Sergey Shkundaleu @archit3ct@social.ssbx.dev

I had been saying that listening to the microphone on your phone is not practical or scalable from a marketing point of view(while 100 % possible). My recommendation though has always been removal of social media apps from your phone. #punkprivacy However looks like at least one player brags about it, so maybe they were able to implement a process that yields good ROI and proves me wrong. Please remove unnecessary apps from your phone. https://futurism.com/the-byte/facebook-partner-phones-listening-microphone #privacy

Just remember when product is free and distributed by for profit commercial entity, they have to have a way to recoup their losses. In many cases you are the product, in some cases your data is the product that they sell, and in some cases they are straight out fraudsters.
https://www.bleepingcomputer.com/news/security/free-vpn-apps-on-google-play-turned-android-phones-into-proxies/

This is a good reminder of how important is real time continuous monitoring in a whole cybersecurity puzzle. It took 22 min after vulnerability was published for the bad guys to start exploiting it. #cybersecurity https://www.bleepingcomputer.com/news/security/hackers-use-poc-exploits-in-attacks-22-minutes-after-release/

Here is another example of vendor abandoning patching. From time to time businesses around the world would have to make those decisions based on simple economy, however I think it would have been honest from their perspective is to open source their code, so that community could fix it. Unfortunately that's not the case for any of the vendors, luckily people have choices there is OpenWRT which is an open source ecosystem for routers, and that model is supported.
https://www.howtogeek.com/d-link-dir-856-router-exposed-to-hackers/

While progress and shift to software defined everything is generally great, people need to be ready for that shift and be able to understand how to protect themselves from threat vectors associated with such shift. #cybersecurity
https://www.bleepingcomputer.com/news/security/sim-swappers-hijacking-phone-numbers-in-esim-attacks/

As I previously said any company, no mater how noble their intentions could have been, would have to follow procedures of the country where they have been incorporated, that's why I think the future of privacy is for people to be able to manage their own data . #ethiork #privacy
https://restoreprivacy.com/protonmail-discloses-user-data-leading-to-arrest-in-spain/

That is good to see that SEC charging bunch of players on the market for failures to follow their own incident report procedures. That's just another highlight of the value of cybersecurity in today's work, because that is what could move the market. #cybersecurity #SEC
https://www.sec.gov/newsroom/press-releases/2024-63

Another breach from a couple of months ago, and it's coming from effective monopolist in ticket sales, if you tried to buy tickets recently then mos likely you had to deal with enormous "fees" imposed by that player, so what do you think how much of those went into cybersecurity spending, probably not much if anything . #databreach #cybersecurity
https://www.abc.net.au/news/2024-05-30/ticketmaster-data-breach-how-to-check-if-you-have-been-hacked/103912494

With AI getting back to prime time with LLMs, everyone trying to get a hold of tech necessary to succeed and chip wars will continue for sure between different countries. #AI https://www.reuters.com/technology/former-asml-ceo-says-us-china-chip-fight-will-continue-2024-07-06/

I have no intention to continue reporting on data breaches, but that is just continue to pop up here and there, unfortunately companies does not want to walk their talk and it's not a technical problem it's cultural. #cybersecuity
https://www.bleepingcomputer.com/news/security/neiman-marcus-data-breach-31-million-email-addresses-found-exposed/

This is just crazy, stock firmware sends data somewhere in plain text, data which happens to be user's wifi password. Is it the supply chain attack or coming from the company themselves. That would be interesting to know. #cybersecurity
https://stackdiary.com/linksys-velop-routers-send-wi-fi-passwords-in-plaintext-to-us-servers/

This is just terrifying, as usual humans are the weak link in any system. There have been multiple reports where hacks utilizing SIM swaps cleared people savings. This is just one case with 5 victims, and it's mind blowing that some one would do that. #security
https://www.bleepingcomputer.com/news/security/former-telecom-manager-admits-to-doing-sim-swaps-for-1-000/

Generative AI coudl be a very useful, when used properly. However what we see in cybersecurity space is that threat actors starting to utilize gen AI for phishing, and that is where AI shines, it creates very persuasive and authentically looking emails. Thus it's very important to be able to recognize phishing emails. #phishing #cybersecurity Check out this article by Wired: https://www.wired.com/story/how-to-spot-business-email-compromise-scam/

Ugh another data breach, now it's AT&T. I know the article is a couple months old, but leak itself from 2021, and it took 3 years for AT&T to admit it. No comments. #cybersecurity #databreach https://restoreprivacy.com/att-admits-data-leak-impacting-73-million-current-and-former-customers/

I know it's a school break for everyone, however when kids woudl get back to school it's very important to help them with right choices and lunch is a very important meal where kids are at school by themselves. I know people get busy, but do not neglect your kids lunch choices, pack a proper lunch and help them stay healthy. #lunch #kids #health https://www.consumerreports.org/health/lunch-and-snack-packs/should-you-pack-lunchables-for-your-kids-school-lunch-a1165583878/

AI has become a fashionable word on geopolitical arena as well. Unfortunately often goverments turn to the best mechanism they know, which is heavy regulations. What worries me in that article is the view of some folks that the government should be regulating open source models, which will lead to even further concentration of AI power in corporate hands rather than being available to people. #ai https://www.reuters.com/technology/us-eyes-curbs-chinas-access-ai-software-behind-apps-like-chatgpt-2024-05-08/

Another good article from Mozilla regarding privacy. That's a good example of what I've been talking about for a while. In many cases the definition of privacy is limited to primarily personal information, however advertisers do not need that information, advertisers need to understand the person behind the screen to predict their next purchase or drive person towards that. Beware of how mental health and prayer apps use most vulnerable population, their users. #privacy https://foundation.mozilla.org/en/blog/top-mental-health-and-prayer-apps-fail-spectacularly-at-privacy-security/

Age verification and ID verification services are touted as a great savior that would protect kids and so on, thus there is a notion to force people into using those services throuhg regulations. However what happens when those services are getting hacked? #privacy #cybersecurity https://www.eff.org/deeplinks/2024/06/hack-age-verification-company-shows-privacy-danger-social-media-laws