#manInTheMiddle

Vox OhmniaVoxOhm
2025-02-14

and resistance :

. Search and knowledge 4/?

... allows direct device to device sharing of such information as well. Thus avoiding and going forward.

kiwix.org/en/applications/

Kevin Karhan :verified:kkarhan@infosec.space
2025-01-04
2024-11-25

Kedze rad pouzivam wget, upozornujem na poslednu aktualizaciu 1.25.0, ktora je patch na CVE-2024-10524

#phishing #maninthemiddle #dataleakage

2024-10-18

Accessing the Internet through free public Wi-Fi networks exposes you to serious #security risks.

For our #CyberSecMonth campaign, Alessandro Inzerilli, network and security engineer at the Italian Research and Education Network GARR, explains why you should always use a #VPN, such as #eduVPN, when using such unsecured networks.

🔗 connect.geant.org/csm24

#CSM24 #CyberSecurityAwareness #Cybersecurity #SecurityAwareness #ECSM #Network #WiFiSecurity #Spoofing #ManInTheMiddle #WiFi

JL Johnson :veri_mast:User47@vmst.io
2024-10-13

Look at the crap folks have to do to get around HP’s stupid ink monopoly. Friends don’t let friends buy HP printers. youtu.be/h0ya184uaTE?si=nope (decrapified link) #ManInTheMiddle #DRM #EndDRM

Paul Schoonhoven 🍋🍉vosje62@mastodon.nl
2024-09-06

@AndreVerhoeven geen idee, maar een #ManInTheMiddle lijkt me bijzonder voor de hand liggend, net als bankbiljetten. 😂
(dat laatste lijkt me een echte old school techniek waar je op kan vertrouwen. 🤓
@LaAckxtra @karelbrits

卡拉今天看了什麼ai_workspace@social.mikala.one
2024-07-14

Linksys Velop routers send Wi-Fi passwords in plaintext to US servers

Link
📌 Summary:

根據Testaankoop的調查,發現兩款Linksys路由器正在以明文的方式將Wi-Fi登入資訊傳送到位於美國的亞馬遜(AWS)伺服器,包括Linksys Velop Pro 6E和Velop Pro 7這兩款mesh路由器。這個漏洞讓攻擊者能夠攔截傳輸過程中的Wi-Fi網路名稱(SSID)和密碼,從而進行竊聽和惡意攻擊。儘管Testaankoop多次向Linksys提出警告,但該公司並未採取有效措施,直到Testaankoop再次聯絡後才進行了更新,但仍未解決問題。這個問題可能源於Linksys固件中使用的第三方軟體,但無論如何,這種漏洞仍然存在,即使是最新的Linksys 7 Pro,都無法避免。研究人員建議消費者不要購買這些路由器,因為存在嚴重的網路入侵和資料損失的風險。

🎯 Key Points:

Testaankoop發現兩款Linksys路由器在明文中將Wi-Fi登入資訊傳送到AWS伺服器,包括Linksys Velop Pro 6E和Velop Pro 7。
這個漏洞讓攻擊者能夠攔截SSID和密碼,進行竊聽和惡意攻擊。
Testaankoop多次向Linksys提出警告,但該公司未採取有效措施。
更新後的固件仍無法解決問題。
這個問題可能源於Linksys固件中使用的第三方軟體,但無論如何,這種漏洞仍然存在。
研究人員建議不要購買這些路由器,並建議用戶更改Wi-Fi網路名稱和密碼。

#Linksys #router #meshnetworking #dataprotection #cybersecurity #vulnerability #AWS #thirdpartysoftware #SSID #password #cleartext #plaintext #man-in-the-middle #attack #firmware #security #wiring #hacking #officeenvironments #Patagonia #AI #privacyviolation #classactionlawsuit #Snowflake #MFA #databreaches

🔖 Keywords:

#Linksys #router #meshnetworking #dataprotection #cybersecurity #vulnerability #AWS #thirdpartysoftware #SSID #password #cleartext #plaintext #man-in-the-middle #attack #firmware #security #wiring #hacking #officeenvironments #Patagonia #AI #privacyviolation #classactionlawsuit #Snowflake #MFA #databreaches

Kevin Karhan :verified:kkarhan@infosec.space
2024-06-13

@europesays because most #JobPostings are just #repostings of some #recruitment agency.

I kid you not: I've seen "Recruitment Firm" to offer a job at "Contracting Agency" which would subcontract my work to a "Government Agency", and those two #ValueRemoving #ManInTheMiddle would both demand their #cut...

Deadly Headshotdheadshot
2024-05-25

@Sevoris @munin Ah! That's better then! I've seen the strategy used for similar systems, but I guess this solves that problem! Assuming the phone number can't just be spoofed, that is...

Deadly Headshotdheadshot
2024-05-25

@munin The trouble with that system is it doesn't stop attacks, as someone can phone your bank pretending to be you and have someone phoning you pretending to be the bank at the same time...

Wizards Anonymouscrft
2024-03-28
2024-03-27

How #Facebook spies competitive products using an in-house #VPN on users' phones: Facebook engineers proposed using Onavo, which when activated had the advantage of reading all of the device’s network traffic before it got encrypted and sent over the internet.
“We now have the capability to measure detailed in-app activity” from “parsing snapchat analytics. #maninthemiddle
techcrunch.com/2024/03/26/face

Scott 🏴😷scott@tams.tech
2024-03-05

@owen @signalapp

@Mer__edith maybe YOU could wake someone up in the technical/customer support department? Or do they just not exist? It's been months that I've been trying to diagnose verification code failures on my own because I don't get anything from the Customer Support form on signal.org

blog.techwork.zone/posts/mitm/

#MitM #ManInTheMiddle #Signal #security #privacy

2024-02-24

iX-Workshop: Daten und Kommunikation schützen mit moderner Kryptographie

Lernen Sie, wie gängige kryptographische Verfahren wie Verschlüsselung und digitale Signaturen funktionieren und wie Sie damit Ihre Unternehmens-IT schützen.

heise.de/news/iX-Workshop-Date

#digitaleSignatur #Security #Verschlüsselung #Mac #ManintheMiddle #RSA #news

2024-02-16

iX-Workshop: Bewährte Methoden moderner Kryptographie verstehen und anwenden

Lernen Sie Konzepte und Methoden der Kryptographie anhand typischer Anwendungsfälle aus der Praxis kennen. (Last Call)

heise.de/news/iX-Workshop-Bewa

#digitaleSignatur #Security #Verschlüsselung #Mac #ManintheMiddle #RSA #news

Le͢ẃ Gr͏ant͡lewgrant@ohai.social
2024-01-25

This article states that the Snapchat message was seen by British security b/c he was using airport #WiFi but doesn't go into specifics. Does #Snapchat operate in plain text over the wire? Does airport WiFi have some sort of #maninthemiddle capabilities? Obviously public WiFi means the WiFi isn't #encrypted but presumably you'd be using something like #https to communicate w/ messaging apps, right? gizmodo.com/teen-fine-joke-tex

Client Info

Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst