behind this year’s wave of Snowflake-related breaches has been arrested.

The news comes after months of high profile data breaches, including AT&T, Ticketmaster, and LendingTree. In all, the hacker, who uses the nicknames Judische and Waifu, is linked to more than 165 Snowflake instance breaches. The arrest also comes after 404 Media reported that the walls were closing in on the hacker, with cybersecurity researchers gathering valuable information on the suspect and coordinating with international law enforcement.

Messages sent by 404 Media to Judische over the last week have gone undelivered, with 404 Media last speaking to them on October 27. In mid-October, Judsiche told 404 Media they were worried that they would be arrested soon. “I've destroyed a lot of evidence and well poisoned the stuff I can't destroy so when/if it does happen it's just conspiracy which I can bond out and beat,” they claimed."

https://www.404media.co/suspected-snowflake-hacker-arrested-in-canada/

#CyberSecurity #DataBreaches #Hacking #CyberCrime #Snowflake #Canada

A massive hacking scandal that has engulfed Italy is now threatening to spill beyond its borders, sucking in Israel, the Vatican, the United Kingdom and Lithuania. https://www.politico.eu/article/vatican-israel-italian-hacking-scandal-uk-lithuania-equalize/ #italy #vatican #israel #hacking #infosec

#Mozilla issued an urgent #Firefox update to fix an actively exploited flaw
https://securityaffairs.com/169590/security/mozilla-firefox-actively-exploited-flaw.html
#securityaffairs #hacking

So ...let's face it. A LOT of folks in tech circles are somewhat amazed a fully #blind person can even find the power button on a computer, let alone operate it professionally. I am such a person, and I'd like to bust that myth.
It's also true that many #hacking tools, platforms, courses etc. could use some help in the #accessibility department. It's a neverending vicious circle.
Enter my new twitch channel, IC_null. On this channel, I will be streaming #programming and #hacking content including THM, HTB and who knows what else, from the perspective of a #screenReader user.
What I need, is an audience. If this is something you reckon you or anybody you know might be interested in, drop the channel a follow or share this post. Gimme that #infoSec Mastodon sense of comradery and help me out to make this idea an actual thing :) https://twitch.tv/ic_null #tryHackMe #streamer #selfPromo

It's the off-season for #cycling , so I did some measurements for a hub #dynamo and published them on my #blog.

No one on the 'net seems to show how voltage changes depending on load, so I measured that.

Results:
- a dynamo is not a actually well modeled as a current source
- voltage spikes will fry your #electronics , but you can prevent it

https://dorotac.eu/posts/dynamo/

#hacking #BikeTooter #cycling

Taylor Swift: Ticketek accounts hacked as ‘thousands’ of Australian fans fear for tickets before Eras tour https://www.theguardian.com/music/2024/feb/13/taylor-swift-eras-tour-australia-ticketek-pop-ups-details-locations-scam-help #Swift #infosec #hacking