Samstag, 19. Oktober, ab 14 Uhr: #Hacktoberfest beim @chaosdarmstadt – Mentoren helfen bei allen aufkommenden Fragen chaos-darmstadt.de/2019/hacktober… https://mobile.twitter.com/chaosupdates/status/1181013362370633728?p=v

**Radio (In)Security** @radioinsecurity@social.bau-ha.us · Oct 07, 2019, 12:55

**Radio (In)Security** @radioinsecurity@social.bau-ha.us · Oct 07, 2019, 12:55

Oct 07, 2019, 12:55

Radio (In)Security @radioinsecurity@social.bau-ha.us

Unsere Webseite ist jetzt auf einen anderen Server umgezogen und nutzt auch andere Software. Wenn es Probleme gibt, sagt bitte Bescheid.

https://insecurity.radio.fm/

**Radio (In)Security** · Oct 04, 2019, 20:31

Radio (In)Security boosted

**qbi** @qbi@mastodon.social · Oct 04, 2019, 20:31

Oct 04, 2019, 20:31

qbi @qbi@mastodon.social

Das Project Zero von Google hat einen schönen Bug in #Signal gefunden. Damit lässt sich das Mikrofon remote aktivieren.

Aktualisiert eure Software!

https://bugs.chromium.org/p/project-zero/issues/detail?id=1943

**Radio (In)Security** @radioinsecurity@social.bau-ha.us · Oct 02, 2019, 19:40

**Radio (In)Security** @radioinsecurity@social.bau-ha.us · Oct 02, 2019, 19:40

Oct 02, 2019, 19:40

Radio (In)Security @radioinsecurity@social.bau-ha.us

Seit fünf Tagen: Schadsoftware legt Berliner Kammergericht lahm

Hacker haben eines der höchsten Berliner Gerichte angegriffen – und das Computersystem lahmgelegt. Ein internes Schreiben offenbart, wie groß der Schaden ist. Die Mitarbeiter faxen wieder.

https://m.faz.net/aktuell/wirtschaft/diginomics/schadsoftware-legt-berliner-kammergericht-lahm-16413935.html

**Radio (In)Security** @radioinsecurity@social.bau-ha.us · Sep 09, 2019, 14:30

**Radio (In)Security** @radioinsecurity@social.bau-ha.us · Sep 09, 2019, 14:30

Sep 09, 2019, 14:30

Radio (In)Security @radioinsecurity@social.bau-ha.us

Kinder-GPS-Uhren millionenfach ausspionierbar

Sicherheitsforscher haben eine knappe Million ausspionierbarer Kinder-Smartwatch-Tracker im Netz gefunden. c't-Lesern dürfte das bekannt vorkommen.

https://www.heise.de/security/meldung/China-Schrott-Kinder-GPS-Uhren-millionenfach-ausspionierbar-4516423.html

**Radio (In)Security** · Sep 04, 2019, 07:34

Radio (In)Security boosted

**Moritz Fromm** @frommMoritz@chaos.social · Sep 04, 2019, 07:34

Sep 04, 2019, 07:34

Moritz Fromm @frommMoritz@chaos.social

Just deleted WhatsApp. You should to!

#deleteWhatsApp

**Radio (In)Security** @radioinsecurity@social.bau-ha.us · Sep 01, 2019, 08:21

**Radio (In)Security** @radioinsecurity@social.bau-ha.us · Sep 01, 2019, 08:21

Sep 01, 2019, 08:21

Radio (In)Security @radioinsecurity@social.bau-ha.us

Russian police take down malware gang that infected 800,000+ Android smartphones | ZDNet

TipTop malware gang was making between $1,500 and $10,500 in daily profits.

https://www.zdnet.com/article/russian-police-take-down-malware-gang-that-infected-800000-android-smartphones/

**Radio (In)Security** · Aug 19, 2019, 15:54

Radio (In)Security boosted

mt @mt@social.bau-ha.us · Aug 19, 2019, 15:54

Aug 19, 2019, 15:54

mt @mt@social.bau-ha.us

@radioinsecurity so viele opsec fails... Liest fast wie ein Handbuch was man nicht tun sollte.

**Radio (In)Security** @radioinsecurity@social.bau-ha.us · Aug 19, 2019, 06:51

**Radio (In)Security** @radioinsecurity@social.bau-ha.us · Aug 19, 2019, 06:51

Aug 19, 2019, 06:51

Radio (In)Security @radioinsecurity@social.bau-ha.us

Fünf Gramm Marihuana führen Cybercrime-Experten zu großem Fund nach Thüringen

Cybercrime-Experten des Landeskriminalamtes beenden nach einem kleinen Drogenfund einen illegalen Onlinehandel und finden millionenfach erbeutete Daten.

https://www.otz.de/leben/blaulicht/fuenf-gramm-marihuana-fuehren-cybercrime-experten-uebers-darknet-zu-grossem-fund-nach-thueringen-id226816921.html

**Radio (In)Security** @radioinsecurity@social.bau-ha.us · Aug 04, 2019, 16:22

**Radio (In)Security** @radioinsecurity@social.bau-ha.us · Aug 04, 2019, 16:22

Aug 04, 2019, 16:22

Radio (In)Security @radioinsecurity@social.bau-ha.us

Apobank Opfer von massiver Cyberattacke: Einschränkung für Kunden

https://app.handelsblatt.com/finanzen/banken/phishing-angriff-apobank-opfer-einer-massiven-cyberattacke-einschraenkungen-fuer-kunden/24869480.html

**Radio (In)Security** @radioinsecurity@social.bau-ha.us · Aug 02, 2019, 12:04

**Radio (In)Security** @radioinsecurity@social.bau-ha.us · Aug 02, 2019, 12:04

Aug 02, 2019, 12:04

Radio (In)Security @radioinsecurity@social.bau-ha.us

Vorsicht vor neuen Phishing-Mails:

Tweet von Cygenta (@CygentaHQ) um 2. Aug., 13:56

We’ve been alerted to a new Office 365 phishing email. The ‘Restore Emails’ button hides a link which would take you to a One Drive survey 🎣🚫 https://t.co/yd17ocPtK4

https://twitter.com/CygentaHQ/status/1157225373668691968

**Radio (In)Security** @radioinsecurity@social.bau-ha.us · Jul 24, 2019, 13:59

**Radio (In)Security** @radioinsecurity@social.bau-ha.us · Jul 24, 2019, 13:59

Jul 24, 2019, 13:59

Radio (In)Security @radioinsecurity@social.bau-ha.us

Schaut euch mal den Tweet von VLC an. Die üben ziemlich starke Kritik an der Mitre corp und anderen:

Tweet von VideoLAN (@videolan) um 24. Juli, 11:41

About the "security issue" on #VLC : VLC is not vulnerable.
tl;dr: the issue is in a 3rd party library, called libebml, which was fixed more than 16 months ago.
VLC since version 3.0.3 has the correct version shipped, and @MITREcorp did not even check their claim.

Thread:

https://twitter.com/videolan/status/1153963312981389312

**Radio (In)Security** @radioinsecurity@social.bau-ha.us · Jul 11, 2019, 18:19

**Radio (In)Security** @radioinsecurity@social.bau-ha.us · Jul 11, 2019, 18:19

Jul 11, 2019, 18:19

Radio (In)Security @radioinsecurity@social.bau-ha.us

Fremde Bibliothek gehackt und Code eingeschleust. Schöne Erklärung des Vorfalls.
https://withatwist.dev/strong-password-rubygem-hijacked.html

**Radio (In)Security** @radioinsecurity@social.bau-ha.us · Jul 04, 2019, 18:36

**Radio (In)Security** @radioinsecurity@social.bau-ha.us · Jul 04, 2019, 18:36

Jul 04, 2019, 18:36

Radio (In)Security @radioinsecurity@social.bau-ha.us

Joomla! 3.7.5 - Takeover in 20 Seconds with LDAP Injection

With over 84 million downloads, Joomla! is one of the most popular content management systems. Our code analysis solution RIPS detected a previously unknown LDAP injection vulnerability in the login controller. This one vulnerability could allow remote attackers to leak the super user password and to fully take over any Joomla!

https://blog.ripstech.com/2017/joomla-takeover-in-20-seconds-with-ldap-injection-cve-2017-14596/

**Radio (In)Security** @radioinsecurity@social.bau-ha.us · Jul 02, 2019, 23:14

**Radio (In)Security** @radioinsecurity@social.bau-ha.us · Jul 02, 2019, 23:14

Jul 02, 2019, 23:14

Radio (In)Security @radioinsecurity@social.bau-ha.us

Polizei durchsucht Wohnung wegen Drogen und findet einen Stapel Dokumente mit Top-Secret-Einstufung:
---
Exclusive: FBI Investigates Leak Of 1,000 Pages Of ‘Top Secret’ Air Force Intelligence

Police go in search of an Air Force employee they suspected was growing marijuana. They claim to have found not only weed, but classified, highly-sensitive intelligence files in the employee's home too.

https://www.forbes.com/sites/thomasbrewster/2019/07/02/exclusive-fbi-investigates-leak-of-1000-pages-of-top-secret-air-force-intelligence/#61c666682973

**Radio (In)Security** · Jun 22, 2019, 08:45

Radio (In)Security boosted

**qbi** @qbi@mastodon.social · Jun 22, 2019, 08:45

Jun 22, 2019, 08:45

qbi @qbi@mastodon.social

Pentagon secretly struck back against Iranian cyberspies targeting U.S. ships

On Thursday evening, U.S. Cyber Command launched a retaliatory digital strike against an Iranian spy group that supported last week’s limpet mine attacks on commercial ships, according to two former intelligence officials.

https://news.yahoo.com/pentagon-secretly-struck-back-against-iranian-cyber-spies-targeting-us-ships-234520824.html

**Radio (In)Security** · Jan 12, 2019, 16:22

Radio (In)Security boosted

**Dr. Roy Schestowitz (罗伊)** @schestowitz@pleroma.site · Jan 12, 2019, 16:22

Jan 12, 2019, 16:22

Dr. Roy Schestowitz (罗伊) @schestowitz@pleroma.site

2014: Former #Microsoft Engineer Working on #Windows #BitLocker Confirms Government Asks #Microsoft for #BackDoors
http://techrights.org/2014/07/31/microsoft-back-doors-admission/

**Radio (In)Security** · Jun 14, 2019, 17:21

Radio (In)Security boosted

**Venty** @Venty@chaos.social · Jun 14, 2019, 17:21

Jun 14, 2019, 17:21

Venty @Venty@chaos.social

#CCC Competence Call Center

c451868f80a1058e.jpg

**Radio (In)Security** · Jun 14, 2019, 17:30

Radio (In)Security boosted

**Jörg Kantel** @kantel@mastodon.social · Jun 14, 2019, 17:30

Jun 14, 2019, 17:30

Jörg Kantel @kantel@mastodon.social

Google veröffentlicht Version 75 seines Browsers Chrome

#Google schließt mit dem #Update auf die Version 75 (75.0.3770.90) eine Sicherheitslücke, die Angreifer unter bestimmten Vorraussetzungen zur Systemkompromittierung mißbrauchen könnten. http://blog.schockwellenreiter.de/2019/06/2019061402.html #Security #Chrome

e7e0256dfad89a74.jpg

Webseite: https://insecurity.radio.fm/

Der Podcast zu IT-(Un)Sicherheit von @qbi und Tobias Walter

Joined Jul 2018

Radio (In)Security @radioinsecurity@social.bau-ha.us

Resources

Developers

What is Mastodon?

social.bau-ha.us

More…