veganism.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Veganism Social is a welcoming space on the internet for vegans to connect and engage with the broader decentralized social media community.

Administered by:

Server stats:

293
active users

#spoofing

0 posts0 participants0 posts today
Antonio Marano<p>🚨 Phishing telefonico su tassazione criptovalute: rischi, danni e consigli! <br>Proteggi i tuoi dati e le tue finanze con le dritte dell’Agenzia delle Entrate! </p><p>💡 Approfondisci &gt; <a href="https://guidaaiprestiti.blogspot.com/2025/04/phishing-tassazione-criptovalute.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">guidaaiprestiti.blogspot.com/2</span><span class="invisible">025/04/phishing-tassazione-criptovalute.html</span></a></p><p> <a href="https://mastodon.social/tags/phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>phishing</span></a> <a href="https://mastodon.social/tags/criptovalute" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>criptovalute</span></a> <a href="https://mastodon.social/tags/sicurezza" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>sicurezza</span></a> <a href="https://mastodon.social/tags/truffedigitali" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>truffedigitali</span></a> <a href="https://mastodon.social/tags/spoofing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>spoofing</span></a></p>
Nielso<p>Bundeswehr nutzt US-GPS.</p><p>Ich hatte ja unlängst dazu getrötet, aber es ist wie immer in der Realität mindestens so blöd, wie ich als eher pessimistisch veranlagte Person vermute. Meistens sogar blöder. Nun also auf tagesschau.de:</p><p>„Das NATO-Militär, also auch die Bundeswehr, arbeitet ausschließlich mit dem US-amerikanischen <a href="https://digitalcourage.social/tags/GPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GPS</span></a>, nicht mit <a href="https://digitalcourage.social/tags/Galileo" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Galileo</span></a>. GPS ist nicht abgesichert und auch nicht in europäischer Hand.“</p><p>Wir haben zwar ein europäisches <a href="https://digitalcourage.social/tags/Navigationssystem" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Navigationssystem</span></a> mit eigenen Satelliten namens Galileo, die sogar in Zukunft gegen <a href="https://digitalcourage.social/tags/Spoofing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Spoofing</span></a> gesichert sein sollen (also gegen das Überlagern des Funksignals mit einer irreführenden Fälschung)… aber wir nutzen es nicht.</p><p>Bei den Navis für den Endkunden gibt es außer ein paar wenige von Garmin offenbar keine Modelle, die es überhaupt unterstützen. Immerhin gibt es viele Smartphones, die Galileo können – mein Blackview kann es angeblich auch. Ob es tatsächlich von Navi-Apps genutzt wird, weiß ich aber nicht.</p><p><a href="https://www.tagesschau.de/wissen/forschung/satellitensicherheit-konferenz-100.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">tagesschau.de/wissen/forschung</span><span class="invisible">/satellitensicherheit-konferenz-100.html</span></a></p>
Erik van Straten<p>"Franse overheid voert phishingtest uit op 2,5 miljoen leerlingen"<br><a href="https://www.security.nl/posting/881630/Franse+overheid+voert+phishingtest+uit+op+2%2C5+miljoen+leerlingen" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">security.nl/posting/881630/Fra</span><span class="invisible">nse+overheid+voert+phishingtest+uit+op+2%2C5+miljoen+leerlingen</span></a></p><p>KRANKZINNIG!</p><p>Het is meestal onmogelijk om nepberichten (e-mail, SMS, ChatApp, social media en papieren post - zie plaatje) betrouwbaar van echte te kunnen onderscheiden.</p><p>Tegen phishing en vooral nepwebsites is echter prima iets te doen, zoals ik vandaag nogmaals beschreef in <a href="https://security.nl/posting/881655" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">security.nl/posting/881655</span><span class="invisible"></span></a>.</p><p>(Big Tech en luie websitebeheerders willen dat niet, dus is en blijft het een enorm gevecht).</p><p><a href="https://infosec.exchange/tags/Phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Phishing</span></a> <a href="https://infosec.exchange/tags/NepWebsites" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NepWebsites</span></a> <a href="https://infosec.exchange/tags/DV" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DV</span></a> <a href="https://infosec.exchange/tags/DVcerts" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DVcerts</span></a> <a href="https://infosec.exchange/tags/LetsEncrypt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LetsEncrypt</span></a> <a href="https://infosec.exchange/tags/Certificates" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Certificates</span></a> <a href="https://infosec.exchange/tags/Certificaten" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Certificaten</span></a> <a href="https://infosec.exchange/tags/Spoofing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Spoofing</span></a> <a href="https://infosec.exchange/tags/AitM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AitM</span></a> <a href="https://infosec.exchange/tags/MitM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MitM</span></a> <a href="https://infosec.exchange/tags/Evilginx2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Evilginx2</span></a> <a href="https://infosec.exchange/tags/Zwakke2FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Zwakke2FA</span></a> <a href="https://infosec.exchange/tags/ZwakkeMFA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ZwakkeMFA</span></a> <a href="https://infosec.exchange/tags/Weak2FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Weak2FA</span></a> <a href="https://infosec.exchange/tags/WeakMFA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WeakMFA</span></a> <a href="https://infosec.exchange/tags/Authenticatie" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Authenticatie</span></a> <a href="https://infosec.exchange/tags/Impersonatie" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Impersonatie</span></a> <a href="https://infosec.exchange/tags/Authentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Authentication</span></a> <a href="https://infosec.exchange/tags/Impersonation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Impersonation</span></a> <a href="https://infosec.exchange/tags/DomainNames" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DomainNames</span></a> <a href="https://infosec.exchange/tags/Authenticity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Authenticity</span></a> <a href="https://infosec.exchange/tags/Aurhenticiteit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Aurhenticiteit</span></a> <a href="https://infosec.exchange/tags/Owner" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Owner</span></a> <a href="https://infosec.exchange/tags/Eigenaar" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Eigenaar</span></a> <a href="https://infosec.exchange/tags/Verantwoordelijke" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Verantwoordelijke</span></a> <a href="https://infosec.exchange/tags/Responsible" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Responsible</span></a> <a href="https://infosec.exchange/tags/Accountable" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Accountable</span></a> <a href="https://infosec.exchange/tags/DigiD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DigiD</span></a> <a href="https://infosec.exchange/tags/SMS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SMS</span></a> <a href="https://infosec.exchange/tags/Email" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Email</span></a> <a href="https://infosec.exchange/tags/ChatApps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ChatApps</span></a> <a href="https://infosec.exchange/tags/Verzender" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Verzender</span></a> <a href="https://infosec.exchange/tags/Sender" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Sender</span></a> <a href="https://infosec.exchange/tags/BigTechIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BigTechIsEvil</span></a> <a href="https://infosec.exchange/tags/GoogleIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GoogleIsEvil</span></a> <a href="https://infosec.exchange/tags/CloudflareIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CloudflareIsEvil</span></a></p>
Erik van Straten<p><span class="h-card" translate="no"><a href="https://freeradical.zone/@mensrea" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>mensrea</span></a></span> : if you visit a shop (or a bank) in the center of the city, chances are near zero that it's run by impostors.</p><p>However, if you go to some vague second hand market, chances are the you will be deceived.</p><p>Possibly worse, if there's an ATM on the outside wall of a shack where Hells Angels meet, would you insert your bank card and enter your PIN?</p><p>On the web, most people do not know WHERE they are.</p><p>Big Tech is DELIBERATELY withholding essential information from people, required to determine the amount of trust that a website deserves.</p><p>DELIBERATELY, because big tech can rent much more (cheap) hosting and (meaningless) domain names to whomever if website vistors cannot distinguish between authentic and fake websites.</p><p>You are right that some people will never understand why they need to know who owns a website.</p><p>However, most people (including <span class="h-card" translate="no"><a href="https://infosec.exchange/@troyhunt" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>troyhunt</span></a></span> ) would enormously benefit.</p><p>Like all the other deaf and blind trolls, you trash a proposal because it may be useless for SOME, you provide zero solutions and you keep bashing me.</p><p>What part of "get lost" do you not understand?</p><p><span class="h-card" translate="no"><a href="https://mastodon.ar.al/@aral" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>aral</span></a></span> <span class="h-card" translate="no"><a href="https://ec.social-network.europa.eu/@EUCommission" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>EUCommission</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@letsencrypt" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>letsencrypt</span></a></span> <span class="h-card" translate="no"><a href="https://social.nlnet.nl/@nlnet" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>nlnet</span></a></span> </p><p><a href="https://infosec.exchange/tags/Authentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Authentication</span></a> <a href="https://infosec.exchange/tags/Impersonation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Impersonation</span></a> <a href="https://infosec.exchange/tags/Spoofing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Spoofing</span></a> <a href="https://infosec.exchange/tags/Phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Phishing</span></a> <a href="https://infosec.exchange/tags/DV" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DV</span></a> <a href="https://infosec.exchange/tags/GoogleIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GoogleIsEvil</span></a> <a href="https://infosec.exchange/tags/BigTechIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BigTechIsEvil</span></a> <a href="https://infosec.exchange/tags/Certificates" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Certificates</span></a> <a href="https://infosec.exchange/tags/httpsVShttp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>httpsVShttp</span></a> <a href="https://infosec.exchange/tags/AitM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AitM</span></a> <a href="https://infosec.exchange/tags/MitM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MitM</span></a> <a href="https://infosec.exchange/tags/FakeWebsites" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FakeWebsites</span></a> <a href="https://infosec.exchange/tags/CloudflareIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CloudflareIsEvil</span></a> <a href="https://infosec.exchange/tags/bond" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bond</span></a> <a href="https://infosec.exchange/tags/dotBond" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>dotBond</span></a> <a href="https://infosec.exchange/tags/Spam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Spam</span></a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/Ransomware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Ransomware</span></a> <a href="https://infosec.exchange/tags/Banks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Banks</span></a></p>
Schneier on Security RSS<p>AI Data Poisoning</p><p>Cloudflare has a new feature—available to free users as well—that uses AI to generate random pages to feed to AI... <a href="https://www.schneier.com/blog/archives/2025/03/ai-data-poisoning.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">schneier.com/blog/archives/202</span><span class="invisible">5/03/ai-data-poisoning.html</span></a></p><p> <a href="https://burn.capital/tags/Uncategorized" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Uncategorized</span></a> <a href="https://burn.capital/tags/spoofing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>spoofing</span></a> <a href="https://burn.capital/tags/botnets" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>botnets</span></a> <a href="https://burn.capital/tags/AI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AI</span></a></p>
Erik van Straten<p><span class="h-card" translate="no"><a href="https://freeradical.zone/@mensrea" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>mensrea</span></a></span> : it is not the UI/UX that is the problem. It is missing reliable info in the certs.</p><p>Image from <a href="https://infosec.exchange/@ErikvanStraten/114224682101772569" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">infosec.exchange/@ErikvanStrat</span><span class="invisible">en/114224682101772569</span></a></p><p><span class="h-card" translate="no"><a href="https://mastodon.ar.al/@aral" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>aral</span></a></span> <span class="h-card" translate="no"><a href="https://ec.social-network.europa.eu/@EUCommission" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>EUCommission</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@letsencrypt" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>letsencrypt</span></a></span> <span class="h-card" translate="no"><a href="https://social.nlnet.nl/@nlnet" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>nlnet</span></a></span> </p><p><a href="https://infosec.exchange/tags/Authentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Authentication</span></a> <a href="https://infosec.exchange/tags/Impersonation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Impersonation</span></a> <a href="https://infosec.exchange/tags/Spoofing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Spoofing</span></a> <a href="https://infosec.exchange/tags/Phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Phishing</span></a> <a href="https://infosec.exchange/tags/DV" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DV</span></a> <a href="https://infosec.exchange/tags/GoogleIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GoogleIsEvil</span></a> <a href="https://infosec.exchange/tags/BigTechIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BigTechIsEvil</span></a> <a href="https://infosec.exchange/tags/Certificates" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Certificates</span></a> <a href="https://infosec.exchange/tags/httpsVShttp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>httpsVShttp</span></a> <a href="https://infosec.exchange/tags/AitM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AitM</span></a> <a href="https://infosec.exchange/tags/MitM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MitM</span></a> <a href="https://infosec.exchange/tags/FakeWebsites" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FakeWebsites</span></a> <a href="https://infosec.exchange/tags/CloudflareIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CloudflareIsEvil</span></a> <a href="https://infosec.exchange/tags/bond" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bond</span></a> <a href="https://infosec.exchange/tags/dotBond" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>dotBond</span></a> <a href="https://infosec.exchange/tags/Spam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Spam</span></a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/Ransomware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Ransomware</span></a> <a href="https://infosec.exchange/tags/Banks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Banks</span></a> <a href="https://infosec.exchange/tags/CloudflareIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CloudflareIsEvil</span></a> <a href="https://infosec.exchange/tags/FakeWebsites" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FakeWebsites</span></a></p>
Erik van Straten<p><span class="h-card" translate="no"><a href="https://mastodon.ar.al/@aral" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>aral</span></a></span> :</p><p>I don't want to pay a cent. Neither donate, nor via taxes.</p><p><a href="https://infosec.exchange/@ErikvanStraten/114227977082449887" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">infosec.exchange/@ErikvanStrat</span><span class="invisible">en/114227977082449887</span></a></p><p><span class="h-card" translate="no"><a href="https://mstdn.social/@TheDutchChief" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>TheDutchChief</span></a></span> <span class="h-card" translate="no"><a href="https://ec.social-network.europa.eu/@EUCommission" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>EUCommission</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@letsencrypt" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>letsencrypt</span></a></span> <span class="h-card" translate="no"><a href="https://social.nlnet.nl/@nlnet" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>nlnet</span></a></span> </p><p><a href="https://infosec.exchange/tags/Authentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Authentication</span></a> <a href="https://infosec.exchange/tags/Impersonation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Impersonation</span></a> <a href="https://infosec.exchange/tags/Spoofing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Spoofing</span></a> <a href="https://infosec.exchange/tags/Phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Phishing</span></a> <a href="https://infosec.exchange/tags/DV" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DV</span></a> <a href="https://infosec.exchange/tags/GoogleIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GoogleIsEvil</span></a> <a href="https://infosec.exchange/tags/BigTechIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BigTechIsEvil</span></a> <a href="https://infosec.exchange/tags/Certificates" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Certificates</span></a> <a href="https://infosec.exchange/tags/httpsVShttp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>httpsVShttp</span></a> <a href="https://infosec.exchange/tags/AitM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AitM</span></a> <a href="https://infosec.exchange/tags/MitM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MitM</span></a> <a href="https://infosec.exchange/tags/FakeWebsites" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FakeWebsites</span></a> <a href="https://infosec.exchange/tags/CloudflareIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CloudflareIsEvil</span></a> <a href="https://infosec.exchange/tags/bond" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bond</span></a> <a href="https://infosec.exchange/tags/dotBond" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>dotBond</span></a> <a href="https://infosec.exchange/tags/Spam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Spam</span></a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/Ransomware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Ransomware</span></a> <a href="https://infosec.exchange/tags/Banks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Banks</span></a> <a href="https://infosec.exchange/tags/CloudflareIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CloudflareIsEvil</span></a> <a href="https://infosec.exchange/tags/FakeWebsites" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FakeWebsites</span></a></p>
Erik van Straten<p><span class="h-card" translate="no"><a href="https://mastodon.ar.al/@aral" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>aral</span></a></span> : most Let's Encrypt (and other Domain Validated) certificates are issued to junk- or plain criminal websites.</p><p>They're the ultimate manifestation of evil big tech.</p><p>They were introduced to encrypt the "last mile" because Internet Service Providers were replacing ads in webpages and, in the other direction, inserting fake clicks.</p><p>DV has destroyed the internet. People loose their ebank savings and companies get ransomwared; phishing is dead simple. EDIW/EUDIW will become an identity fraud disaster (because of AitM phishing atracks).</p><p>Even the name "Let's Encrypt" is wrong for a CSP: nobody needs a certificate to encrypt a connection. The primary purpose of a certificate is AUTHENTICATION (of the owner of the private key, in this case the website).</p><p>However, for human beings, just a domain name simply does not provide reliable identification information. It renders impersonation a peace of cake.</p><p>Decent online authentication is HARD. Get used to it instead of denying it.</p><p>REASONS/EXAMPLES</p><p>🔹 Troy Hunt fell in the DV trap: <a href="https://infosec.exchange/@ErikvanStraten/114222237036021070" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">infosec.exchange/@ErikvanStrat</span><span class="invisible">en/114222237036021070</span></a></p><p>🔹 Google (and Troy Hunt!) killed non-DV certs (for profit) because of the stripe.com PoC. Now Chrome does not give you any more info than what Google argumented: <a href="https://infosec.exchange/@ErikvanStraten/114224682101772569" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">infosec.exchange/@ErikvanStrat</span><span class="invisible">en/114224682101772569</span></a></p><p>🔹 https:⧸⧸cancel-google.com/captcha was live yesterday: <a href="https://infosec.exchange/@ErikvanStraten/114224264440704546" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">infosec.exchange/@ErikvanStrat</span><span class="invisible">en/114224264440704546</span></a></p><p>🔹 Stop phishing proposal: <a href="https://infosec.exchange/@ErikvanStraten/113079966331873386" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">infosec.exchange/@ErikvanStrat</span><span class="invisible">en/113079966331873386</span></a></p><p>🔹 Lots of reasons why LE sucks:<br><a href="https://infosec.exchange/@ErikvanStraten/112914047006977222" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">infosec.exchange/@ErikvanStrat</span><span class="invisible">en/112914047006977222</span></a> (corrected link 09:20 UTC)</p><p>🔹 This website stopped registering junk .bond domain names, probably because there were too many every day (the last page I found): <a href="https://newly-registered-domains.abtdomain.com/2024-08-15-bond-newly-registered-domains-part-1/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">newly-registered-domains.abtdo</span><span class="invisible">main.com/2024-08-15-bond-newly-registered-domains-part-1/</span></a>. However, this gang is still active, open the RELATIONS tab in <a href="https://www.virustotal.com/gui/ip-address/13.248.197.209/relations" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">virustotal.com/gui/ip-address/</span><span class="invisible">13.248.197.209/relations</span></a>. You have to multiply the number of LE certs by approx. 5 because they also register subdomains and don't use wildcard certs. Source: <a href="https://www.bleepingcomputer.com/news/security/revolver-rabbit-gang-registers-500-000-domains-for-malware-campaigns/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/revolver-rabbit-gang-registers-500-000-domains-for-malware-campaigns/</span></a></p><p><span class="h-card" translate="no"><a href="https://ec.social-network.europa.eu/@EUCommission" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>EUCommission</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@letsencrypt" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>letsencrypt</span></a></span> <span class="h-card" translate="no"><a href="https://social.nlnet.nl/@nlnet" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>nlnet</span></a></span> </p><p><a href="https://infosec.exchange/tags/Authentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Authentication</span></a> <a href="https://infosec.exchange/tags/Impersonation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Impersonation</span></a> <a href="https://infosec.exchange/tags/Spoofing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Spoofing</span></a> <a href="https://infosec.exchange/tags/Phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Phishing</span></a> <a href="https://infosec.exchange/tags/DV" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DV</span></a> <a href="https://infosec.exchange/tags/GoogleIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GoogleIsEvil</span></a> <a href="https://infosec.exchange/tags/BigTechIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BigTechIsEvil</span></a> <a href="https://infosec.exchange/tags/Certificates" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Certificates</span></a> <a href="https://infosec.exchange/tags/httpsVShttp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>httpsVShttp</span></a> <a href="https://infosec.exchange/tags/AitM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AitM</span></a> <a href="https://infosec.exchange/tags/MitM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MitM</span></a> <a href="https://infosec.exchange/tags/FakeWebsites" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FakeWebsites</span></a> <a href="https://infosec.exchange/tags/CloudflareIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CloudflareIsEvil</span></a> <a href="https://infosec.exchange/tags/bond" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bond</span></a> <a href="https://infosec.exchange/tags/dotBond" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>dotBond</span></a> <a href="https://infosec.exchange/tags/Spam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Spam</span></a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/Ransomware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Ransomware</span></a> <a href="https://infosec.exchange/tags/Banks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Banks</span></a> <a href="https://infosec.exchange/tags/CloudflareIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CloudflareIsEvil</span></a> <a href="https://infosec.exchange/tags/FakeWebsites" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FakeWebsites</span></a></p>
Niebezpiecznik News<p>Jak bezpiecznie poruszać się po świecie kryptowalut w 2025 roku</p><p>Świat kryptowalut się rozwija, a 2025 zapowiada się jako przełomowy rok dla branży. Wraz z rosnącą adopcją i pozytywnymi zmianami regulacyjnymi, takimi jak przychylne kryptowalutom stanowisko USA, wejście w przestrzeń kryptograficzną przez wielu jest postrzegane jako ekscytujące. Jednak, jak w przypadku każdej inwestycji, zrozumienie podstaw bezpieczeństwa jest niezbędne do osiągnięcia długoterminowego sukcesu.<br>Waluty cyfrowe oferują ogromne możliwości, ale ich niematerialny charakter i platformy, które stają się coraz bardziej przyjazne dla użytkownika, czasami powodują, że początkujący zapominają o podstawowych środkach ostrożności. Dlatego w tym artykule omówimy najważniejsze zasady bezpiecznego poruszania się po świecie kryptowalut.<br>Autorami niniejszego artykułu są Ismael Talbi oraz Natalia Kosińska z Binance, a za publikację niniejszego tekstu redakcja Niebezpiecznika otrzymała wynagrodzenie. Choć sami inwestujemy w kryptowaluty, to należy pamiętać, że jak każda inwestycja, kupno kryptowalut jest obarczone ryzykiem i może prowadzić do straty. Niniejszego artykułu nie należy traktować jako porady inwestycyjnej – jego celem jest omówienie bezpiecznego poruszania się po świecie kryptowalut dla nowicjuszy.<br>Dlaczego kryptowaluty nabierają rozpędu?<br>W dzisiejszym klimacie gospodarczym wiele osób szuka sposobów na dywersyfikację swoich inwestycji i ochronę siły nabywczej. Inflacja i niepewność rynkowa sprawiły, że kryptowaluty stały się atrakcyjną opcją dla osób poszukujących zabezpieczenia przed tradycyjnym ryzykiem finansowym.<br>Weźmy na przykład Bitcoina. Niedawno zamknął rok wzrostem o 121%, co jest zbieżne z jego historycznymi cyklami rynkowymi. Taki wynik przyciąga nowych inwestorów, [...]</p><p><a href="https://mastodon.com.pl/tags/ARTYKU%C5%81SPONSOROWANY" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ARTYKUŁSPONSOROWANY</span></a> <a href="https://mastodon.com.pl/tags/Binance" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Binance</span></a> <a href="https://mastodon.com.pl/tags/BitCoin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BitCoin</span></a> <a href="https://mastodon.com.pl/tags/Kryptowaluty" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Kryptowaluty</span></a> <a href="https://mastodon.com.pl/tags/Phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Phishing</span></a> <a href="https://mastodon.com.pl/tags/Spoofing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Spoofing</span></a></p><p><a href="https://niebezpiecznik.pl/post/jak-bezpiecznie-poruszac-sie-po-swiecie-kryptowalut-w-2025-roku/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">niebezpiecznik.pl/post/jak-bez</span><span class="invisible">piecznie-poruszac-sie-po-swiecie-kryptowalut-w-2025-roku/</span></a></p>
Erik van Straten<p><span class="h-card" translate="no"><a href="https://mastodon.social/@BjornW" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>BjornW</span></a></span> :</p><p>I've stopped doing that after a lot of people called me an idiot and a liar if I kindly notified them. I stopped, I'll get scolded anyway.</p><p>Big tech and most admins want everyone to believe that "Let's Encrypt" is the only goal. Nearly 100% of tech people believe that.</p><p>And admins WANT to believe that, because reliable authentication of website owners is a PITA. They just love ACME and tell their website visitors to GFY.</p><p>People like you tooting nonsense get a lot of boosts. It's called fake news or big tech propaganda. If you know better, why don't you WRITE BETTER?</p><p>It has ruined the internet. Not for phun but purely for profit. And it is what ruins people's lives and lets employees open the vdoor for ransomware and data-theft.</p><p>See also <a href="https://infosec.exchange/@ErikvanStraten/112914047006977222" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">infosec.exchange/@ErikvanStrat</span><span class="invisible">en/112914047006977222</span></a> (and, in Dutch, <a href="https://security.nl/posting/881296" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">security.nl/posting/881296</span><span class="invisible"></span></a>).</p><p><span class="h-card" translate="no"><a href="https://infosec.exchange/@troyhunt" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>troyhunt</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@letsencrypt" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>letsencrypt</span></a></span> </p><p><a href="https://infosec.exchange/tags/DV" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DV</span></a> <a href="https://infosec.exchange/tags/Impersonation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Impersonation</span></a> <a href="https://infosec.exchange/tags/AnonymousCertificates" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AnonymousCertificates</span></a> <a href="https://infosec.exchange/tags/Authentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Authentication</span></a> <a href="https://infosec.exchange/tags/LetsAuthenticate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LetsAuthenticate</span></a> <a href="https://infosec.exchange/tags/BigTechIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BigTechIsEvil</span></a> <a href="https://infosec.exchange/tags/GoogleIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GoogleIsEvil</span></a> <a href="https://infosec.exchange/tags/CloudflareIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CloudflareIsEvil</span></a> <a href="https://infosec.exchange/tags/LetsEncrypt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LetsEncrypt</span></a> <a href="https://infosec.exchange/tags/Identity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Identity</span></a> <a href="https://infosec.exchange/tags/Authenticity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Authenticity</span></a> <a href="https://infosec.exchange/tags/Phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Phishing</span></a> <a href="https://infosec.exchange/tags/Spoofing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Spoofing</span></a> <a href="https://infosec.exchange/tags/CyberCrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberCrime</span></a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a> <a href="https://infosec.exchange/tags/AitM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AitM</span></a> <a href="https://infosec.exchange/tags/MitM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MitM</span></a> <a href="https://infosec.exchange/tags/Weak2FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Weak2FA</span></a> <a href="https://infosec.exchange/tags/WeakMFA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WeakMFA</span></a> <a href="https://infosec.exchange/tags/DVcerts" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DVcerts</span></a> <a href="https://infosec.exchange/tags/Certificates" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Certificates</span></a> <a href="https://infosec.exchange/tags/ACME" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ACME</span></a> <a href="https://infosec.exchange/tags/USdependencies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>USdependencies</span></a> <a href="https://infosec.exchange/tags/USdependency" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>USdependency</span></a> <a href="https://infosec.exchange/tags/USdependent" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>USdependent</span></a> <a href="https://infosec.exchange/tags/USAdependencies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>USAdependencies</span></a> <a href="https://infosec.exchange/tags/USAdependency" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>USAdependency</span></a> <a href="https://infosec.exchange/tags/USAdependent" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>USAdependent</span></a></p>
Erik van Straten<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@troyhunt" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>troyhunt</span></a></span> : if we open a website that we've never visited before, we need browsers to show us all available details about that website, and warn us if such details are not available.</p><p>We also need better (readable) certificates identifying the responsible / accountable party for a website.</p><p>We have been lied to that anonymous DV certificates are a good idea *also* for websites we need to trust. It's a hoax.</p><p>Important: certificates never directly warrant the trustworthyness of a website. They're about authenticity, which includes knowing who the owner is and in which country they are located. This helps ensuring that you can sue them (or not, if in e.g. Russia) which *indirectly* makes better identifiable websites more reliable.</p><p>More info in <a href="https://infosec.exchange/@ErikvanStraten/113079966331873386" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">infosec.exchange/@ErikvanStrat</span><span class="invisible">en/113079966331873386</span></a> (see also <a href="https://crt.sh/?Identity=mailchimp-sso.com" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">crt.sh/?Identity=mailchimp-sso</span><span class="invisible">.com</span></a>).</p><p>Note: most people do not understand certificates, like <span class="h-card" translate="no"><a href="https://mastodon.social/@BjornW" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>BjornW</span></a></span> in <a href="https://mastodon.social/@BjornW/114064065891034415" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">mastodon.social/@BjornW/114064</span><span class="invisible">065891034415</span></a>:<br>❝<br><span class="h-card" translate="no"><a href="https://infosec.exchange/@letsencrypt" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>letsencrypt</span></a></span> offers certificates to encrypt the traffic between a website &amp; your browser.<br>❞<br>2x wrong.</p><p>A TLS v1.3 connection is encrypted before the website sends their certificate, which is used only for *authentication* of the website (using a digital signature over unguessable secret TLS connection parameters). A cert binds the domain name to a public key, and the website proves possession of the associated private key.</p><p>However, for people a domain name simply does not suffice for reliable identification. People need more info in the certificate and it should be shown to them when it changes.</p><p>Will you please help me get this topic seriously on the public agenda?</p><p>Edited 09:15 UTC to add: tap "Alt" in the images for details.</p><p><a href="https://infosec.exchange/tags/DVcerts" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DVcerts</span></a> <a href="https://infosec.exchange/tags/Authentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Authentication</span></a> <a href="https://infosec.exchange/tags/Impersonation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Impersonation</span></a> <a href="https://infosec.exchange/tags/Spoofing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Spoofing</span></a> <a href="https://infosec.exchange/tags/Phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Phishing</span></a> <a href="https://infosec.exchange/tags/DV" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DV</span></a> <a href="https://infosec.exchange/tags/GoogleIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GoogleIsEvil</span></a> <a href="https://infosec.exchange/tags/BigTechIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BigTechIsEvil</span></a> <a href="https://infosec.exchange/tags/Certificates" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Certificates</span></a> <a href="https://infosec.exchange/tags/httpsVShttp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>httpsVShttp</span></a> <a href="https://infosec.exchange/tags/AitM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AitM</span></a> <a href="https://infosec.exchange/tags/MitM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MitM</span></a> <a href="https://infosec.exchange/tags/FakeWebsites" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FakeWebsites</span></a> <a href="https://infosec.exchange/tags/CloudflareIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CloudflareIsEvil</span></a></p>
Business Insider Polska<p>Pieniądze trafiły na konto oszustów, a 67-latka pozostała ze sporym problemem😢 <a href="https://businessinsider.com.pl/wiadomosci/policja-ostrzega-przed-spoofingiem-wyjasnia-na-czym-polega-oszustwo/vxl4g3c?utm_term=autor_9&amp;utm_source=mastodon&amp;utm_medium=social&amp;utm_campaign=businessinsider-page-post" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">businessinsider.com.pl/wiadomo</span><span class="invisible">sci/policja-ostrzega-przed-spoofingiem-wyjasnia-na-czym-polega-oszustwo/vxl4g3c?utm_term=autor_9&amp;utm_source=mastodon&amp;utm_medium=social&amp;utm_campaign=businessinsider-page-post</span></a></p><p><a href="https://mastodon.social/tags/spoofing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>spoofing</span></a> <a href="https://mastodon.social/tags/policja" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>policja</span></a> <a href="https://mastodon.social/tags/oszustwo" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>oszustwo</span></a></p>
PrivacyDigest<p>Undocumented commands found in <a href="https://mas.to/tags/Bluetooth" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Bluetooth</span></a> chip used by a billion devices</p><p>The ubiquitous <a href="https://mas.to/tags/ESP32" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ESP32</span></a> microchip made by Chinese manufacturer <a href="https://mas.to/tags/Espressif" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Espressif</span></a> and used by over 1 billion units as of 2023 contains undocumented commands that could be leveraged for <a href="https://mas.to/tags/attacks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>attacks</span></a>.</p><p>The undocumented commands allow <a href="https://mas.to/tags/spoofing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>spoofing</span></a> of trusted devices, unauthorized data access, pivoting to other devices on the network, and potentially establishing long-term persistence.<br><a href="https://mas.to/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://mas.to/tags/china" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>china</span></a> </p><p><a href="https://www.bleepingcomputer.com/news/security/undocumented-commands-found-in-bluetooth-chip-used-by-a-billion-devices/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/undocumented-commands-found-in-bluetooth-chip-used-by-a-billion-devices/</span></a></p>
Prof. Dr. Dennis-Kenji Kipker<p>Hybride <a href="https://chaos.social/tags/Bedrohungslage" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Bedrohungslage</span></a>: In den letzten Monaten werden weltweit immer mehr Fälle von <a href="https://chaos.social/tags/GPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GPS</span></a> <a href="https://chaos.social/tags/Jamming" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Jamming</span></a> oder <a href="https://chaos.social/tags/Spoofing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Spoofing</span></a> bekannt, die u.a. die Flugnavigation erschweren. Wissenschaftler aus Polen haben dieses Problem nunmehr in einer Studie für den osteuropäischen Raum analysiert. In dem Zusammenhang kann ich allen am Thema Interessierten auch einen regelmäßigen Blick auf gpsjam dot org empfehlen. Hier gibt es einen tagesaktuellen Überblick über die GPS-Interferenzen weltweit:</p><p><a href="https://www.heise.de/news/Jamming-Polnische-Forscher-vermuten-GPS-Stoersender-auf-Schiffen-in-der-Ostsee-10304096.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">heise.de/news/Jamming-Polnisch</span><span class="invisible">e-Forscher-vermuten-GPS-Stoersender-auf-Schiffen-in-der-Ostsee-10304096.html</span></a></p>
ogueki<p><span class="h-card" translate="no"><a href="https://masto.bike/@youen" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>youen</span></a></span> <span class="h-card" translate="no"><a href="https://masto.bike/@alter_unicorn" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>alter_unicorn</span></a></span> <br>J'ai retrouvé <a href="https://masto.bike/tags/spoofing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>spoofing</span></a> :<br><a href="https://www.quechoisir.org/actualite-demarchage-telephonique-le-spoofing-une-zone-de-non-droit-n60129/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">quechoisir.org/actualite-demar</span><span class="invisible">chage-telephonique-le-spoofing-une-zone-de-non-droit-n60129/</span></a></p><p>Vieil article, ça a changé on dirait :<br><a href="https://mamot.fr/@homlett/114099404739537205" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">mamot.fr/@homlett/114099404739</span><span class="invisible">537205</span></a></p><p><span class="h-card" translate="no"><a href="https://mamot.fr/@homlett" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>homlett</span></a></span> <span class="h-card" translate="no"><a href="https://social.targaryen.house/@mariemini" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>mariemini</span></a></span></p>
h o ʍ l e t t<p><span class="h-card" translate="no"><a href="https://social.targaryen.house/@mariemini" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>mariemini</span></a></span> C'est du <a href="https://mamot.fr/tags/spoofing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>spoofing</span></a> oui. Les opérateurs ont en effet l'obligation de l'empêcher depuis l'année dernière… sur les téléphones fixes seulement → <a href="https://www.quechoisir.org/actualite-arnaque-telephonique-la-lutte-contre-le-spoofing-avance-n131630/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">quechoisir.org/actualite-arnaq</span><span class="invisible">ue-telephonique-la-lutte-contre-le-spoofing-avance-n131630/</span></a></p><p>Vous pouvez essayer des apps comme Carrion → <a href="https://f-droid.org/fr/packages/us.spotco.carrion/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">f-droid.org/fr/packages/us.spo</span><span class="invisible">tco.carrion/</span></a> ou SpamBlocker → <a href="https://f-droid.org/fr/packages/spam.blocker/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">f-droid.org/fr/packages/spam.b</span><span class="invisible">locker/</span></a> mais leur fonctionnement dépend du modèle de votre téléphone, de votre version d'Android, de votre opérateur… donc c'est loin d'être une garantie.</p>
Europe Says<p><a href="https://www.europesays.com/1883663/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">europesays.com/1883663/</span><span class="invisible"></span></a> Kanawha County warned of Bitcoin, AI fraud calls mimicking sheriff’s office <a href="https://pubeurope.com/tags/AI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AI</span></a> <a href="https://pubeurope.com/tags/ArtificialIntelligence" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ArtificialIntelligence</span></a> <a href="https://pubeurope.com/tags/bitcoin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bitcoin</span></a> <a href="https://pubeurope.com/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://pubeurope.com/tags/fraud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fraud</span></a> <a href="https://pubeurope.com/tags/KanawhaCounty" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>KanawhaCounty</span></a> <a href="https://pubeurope.com/tags/Scams" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Scams</span></a> <a href="https://pubeurope.com/tags/Sheriff" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Sheriff</span></a>'sOffice <a href="https://pubeurope.com/tags/spoofing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>spoofing</span></a></p>
Alexis<p>Les appels Spams, ça devient ingérable, surtout depuis que les arnaqueurs falsifient des numéros de portables, plus compliqués à bloquer par les applications antispam. </p><p>6 appels aujourd'hui (et c'est pas fini) dont un seul bloqué. </p><p><a href="https://rivals.space/tags/t%C3%A9l%C3%A9phone" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>téléphone</span></a> <a href="https://rivals.space/tags/spam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>spam</span></a> <a href="https://rivals.space/tags/spoofing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>spoofing</span></a> <a href="https://rivals.space/tags/smartphone" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>smartphone</span></a> <a href="https://rivals.space/tags/portable" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>portable</span></a> <a href="https://rivals.space/tags/arnaque" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>arnaque</span></a></p>
Erik van Straten<p>iPhone/iPad gebuikers: security-tip!</p><p>Sinds iOS en iPadOS versie 18.2 heeft Safari (de standaard webbrowser, het blauwe kompas) een instelling die het openen van websites veiliger maakt, vooral als u van publieke WiFi gebruik maakt (restaurant, trein, hotels etc).</p><p>Sla hieronder gerust alle tekst over die u niet interessant lijkt. Maar zet die instelling aan, voor uw eigen bestwil (en doe dat ook bij uw ouders)!</p><p>🔹 Laatste update iOS/iPadOS<br>Controleer sowieso regelmatig of uw iPhone of iPad de laatste update geïnstalleerd heeft: open "Instellingen" (het grijze tandwieltje), open "Algemeen" en vervolgens "Software update" (doe dat alleen als u een WiFi-internetverbinding heeft, anders kan het ten koste gaan van uw telefoonrekening).</p><p>De laatste versie op dit moment is 18.3.</p><p>🔹 Nieuwe Safari instelling<br>Na het updaten en opnieuw opstarten opent u in "Instellingen" onderaan "Apps". Zoek naar "Safari" en open dat.</p><p>Scroll het scherm naar boven totdat u het lichtgrijze kopje "PRIVACY EN BEVEILIGING" ziet.</p><p>Daaronder zou moeten staan: "Waarschuwing voor onveilige verbindingen" (standaard staat die instelling uit).</p><p>Als u dat AAN zet toont Safari u een *waarschuwing* als er (ook tijdelijk) gebruik gemaakt wordt van een verbinding met<br> http://<br>in plaats van met<br> https://</p><p>🔹 Toelichting<br>Bij http:// weet u, vooral op een minder vertrouwd netwerk (zoals WiFi in een vliegveld, zie <a href="https://www.bleepingcomputer.com/news/security/australian-charged-for-evil-twin-wifi-attack-on-plane/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/australian-charged-for-evil-twin-wifi-attack-on-plane/</span></a>), niet zeker of Safari echt een verbinding heeft met de server waarvan u de website-naam in de adresbalk van Safari ziet.</p><p>(Techneuten zeggen "domeinnaam" i.p.v. "website-naam").</p><p>Sterker, u kunt http:// vergelijken met wegwijzers die door vandalen in een andere richting kunnen worden gedraaid, waardoor u (als u geen moderne navigatie gebruikt) de verkeerde kant op kunt worden gestuurd.</p><p>🔹 Risico: omleiding naar nepsite<br>Vergelijkbaar, bij http:// kan een aanvaller Safari, zonder dat u gewaarschuwd wordt, doorsturen naar een nepwebsite (die als twee druppels op de echte lijkt) - doch met een iets afwijkende (of totaal andere) website-naam. Als die nepwebsite https:// ondersteunt, merkt u *niet* dat Safari naar een andere website is gestuurd dan door u bedoeld. </p><p>🔹 Waarom https:// wél veilig is<br>Bij het gebruik van uitsluitend https:// is "omleiden" nagenoeg onmogelijk. Als genoemde Safari-instelling AAN staat, maakt het niets uit of u bijvoorbeeld google.com of <a href="http://google.com" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">http://</span><span class="">google.com</span><span class="invisible"></span></a> intikt in de adresbalk: Safari: maakt daar dan automatisch https:// van vóórdat verbinding met de server wordt gemaakt.</p><p>🔸 Nadeel: thuisapparaten<br>Nadeel: sommige websites, vooral "smart" apparatuur in uw huis (waaronder de beheer-interface van uw modem, zoals de laatste van Ziggo) ondersteunt https:// vaak niet. Als u bijvoorbeeld http:⧸⧸192.168.178.1 moet openen, zal Safari u waarschuwen *voordat* de verbinding wordt gemaakt. Als u op "Ga verder" drukt, werkt alles als vanouds.</p><p>🔸 Nadeel: oude sites en "jumpsites"<br>Een ander voorbeeld zijn stompzinnige "jump sites" zoals <a href="http://gemeente.amsterdam" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">http://</span><span class="">gemeente.amsterdam</span><span class="invisible"></span></a> (deze ondersteunt uitsluitend http:// en dat is, voor overheden, tegen de wet). Als het *goed* is stuurt bovenstaande link Safari door naar <a href="https://amsterdam.nl" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">amsterdam.nl</span><span class="invisible"></span></a> (die link begint wel met https://).</p><p>Risico: als u, op een onvertrouwd netwerk, <a href="http://gemeente.amsterdam" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">http://</span><span class="">gemeente.amsterdam</span><span class="invisible"></span></a> opent, loopt u het risico dat Safari naar een nepwebsite wordt doorgestuurd, met bijvoorbeeld de naam<br> gemeenteamsterdam·com<br>of<br> amsterdam·top<br>en u geen enkele foutmelding ziet (en de getoonde pagina als twee druppels op de echte kan lijken). Nb. in die laatste twee websitenamen heb ik de laatste punt vervangen door · (een hoge punt) om onbedoeld openen te voorkómen.</p><p>🚨 Let op: "Ga verder" = http:// 🚨<br>Als u genoemde instelling in Safari aanzet (wat ik 100% aanraad, dit zou m.i. een standaard-instelling moeten zijn in alle browsers), en u krijgt het waarschuwingsscherm te zien (zie het tweede plaatje): als u op "Ga verder" drukt, wordt meteen de onveilige http:// verbinding gemaakt (zonder verdere vragen). Let dan dubbel goed op de vervolgens in de adresbalk van Safari getoonde websitenaam!</p><p>🔹 Resetten<br>Als u een http:// verbinding heeft toegestaan (zoals met <a href="http://gemeente.amsterdam" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">http://</span><span class="">gemeente.amsterdam</span><span class="invisible"></span></a>), onthoudt Safari dat een tijd (ik weet nog niet of dit tijdbegrensd is, waarschijnlijk wel). Als u Safari sluit, door de geopende app van het scherm te vegen, *lijkt* Safari alle toestemmingen te vergeten die u voor http:// verbindingen gegeven heeft.</p><p>Desnoods (dit raad ik af) kunt u Safari dwingen om onthouden toestemmingen te verwijderen door de gehele geschiedenis van Safari te wissen. Advies: vóór dat u dat doet, exporteer eerst alle website-data, want onthouden inloggegevens bent u ook kwijt als u de hele browsergeschiedenis wist. Met zo'n export kunt u terug naar de oude situatie door het export-bestand weer te importeren.</p><p>🔹 Over de plaatjes hieronder<br>Meer informatie ziet u door op "Alt" in het plaatje te drukken. Het linkerplaatje laat de nieuwe instelling voor Safari zien.<br>Voor het rechterplaatje heb ik <a href="http://http.badssl.com" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">http://</span><span class="">http.badssl.com</span><span class="invisible"></span></a> gekozen. Dat heb ik gedaan omdat ik wat wisselende ervaringen had met <a href="http://gemeente.amsterdam" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">http://</span><span class="">gemeente.amsterdam</span><span class="invisible"></span></a>.</p><p>(Voor techneuten: Safari onthoudt onder mij nog onbekende omstandigheden dat het om een jumpsite gaat. In een export van de browsergeschiedenis zag ik in "Geschiedenis.json", onder "<a href="http://gemeente.amsterdam" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">http://</span><span class="">gemeente.amsterdam</span><span class="invisible"></span></a>" o.a. een regel:<br>"destination.url" : "<a href="https://www.amsterdam.nl" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">amsterdam.nl</span><span class="invisible"></span></a>" - als de browser dat benut wordt er geen http gebruikt).</p><p>🔹 Over <a href="http://http.badssl.com" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">http://</span><span class="">http.badssl.com</span><span class="invisible"></span></a><br>De website <a href="https://badssl.com" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">badssl.com</span><span class="invisible"></span></a> bevat allerlei pagina's en sub-website-namen om browsers te testen, en is -voor zover ik weet- betrouwbaar. Niet alles is up-to-date (bijv. het certificaat van <a href="https://extended-validation.badssl.com/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">extended-validation.badssl.com/</span><span class="invisible"></span></a> is verlopen).</p><p>🔹 Andere testsites<br>In plaats van te testen met <a href="http://gemeente.amsterdam" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">http://</span><span class="">gemeente.amsterdam</span><span class="invisible"></span></a> kunt u ook testen met bijv. <a href="http://http.badssl.com" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">http://</span><span class="">http.badssl.com</span><span class="invisible"></span></a> en <a href="http://www.buitenhoftv.nl" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">http://www.</span><span class="">buitenhoftv.nl</span><span class="invisible"></span></a>.</p><p>M.b t. die laatste: als u 2x op more/meer drukt in <a href="https://youtube.com/watch?v=WalOiq0mrNw" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">youtube.com/watch?v=WalOiq0mrNw</span><span class="invisible"></span></a> ziet u onder:<br>"Meer van Buitenhof: <br>» Vind"<br>een https:// link naar www.buitenhoftv.nl - maar u wordt belazerd (die jumpsite ondersteunt uitsluitend http). Precies daarom raad ik aan om deze Safari instelling aan te zetten. Ook sommige QR-codes bevatten http-links terwijl de site óók https ondersteunt.</p><p>Met enorme dank aan Thomas Bosboom ✅<br>(<span class="h-card" translate="no"><a href="https://infosec.exchange/@thomasbosboom" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>thomasbosboom</span></a></span>) die mij op deze instelling wees in <a href="https://infosec.exchange/@thomasbosboom/113945617133456130" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">infosec.exchange/@thomasbosboo</span><span class="invisible">m/113945617133456130</span></a>!</p><p><a href="https://infosec.exchange/tags/iOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>iOS</span></a> <a href="https://infosec.exchange/tags/iPadOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>iPadOS</span></a> <a href="https://infosec.exchange/tags/Safari" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Safari</span></a> <a href="https://infosec.exchange/tags/Beveiliging" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Beveiliging</span></a> <a href="https://infosec.exchange/tags/iPhone" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>iPhone</span></a> <a href="https://infosec.exchange/tags/iPad" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>iPad</span></a> <a href="https://infosec.exchange/tags/httpVShttps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>httpVShttps</span></a> <a href="https://infosec.exchange/tags/httpsVShttp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>httpsVShttp</span></a> <a href="https://infosec.exchange/tags/WiFi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WiFi</span></a> <a href="https://infosec.exchange/tags/PubliekWifi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PubliekWifi</span></a> <a href="https://infosec.exchange/tags/EvilTwin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>EvilTwin</span></a> <a href="https://infosec.exchange/tags/AitM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AitM</span></a> <a href="https://infosec.exchange/tags/MitM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MitM</span></a> <a href="https://infosec.exchange/tags/Netwerken" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Netwerken</span></a> <a href="https://infosec.exchange/tags/OnbetrouwbaarNetwerk" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OnbetrouwbaarNetwerk</span></a> <a href="https://infosec.exchange/tags/Phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Phishing</span></a> <a href="https://infosec.exchange/tags/Spoofing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Spoofing</span></a> <a href="https://infosec.exchange/tags/ValseWebsites" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ValseWebsites</span></a> <a href="https://infosec.exchange/tags/NepWebsites" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NepWebsites</span></a></p>
WDR (inoffiziell)Derzeit kursieren vermehrt betrügerische SMS-Nachrichten, etwa Paket-Nachrichten: So kann man sich schützen.<a href="https://squeet.me/search?tag=Schieb" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Schieb</span></a> <a href="https://squeet.me/search?tag=Digital" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Digital</span></a> <a href="https://squeet.me/search?tag=Smishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Smishing</span></a> <a href="https://squeet.me/search?tag=SMS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SMS</span></a> <a href="https://squeet.me/search?tag=Betrug" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Betrug</span></a> <a href="https://squeet.me/search?tag=Cyberbetrug" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cyberbetrug</span></a> <a href="https://squeet.me/search?tag=Spoofing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Spoofing</span></a> <a href="https://squeet.me/search?tag=DHL" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DHL</span></a> <a href="https://squeet.me/search?tag=Paketmeldung" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Paketmeldung</span></a><br><a href="https://www1.wdr.de/nachrichten/sms-smishing-spoofing-betrug-100.html" rel="nofollow noopener noreferrer" target="_blank">Smishing: Vorsicht vor betrügerischen SMS – so kann man sich schützen</a>