Cybersecurity

"I have more experience with routers than most, but the terms of use and policy documents I read for this article still weren't easy reading. Privacy policies typically aren't written with full transparency in mind.

"All a privacy policy can really do is tell you with some confidence that something bad is not going to happen," said Bennett Cyphers, a staff technologist with the privacy-focused Electronic Frontier Foundation, "but it won't tell you if something bad is going to happen."

"Often, what you'll see is language that says, 'we collect X, Y and Z data, and we might share it with our business partners, and we may share it for any of these seven different reasons', and all of them are very vague," Cyphers continued. "That doesn't necessarily mean that the company is doing the worst thing you could imagine, but it means that they have wiggle cover if they choose to do bad stuff with your data."

He's not wrong: Most of the privacy policies I reviewed for this post included plenty of the "wiggle cover" Cyphers described, with vague language and few actual specifics. Even worse, many of these policies are written to cover the entire company in question, including its services, websites and how it handles data from sales transactions and even job applications.

That means that much of what's written in a manufacturer's privacy policy might not even be relevant to routers."

https://www.cnet.com/home/internet/do-wi-fi-routers-track-you-rbrowsing-i-read-30000-words-of-privacy-policies-to-find-out/

#CyberSecurity #Privacy #Wifi #WifiRouters

31

3

#KDE is finally getting a native #VirtualMachine manager called "#Karton" (mastodon.thenewoil.org)

submitted 3 days ago by thenewoil@mastodon.thenewoil.org to c/cybersecurity@fedia.io

1 comments fedilink

#KDE is finally getting a native #VirtualMachine manager called "#Karton"

https://www.neowin.net/news/kde-is-finally-getting-a-native-virtual-machine-manager-called-karton/

#Linux #FOSS #cybersecurity #VM

32

2

"On May 12, Coinbase announced it will join the S&P 500 as its “first and only crypto company”.1a This is the latest change that may see more American investors inadvertently exposed to the (tldr.nettime.org)

submitted 3 days ago by remixtures@tldr.nettime.org to c/cybersecurity@fedia.io

0 comments fedilink

"On May 12, Coinbase announced it will join the S&P 500 as its “first and only crypto company”.1a This is the latest change that may see more American investors inadvertently exposed to the cryptocurrency industry via index funds, following MicroStrategy’s entry into the NASDAQ-100 in December 2024.

Their joy was likely tempered when, only two days later on May 14, they had to announce a data breach that exposed customer data including names, addresses, phone numbers, email addresses, images of government ID documents, account balance and transaction data, and masked social security and bank account numbers. Although leaks like this typically lead to an uptick in phishing attempts, where scammers use the private information to contact customers and more convincingly impersonate Coinbase employees, the leak of account balance data and customer addresses is also particularly concerning given the recent spike in violent attacks and kidnappings targeting wealthy crypto holders.

Crypto security researchers have been warning for months about Coinbase’s evidently poor security practices and lack of attention to customer complaints, and describing hacks in which victims reported being scammed by attackers who seemed to have access to private Coinbase data. In February, zachxbt wrote: “Coinbase needs to urgently make changes as more and more users are being scammed for tens of millions every month. ... Coinbase is in a position where they have the power to make these changes and set a good example but they have chosen to do little to nothing.”

According to Coinbase, the data thieves bribed some members of Coinbase’s poorly paid offshore customer support team, who they described as “rogue overseas support agents”, who are reportedly earning less than $5,000 annually."

https://www.citationneeded.news/issue-84/

#CyberSecurity #Coinbase #Crypto #Cryptocurrencies #Hacking #DataLeaks #DataProtection

33

4

#Windows11’s most important new feature is post-quantum #cryptography. Here’s why. (mastodon.thenewoil.org)

submitted 3 days ago by thenewoil@mastodon.thenewoil.org to c/cybersecurity@fedia.io

1 comments fedilink

#Windows11’s most important new feature is post-quantum #cryptography. Here’s why.

https://arstechnica.com/security/2025/05/heres-how-windows-11-aims-to-make-the-world-safe-in-the-post-quantum-era/

#PQE #cybersecurity #Microsoft

34

3

#SKTelecom says #malware breach lasted 3 years, impacted 27 million numbers (mastodon.thenewoil.org)

submitted 3 days ago by thenewoil@mastodon.thenewoil.org to c/cybersecurity@fedia.io

0 comments fedilink

#SKTelecom says #malware breach lasted 3 years, impacted 27 million numbers

https://www.bleepingcomputer.com/news/security/sk-telecom-says-malware-breach-lasted-3-years-impacted-27-million-numbers/

#cybersecurity #privacy #telecom #SouthKorea

35

2

#Coinbase #DataBreach Will ‘Lead to People Dying,’ #TechCrunch Founder Says (mastodon.thenewoil.org)

submitted 3 days ago by thenewoil@mastodon.thenewoil.org to c/cybersecurity@fedia.io

0 comments fedilink

#Coinbase #DataBreach Will ‘Lead to People Dying,’ #TechCrunch Founder Says

https://decrypt.co/321076/coinbase-data-breach-will-lead-to-people-dying-techcrunch-founder-says

#cybersecurity #privacy #crypto

36

2

Premium #WordPress '#Motors' theme vulnerable to admin takeover attacks (mastodon.thenewoil.org)

submitted 3 days ago by thenewoil@mastodon.thenewoil.org to c/cybersecurity@fedia.io

0 comments fedilink

Premium #WordPress '#Motors' theme vulnerable to admin takeover attacks

https://www.bleepingcomputer.com/news/security/premium-wordpress-motors-theme-vulnerable-to-admin-takeover-attacks/

#cybersecurity

37

2

#VanHelsing #ransomware builder leaked on hacking forum (mastodon.thenewoil.org)

submitted 3 days ago by thenewoil@mastodon.thenewoil.org to c/cybersecurity@fedia.io

0 comments fedilink

#VanHelsing #ransomware builder leaked on hacking forum

https://www.bleepingcomputer.com/news/security/vanhelsing-ransomware-builder-leaked-on-hacking-forum/

#cybersecurity #cybercrime

38

13

The federal plan to prevent data brokers from selling personal and financial information generated from American citizens has been scrapped. Read more at @TechRadar. #Cybersecurity #OnlineSafety #CFPB (flipboard.social)

submitted 5 days ago by TechDesk@flipboard.social to c/cybersecurity@fedia.io

0 comments fedilink

The federal plan to prevent data brokers from selling personal and financial information generated from American citizens has been scrapped. Read more at @TechRadar. #Cybersecurity #OnlineSafety #CFPB #Data #Tech #Technology https://flip.it/JsrXGC

39

4

Why do hackers target service desks? It’s "quicker and easier" to manipulate a person than to carry out a technical breach. Via @BleepingComputer. #Cybersecurity #ServiceDesk #Hack #Technology #Tech (flipboard.social)

submitted 4 days ago by TechDesk@flipboard.social to c/cybersecurity@fedia.io

0 comments fedilink

Why do hackers target service desks? It’s "quicker and easier" to manipulate a person than to carry out a technical breach. Via @BleepingComputer@infosec.exchange. #Cybersecurity #ServiceDesk #Hack #Technology #Tech https://flip.it/bVT08q

40

2

#HazyHawk gang exploits #DNS misconfigs to hijack trusted domains (mastodon.thenewoil.org)

submitted 3 days ago by thenewoil@mastodon.thenewoil.org to c/cybersecurity@fedia.io

0 comments fedilink

#HazyHawk gang exploits #DNS misconfigs to hijack trusted domains

https://www.bleepingcomputer.com/news/security/hazy-hawk-gang-exploits-dns-misconfigs-to-hijack-trusted-domains/

#cybersecurity

41

2

#RVTools hit in #SupplyChain attack to deliver #Bumblebee #malware (mastodon.thenewoil.org)

submitted 3 days ago by thenewoil@mastodon.thenewoil.org to c/cybersecurity@fedia.io