Spanish translation in #usenet alt.2600.* newsgroups for the https://hackingisnotacrime.org english explanation that I find to be one of the best out there or the best ever. We are making fliers here in #Madrid and stickers. https://news.novabbs.org/computers/article-flat.php?id=165&group=alt.2600.hackers#165 #2600 #hackers #hacking #hackerculture #hackingIsNotACrime #hispagatos @thedarktangent @nh2600 @2600@mastodon.online @2600@lemmy.world @2600@glasgow.social @merce @AlbertoQ @thegibson @drwho @aleph_one
heise+ | Webservices programmieren in Go: Daten prüfen und speichern, Passwörter hashen
Nie sollte ein Backend ungeprüft Daten von einem Client verarbeiten und speichern. Die Techniken dafür sind nicht schwierig zu erlernen.
GNU Emacs: new critical remote shell injection vulnerability.
Red Hat discovered a command injection flaw in the text editor Emacs. It allows a remote, unauthenticated attacker to execute any command on your computer. The vulnerability is activated when you visit a malicious website or link.
https://www.cve.org/CVERecord?id=CVE-2025-1244
---
#news #software #gnu #emacs #security #hacking #terminal #linux #cve #opensource #freesoftware
---
Mitigation: uninstall/update immediately.
Ethical Hacking für Fortgeschrittene – sich selbst hacken, bevor es andere tun
In fünf Terminen lernen Admins und IT-Security-Verantwortliche ab dem 28. April, ihre eigenen Systeme zu hacken, um sich vor Angreifern effektiv zu schützen.
Ethereum: The Root of the $1.5 Billion Bybit Exploit and the BCH Solution
https://read.cash/@Adeilton_Filho/ethereum-the-root-of-the-15-billion-bybit-exploit-0ccee765
#news #crypto #bybit #tech #technology #bitcoin #bch #bitcoincash #hacking #exchange #crime #finance #eth
Computerworld: US Government sued after mass emails to federal workforce allegedly sent from insecure server
"...Musk appointees allegedly plugged their own email server into OPM network, breaking data security rules. ... The suit was filed after OPM sent two test emails to an estimated 2.3 million federal employees in a way that, the suit alleges, broke the E-Government Act of 2002 and was inherently insecure. Those rules require that a Privacy Impact Assessment (PIA) be carried out first.... The OPM did not immediately respond to questions sent to the hr@opm.gov email address."
https://www.computerworld.com/article/3812509/us-government-sued-after-mass-emails-to-federal-workforce-allegedly-sent-from-insecure-server.html #cybersecurity #email #insecure #hacking #Musk #Politics #USpol
$0 #free #book
#Debt-Free Living: How to Escape the #RatRace
https://www.amazon.com/dp/B0DXJ6SQSB
Self-Defense Secrets of #Spies: #CIA #Survival Skills, #KGB Combat Arts, & #OSS Silent Kills
https://www.amazon.com/dp/B0BW86RS6K
Magic of #House #Hacking: (#Entrepreneurs)
https://www.amazon.com/dp/B09H351TFJ
Affordable #Retirement Bucket List
https://www.amazon.com/dp/B0DWMMG6ZS
Größter Krypto-Coup aller Zeiten: Bybit verliert 1,5 Milliarden US-Dollar
Die Krypto-Börse Bybit ist Opfer des wohl bisher größten Diebstahls von Digitalwährung überhaupt geworden. Hinter der Attacke könnte ein Staat stehen.
UPDATE!
Shit happens.
We have rescheduled #CryproBarons on the #DCG201 LIVE Stream for Sunday, February 16th at 3pm EST!
We'll be #hacking the #Soneium #blockchain and #web3 ecosystem!
@defcon #fediverse #mastodon #crypto #playstation #stateofplay
(1/2) In another life I wrote about data breaches. Surprisingly hacks usually resulted from basic attack patterns. Often just credential abuse. Effectively knowledge asymmetry + exploitation of trust.
Once I noticed this, I saw the pattern everywhere. Companies finding ways to sell harmful products. The wealthy using clout to avoid legal consequences. Building systems resistant to trust violations is hard. Thinking about this has become a bit of an obsession.
Massiver Cyberangriff auf US-Provider: Attacken gehen immer noch weiter
Im Herbst wurde der schlimmste Telekommunikationshack in der US-Geschichte entdeckt. Die Angreifer wurden noch nicht gestoppt, ganz im Gegenteil.
"Hackers leaked thousands of files from Lexipol, a Texas-based company that develops policy manuals, training bulletins, and consulting services for first responders... The data, a sample of which was given to the Daily Dot by a group referring to itself as “the puppygirl hacker polycule,” includes approximately 8,543 files related to training, procedural, and policy manuals, as well as customer records that contain names, usernames, agency names, hashed passwords, physical addresses, email addresses, and phone numbers.
As noted by the Texas Law Review, “although there are other private, nonprofit, and government entities that draft police policies, Lexipol is now a dominant force in police policymaking across the country.”
Lexipol has also been criticized for its resistance to police reform. The company’s manuals often exclude reform proposals such as requiring de-escalation and prohibitions on chokeholds.
Founded by two former police officers-turned-lawyers in 2003, Lexipol has increased its customer base significantly over the years. The company has also caught the attention of civil liberties groups that have accused Lexipol of helping violent officers evade justice by crafting policies that provide broad discretion in use-of-force situations."
https://www.dailydot.com/debug/lexipol-data-leak-puppygirl-hacker-polycule/
New hack uses prompt injection to corrupt Gemini’s long-term memory - In the nascent field of AI hacking, indirect prompt injection has become a... - https://arstechnica.com/security/2025/02/new-hack-uses-prompt-injection-to-corrupt-geminis-long-term-memory/ #artificialintelligence #largelanguagemodels #promptinjection #security #chatbots #hacking #biz #google #llms #ai
"That is both because of the risk that the new policy presents of the disclosure of sensitive & confidential information & the heightened risk that the systems in question will be more vulnerable than before to #hacking," Engelmayer wrote.
His order bars access from being granted to #Treasury Dept payment & data systems by #political appointees, special government employees [#SGE] & government employees detailed from an agency outside the Treasury Dept.
#law #Cybersecurity #InfoSec #Musk #Trump
"If you can get into the treasury computers,
you can get into the voter tabulation computers."
-- Sandi Bachom
Last Call: Proaktive IT-Security mit Pentesting: Ethical Hacking für Admins
In fünf Terminen lernen Admins und IT-Security-Verantwortliche ab dem 10.02., wie sie mit Ethical Hacking Systeme absichern und Schwachstellen aufdecken.