#Windows #RDP lets you log in using revoked passwords. #Microsoft is OK with that.

source: arstechnica.com/security/2025/…

#fail #password #security #login #bug #software #cybersecurity #problem #news

Windows RDP lets you log in using revoked passwords. Microsoft is OK with that.

Researchers say the behavior amounts to a persistent backdoor.

^{Dan Goodin (Ars Technica)}

I love it when employers install creepware #surveillance nonsense because they have zero respect for their employees, and end up publishing 21 million internal screenshots to the web instead, leaking their most sensitive information.

Very nice, no issues.

#cybersecurity #infosec #assholeBoss

“Employee monitoring app leaks 21 million screenshots in real time”

cybernews.com/security/employe…

🔐 It's World Password Day!

Weak passwords like "123456" are still topping the charts — making life easy for hackers.

Protect yourself: Use strong, unique passwords, enable two-factor authentication, and update any compromised accounts.

Want to dive deeper into the dangers of weak passwords?

Check out our latest blog post where we explain real-world risks and how to strengthen your digital security! 🚀

cryptomator.org/blog/2025/05/0…

#WorldPasswordDay #CyberSecurity #PasswordSafety #Cryptomator

Nachdem vor in etwa einem Jahr die #Microsoft’sche #KI-Suchfunktion „Recall“ von #Cybersecurity- und #Datenschutz-Experten auseinandergenommen wurde, kommt sie nun doch – wenngleich mit Einschränkungen. Für sicherheitsbewusste User ist sie dennoch nach wie vor nicht empfehlenswert:

„Recall erstellt in regelmäßigen Abständen automatisch Screenshots vom Desktop und speichert diese in einer lokalen Datenbank."

winfuture.de/news,150569.html

Microsofts KI-Feature: Windows Recall jetzt für alle - außer Europa

Windows Recall ist nach fast einem Jahr Verzögerung ab sofort für Copilot+ PCs verfügbar. Die umstrittene KI-Funktion macht automatisch Screenshots vom Desktop, um vergangene Aktivitäten durchsuchbar zu machen.

^{Stefan Trunzik (WinFuture.de)}

CEO of #cybersecurity firm charged with #installing #malware on #hospital systems

source: securityaffairs.com/177020/cyb…

Bowie was arrested on April 14, following the issuance of an arrest warrant. Security footage reportedly shows the man attempting to access multiple offices before installing malicious software designed to capture screenshots every 20 minutes and transmit them to an external IP address.

#health #security #business #usa #fail #news

CEO of cybersecurity firm charged with installing malware on hospital systems

Veritaco CEO Jeffrey Bowie faces charges for allegedly installing malware on hospital computers, violating Oklahoma's Computer Crimes Act.

^{Pierluigi Paganini (Security Affairs)}

Hätte ihm doch nur jemand erklärt, dass die #IP selten bei der Aufklärung hilft - (TOR, vpn, freies WLAN,...)

Siehe: presseportal.de/pm/10349/60202…

#Polizei #Sicherheit #Vorratsdatenspeicherung #Problem #Weisheit #politik #Überwachung #internet #online #cybersecurity #cybercrime

#Telegram pledges to exit the market rather than "undermine #encryption with #backdoors"

source: techradar.com/vpn/vpn-privacy-…

Telegram's CEO, #PavelDurov, has said Telegram would rather exit a market than "undermine encryption with backdoors," reaffirming the company's commitment to users' #privacy and #security.

#cybersecurity #politics #communication #messenger #chat #politics #economy #news #internet

Telegram pledges to exit the market rather than "undermine encryption with backdoors"

"We don’t trade privacy for market share," said Telegram's CEO, Pavel Durov

^{Chiara Castro (TechRadar)}

How I made $64k from deleted files — a #bug #bounty #story

Source: medium.com/@sharon.brizinov/ho…

For each repository I restored deleted files, found dangling blobs and unpacked .pack files to search in them for exposed #API keys, tokens, and #credentials.

#github #git #software #token #security #cybersecurity #news

How I made $64k from deleted files — a bug bounty story

TL;DR — I built an automation that cloned and scanned tens of thousands of public GitHub repos for leaked secrets. For each repository I restored deleted files, found dangling blobs and unpacked…

^{Sharon Brizinov (Medium)}

#Hacking US #crosswalks to talk like Zuck is as easy as 1234

source: theregister.com/2025/04/19/us_…

#hack #hacker #usa #traffic #security #technology #cybersecurity #news #fail

Hacking US crosswalks to talk like Zuck is as easy as 1234

Video: AI-spoofed Mark joins fellow billionaires as the voice of the street – here's how it was probably done

^{Iain Thomson (The Register)}

Sicherheitslücke bei der #Polizei

Siehe: mint-secure.de/path-traversal-…

#sicherheit #cybersecurity #bodycam #überwachung

Path Traversal Sicherheitslücke in Aufklärungsgeräten - Mint Secure

Im Artikel wird eine kritische Sicherheitslücke (Path Traversal) in der Software des Herstellers Infodraw näher beschrieben.

^{Redakteur (Mint Secure GmbH)}

#meme #tux #penguin #windows #microsoft #support #software #os #linux #security #computer #consumer #customer #cybersecurity #problem #fail

#password #online #meme #software #remember #security #cybersecurity #internet #login

Don't just move phishing emails to your spam folder. Make sure to also report scammers to someone who can get them into trouble.

In the UK, you can forward emails to the Suspicious Email Reporting Service: report@phishing.gov.uk. They will analyse the suspect email and take appropriate action.

actionfraud.police.uk/report-p…

#spam #email #phishing #internet #scam #cybersecurity #infosec

Wenn #KRITIS #Cybersecurity in der Mitte der Gesellschaft ankommt: Wer sich mit dem Thema beschäftigt, sollte keinesfalls die nächste Folge der #Krankenhaus Soap "In aller Freundschaft verpassen". Hier geht es nämlich um einen #Cyberangriff auf die Sachsenklinik, die das komplette Krankenhaus lahmlegt. In der letzten Folge war schon die Schließanlage infolge eines Cybervorfalls gestört:

joyn.de/bts/serien/in-aller-fr…

"In aller Freundschaft" Vorschau 15. April: Blackout - Droht der Sachsenklinik durch einen Cyberangriff das Aus?

Cyber-Krimi in der Sachsenklinik: Hacker schaffen es, nahezu das komplette Kliniksystem lahmzulegen. Können Sarah Marquardt und Dr. Martin Stein die Klinik retten?

^{Sylvia Loth (Joyn GmbH)}

Nächster Fall von #Cybersecurity Übergriffigkeit im #Automobilsektor: Heute wurde bekannt, dass sich Cyberangreifer Zugriff auf die Funktionen des #Nissan "Leaf" verschafft haben - einerseits zur Spionage der Insassen, andererseits zur gefährlichen Übernahme physischer Fahrfunktionen - die #Digitalisierung ist weiter als ihre #Cybersicherheit und wie so häufig ist das Einfallstor das bordinterne Infotainment-System:

securityweek.com/nissan-leaf-h…

Nissan Leaf Hacked for Remote Spying, Physical Takeover - SecurityWeek

Researchers find vulnerabilities that can be exploited to remotely take control of a Nissan Leaf’s functions, including physical controls.

^{Eduard Kovacs (SecurityWeek)}

Dutch lawmakers push for ‘red button’ to erase #digital footprints

source: nltimes.nl/2025/04/01/dutch-la…

Although websites require users to accept or decline #cookies before browsing, the lawmakers argue that #children often accept them without fully understanding the #consequences. “Children don’t realize what they’re agreeing to,” Six Dijkstra said.

#internet #bigdata #bigbrother #kids #cybersecurity #online #surveillance #economy #footprint #politics #security #news #Netherlands

Dutch lawmakers push for ‘red button’ to erase digital footprints

Dutch lawmakers Don Ceder (ChristenUnie) and Jesse Six Dijkstra (NSC) have introduced a proposal to make it easier for individuals to delete their personal data from the internet.

^{NL Times}

There is now the opportunity for some public scrutiny of the UK government’s decisions to attack technologies that keep us safe online.

We must stand against the attack on encryption.

Sign and share our petition to keep Apple data encrypted ⬇️

you.38degrees.org.uk/petitions…

#apple #encryption #e2ee #privacy #ukpolitics #ukpol #cybersecurity

Keep our Apple data encrypted

It is reported that the Home Office has ordered Apple to build a backdoor into its encrypted services so that they can get hold of content that any Apple user has upload to the cloud. Encryption keeps our private information safe and secure.

^{38 Degrees}

"This is bigger than the UK and Apple.

The Court’s judgment will have implications for the privacy and security of millions of people around the world.

Such an important decision cannot be made behind closed doors and we welcome the IPT’s decision to bring parts of the hearing into the open."

🗣️ @jim – ORG Executive Director.

#e2ee #encryption #apple #privacy #cybersecurity #ukpol #ukpol

Last night, the #exploiter of #zkLend tried to use #TornadoCash to #mix 2930 #ETH of the #stolen funds and interacted with a known Tornado Cash #phising website tornadoeth[.]cash, thereby losing the funds to another party.

Source: https://x.com/zkLend/status/1906953225204564360

drain the swamp!

#crypto #crime #money #fail #news #cybersecurity