Matrix vs. XMPP
What are XMPP and Matrix and what makes them special?
XMPP and Matrix are two decentralized and federated free software projects for chat, including true end-to-end encrypted chat.
Users can either install the software on their own server if they want, but they can also easily register on any public serverβboth allow any XMPP or Matrix user to talk to users on their server or on any other one. In essence, it works like email: you might have an email account on a different site than your friend, but all accounts on all sites can communicate.
In a world where most communication is done on centralized proprietary platforms without end-to-end encryption like Facebook, Telegram and Google, Matrix and XMPP both are permanent solutions to communication privacy. Even based boomerware like IRC has to play second fiddle to them.
The only question is, "Which is better? XMPP or Matrix?"
https://lukesmith.xyz/articles/matrix-vs-xmpp
π‘ Read as well:
Internet Messaging versus Congested Network
#matrix #xmpp #privacy #amdocs #israel #intelligence
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
What are XMPP and Matrix and what makes them special?
XMPP and Matrix are two decentralized and federated free software projects for chat, including true end-to-end encrypted chat.
Users can either install the software on their own server if they want, but they can also easily register on any public serverβboth allow any XMPP or Matrix user to talk to users on their server or on any other one. In essence, it works like email: you might have an email account on a different site than your friend, but all accounts on all sites can communicate.
In a world where most communication is done on centralized proprietary platforms without end-to-end encryption like Facebook, Telegram and Google, Matrix and XMPP both are permanent solutions to communication privacy. Even based boomerware like IRC has to play second fiddle to them.
The only question is, "Which is better? XMPP or Matrix?"
https://lukesmith.xyz/articles/matrix-vs-xmpp
π‘ Read as well:
Internet Messaging versus Congested Network
#matrix #xmpp #privacy #amdocs #israel #intelligence
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Thoughts & Travels with Andrew
Internet Messaging versus Congested Network
A snow storm in the Sierras knocked out power, cell towers, internet connectivity, and emergency communication systems. There is a DSL line where we were staying to which wifi is connected--only available in theβ¦
"Your account has been deactivated"
I've received that message today. I'm from Belarus.
"We noticed an issue when verifying your account. The legal entity information associated with your account fully matches a restricted party or one or more parties from the United States government's consolidated screening list, another government's sanctions list, or a restricted regions list."
I know nothing about sanctions but I'm 100% sure that's how sanctions should not work by discriminating developers from country which governments appeared in any sanctions list.
https://developer.apple.com/forums/thread/700036
#apple #developers #belarus #sanctions #usa
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
I've received that message today. I'm from Belarus.
"We noticed an issue when verifying your account. The legal entity information associated with your account fully matches a restricted party or one or more parties from the United States government's consolidated screening list, another government's sanctions list, or a restricted regions list."
I know nothing about sanctions but I'm 100% sure that's how sanctions should not work by discriminating developers from country which governments appeared in any sanctions list.
https://developer.apple.com/forums/thread/700036
#apple #developers #belarus #sanctions #usa
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π2
Foreign Office target of 'serious cyber incident'
The UK's Foreign, Commonwealth and Development Office (FCDO) was the target of a "serious cyber-security incident", it has emerged.
The details came via a tender document published on a government website, seemingly by mistake.
It revealed that cyber-security firm BAE Systems Applied Intelligence was called on for "urgent support".
The BBC understands unidentified hackers got inside the FCDO systems, but were detected.
https://www.bbc.co.uk/news/technology-60309335
#uk #fcdo #hacked
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
The UK's Foreign, Commonwealth and Development Office (FCDO) was the target of a "serious cyber-security incident", it has emerged.
The details came via a tender document published on a government website, seemingly by mistake.
It revealed that cyber-security firm BAE Systems Applied Intelligence was called on for "urgent support".
The BBC understands unidentified hackers got inside the FCDO systems, but were detected.
https://www.bbc.co.uk/news/technology-60309335
#uk #fcdo #hacked
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
BBC News
Foreign Office target of 'serious cyber incident'
The BBC understands hackers accessed its systems but were detected.
Forwarded from Riots & Resistance
Belarusian activists hacked railway servers in order to interfere with Russian troop relocations.
Hackers knows as "Cyber Guerillas" have hacked and encrypted the servers and the database of the Belarus railroad company. The backups were deleted as well. The goal of the attack was to make it harder for the Russian army to move its troops into Belarus.
#Russia has been gathering troops near Ukrainian borders for several months now. Earlier, #Belarus and Russia announced joint military exercises in February.
Hackers knows as "Cyber Guerillas" have hacked and encrypted the servers and the database of the Belarus railroad company. The backups were deleted as well. The goal of the attack was to make it harder for the Russian army to move its troops into Belarus.
#Russia has been gathering troops near Ukrainian borders for several months now. Earlier, #Belarus and Russia announced joint military exercises in February.
OATHqr - Turn your secrets into scannable QR codes
OATHqr helps you create security credentials for use with 2FA/MFA and other OATH-enabled apps. Use it to generate scannable QR codes for one-time password authenticator apps such as Aegis or YubiKey. Or skip the QR code altogether and paste the formatted otpauth URI it creates directly into OpenPGP-activated password managers such as the remarkable Pass standard unix password manager.
π‘ Features:
- Makes no external requests and may be run completely offline.
- Installable application can be added to mobile device home screen.
- Friendly form accessible to both sighted and non-sighted users.
- Utilizes strict default-src Content-Security Policy as sandbox.
- Proactively disables Google FLoC surveillance for affected users.
- Promotes ethical software alternatives to Google Authenticator.
- Automatic light/dark color scheme based on system preference.
https://codeberg.org/vhs/oathqr
#oathqr #qrcodes #2fa #mfa
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
OATHqr helps you create security credentials for use with 2FA/MFA and other OATH-enabled apps. Use it to generate scannable QR codes for one-time password authenticator apps such as Aegis or YubiKey. Or skip the QR code altogether and paste the formatted otpauth URI it creates directly into OpenPGP-activated password managers such as the remarkable Pass standard unix password manager.
π‘ Features:
- Makes no external requests and may be run completely offline.
- Installable application can be added to mobile device home screen.
- Friendly form accessible to both sighted and non-sighted users.
- Utilizes strict default-src Content-Security Policy as sandbox.
- Proactively disables Google FLoC surveillance for affected users.
- Promotes ethical software alternatives to Google Authenticator.
- Automatic light/dark color scheme based on system preference.
https://codeberg.org/vhs/oathqr
#oathqr #qrcodes #2fa #mfa
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Codeberg.org
oathqr
:iphone: Turn your secrets into scannable QR codes.
β€1π1
Binance, led by the worldβs richest crypto billionaire, is taking a $200 million stake in Forbes
Binance, the world's biggest cryptocurrency exchange, is making a $200 million strategic investment in Forbes, the 104-year-old magazine and digital publisher, CNBC has learned.
The funds will help Forbes execute on its plan to merge with a publicly traded special purpose acquisition company, or SPAC, in the first quarter, according to people with knowledge of the deal.
Investors have grown skeptical of SPAC deals generally, and media deals in particular, in recent months amid the broader stock market retrenchment. Binance will replace half of the $400 million in commitments from institutional investors announced by Forbes in August, said the people, who declined to be identified before the transaction is announced.
That would make Binance one of the top two biggest owners of Forbes, which will be listed on the New York Stock Exchange under the ticker FRBS, the people said. The crypto company will also get two directors out of nine total board seats, they said.
The move shows the increasing real-world influence of the crypto sector, which has seen surging valuations and minted a new class of billionaires amid global interest in digital assets. While crypto companies have gone public, affixed their names to sports arenas and flooded airwaves with celebrity endorsements, this is the sector's first big investment in a traditional U.S. media property.
https://www.cnbc.com/2022/02/10/forbes-spac-binance-led-by-the-worlds-richest-crypto-billionaire-is-taking-a-200-million-stake-in-forbes-.html
#binance #crypto #forbes
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Binance, the world's biggest cryptocurrency exchange, is making a $200 million strategic investment in Forbes, the 104-year-old magazine and digital publisher, CNBC has learned.
The funds will help Forbes execute on its plan to merge with a publicly traded special purpose acquisition company, or SPAC, in the first quarter, according to people with knowledge of the deal.
Investors have grown skeptical of SPAC deals generally, and media deals in particular, in recent months amid the broader stock market retrenchment. Binance will replace half of the $400 million in commitments from institutional investors announced by Forbes in August, said the people, who declined to be identified before the transaction is announced.
That would make Binance one of the top two biggest owners of Forbes, which will be listed on the New York Stock Exchange under the ticker FRBS, the people said. The crypto company will also get two directors out of nine total board seats, they said.
The move shows the increasing real-world influence of the crypto sector, which has seen surging valuations and minted a new class of billionaires amid global interest in digital assets. While crypto companies have gone public, affixed their names to sports arenas and flooded airwaves with celebrity endorsements, this is the sector's first big investment in a traditional U.S. media property.
https://www.cnbc.com/2022/02/10/forbes-spac-binance-led-by-the-worlds-richest-crypto-billionaire-is-taking-a-200-million-stake-in-forbes-.html
#binance #crypto #forbes
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
CNBC
Binance, led by the worldβs richest crypto billionaire, is taking a $200 million stake in Forbes
The move shows the increasing influence of the crypto industry with the sector's first big investment in a traditional U.S. media property.
π3
The_Bvp47_a_top-tier_backdoor_of_us_nsa_equation_group.en.pdf
28.3 MB
Bvp47: Top-tier Backdoor of US NSA Equation Group
In 2016 and 2017, βThe Shadow Brokersβ published two batches of hacking files claimed to be used by
βThe Equation Groupβ. In these hacking files, researchers form Pangu Lab found the private key that can
be used to remotely trigger the backdoor Bvp47. Therefor, It can be concluded that Bvp47 is a hacker tool
belonging to " The Equation Group".
https://files.shitpost.to/rvfxfdj9zmajdtww.pdf?key=SxiRfjPs1SFpxU2gUK5PBmx08w2KTIL7
β οΈ I strongly advise everyone to pass pdfs through something like DangerZone or MAT2 before opening them.
#Bvp47 #nsa #backdoor #pdf
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
In 2016 and 2017, βThe Shadow Brokersβ published two batches of hacking files claimed to be used by
βThe Equation Groupβ. In these hacking files, researchers form Pangu Lab found the private key that can
be used to remotely trigger the backdoor Bvp47. Therefor, It can be concluded that Bvp47 is a hacker tool
belonging to " The Equation Group".
https://files.shitpost.to/rvfxfdj9zmajdtww.pdf?key=SxiRfjPs1SFpxU2gUK5PBmx08w2KTIL7
β οΈ I strongly advise everyone to pass pdfs through something like DangerZone or MAT2 before opening them.
#Bvp47 #nsa #backdoor #pdf
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π1
email2phonenumber
email2phonenumber is an OSINT tool that allows you to obtain a target's phone number just by having his email address.
π‘ For full details check:
https://www.martinvigo.com/email2phonenumber
π‘ Demo:
https://www.youtube.com/watch?v=dfvqhDUn81s
βΌοΈ IMPORTANT:
*email2phonenumber is a proof-of-concept tool I wrote during my research on new OSINT methodologies to obtain a target's phone number. The supported services (Ebay, Lastpass, Amazon and Twitter) have long added protections to protect from these type of scraping like having to receive a code over email first or simply adding captchas. There are of course many other sites that are still leaking phone number digits but I am focused on other research projects. Feel free to submit pull request if you want to add support for new sites.
Please check out my newer tool "Phonerator", which is maintained and focuses on the novel aspect of this research, generating valid phone numbers. See more details. There is also a small OSINT challenge in there... ;)
https://github.com/martinvigo/email2phonenumber
https://www.martinvigo.com/tools/phonerator/
#osint #email2phonenumber #phonerator
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
email2phonenumber is an OSINT tool that allows you to obtain a target's phone number just by having his email address.
π‘ For full details check:
https://www.martinvigo.com/email2phonenumber
π‘ Demo:
https://www.youtube.com/watch?v=dfvqhDUn81s
βΌοΈ IMPORTANT:
*email2phonenumber is a proof-of-concept tool I wrote during my research on new OSINT methodologies to obtain a target's phone number. The supported services (Ebay, Lastpass, Amazon and Twitter) have long added protections to protect from these type of scraping like having to receive a code over email first or simply adding captchas. There are of course many other sites that are still leaking phone number digits but I am focused on other research projects. Feel free to submit pull request if you want to add support for new sites.
Please check out my newer tool "Phonerator", which is maintained and focuses on the novel aspect of this research, generating valid phone numbers. See more details. There is also a small OSINT challenge in there... ;)
https://github.com/martinvigo/email2phonenumber
https://www.martinvigo.com/tools/phonerator/
#osint #email2phonenumber #phonerator
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Martin Vigo
From email to phone number, a new OSINT approach - Martin Vigo
How to find out someone's phone number if you just know their email address and how it can be automated using a new OSINT tool: email2phonenumber
π7π₯2
Ukraine calls on hacker underground to defend against Russia
Feb 24 (Reuters) - The government of Ukraine is asking for volunteers from the country's hacker underground to help protect critical infrastructure and conduct cyber spying missions against Russian troops, according two people involved in the project.
As Russian forces attacked cities across Ukraine, requests for volunteers began to appear on hacker forums on Thursday morning, as many residents fled the capital Kyiv. read more
"Ukrainian cybercommunity! It's time to get involved in the cyber defense of our country," the post read, asking hackers and cybersecurity experts to submit an application via Google docs, listing their specialties, such as malware development, and professional references.
Yegor Aushev, co-founder of a cybersecurity company in Kyiv, told Reuters he wrote the post at the request of a senior Defense Ministry official who contacted him on Thursday. Aushev's firm Cyber Unit Technologies is known for working with Ukraine's government on the defense of critical infrastructure.
https://www.reuters.com/world/exclusive-ukraine-calls-hacker-underground-defend-against-russia-2022-02-24/
#ukraine #russia #hacker #cyberdefence
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Feb 24 (Reuters) - The government of Ukraine is asking for volunteers from the country's hacker underground to help protect critical infrastructure and conduct cyber spying missions against Russian troops, according two people involved in the project.
As Russian forces attacked cities across Ukraine, requests for volunteers began to appear on hacker forums on Thursday morning, as many residents fled the capital Kyiv. read more
"Ukrainian cybercommunity! It's time to get involved in the cyber defense of our country," the post read, asking hackers and cybersecurity experts to submit an application via Google docs, listing their specialties, such as malware development, and professional references.
Yegor Aushev, co-founder of a cybersecurity company in Kyiv, told Reuters he wrote the post at the request of a senior Defense Ministry official who contacted him on Thursday. Aushev's firm Cyber Unit Technologies is known for working with Ukraine's government on the defense of critical infrastructure.
https://www.reuters.com/world/exclusive-ukraine-calls-hacker-underground-defend-against-russia-2022-02-24/
#ukraine #russia #hacker #cyberdefence
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Reuters
EXCLUSIVE Ukraine calls on hacker underground to defend against Russia
The government of Ukraine is asking for volunteers from the country's hacker underground to help protect critical infrastructure and conduct cyber spying missions against Russian troops, according two people involved in the project.
β€2π2
Brave takes the spring out of creepy bounce tracking
Just say no to websites bypassing privacy protections with sneaky redirects
Browser maker Brave has developed a new way to ground "bounce tracking," a sneaky technique for bypassing privacy defenses in order to track people across different websites.
Bounce tracking, also known as redirect tracking, dates back at least to 2014 when ad companies were looking for ways to avoid third-party cookie blocking defenses.
"Bounce tracking is a way for trackers to track you even if browser-level privacy protections are in place," explained Peter Synder, senior director of privacy at Brave, on Tuesday.
"Privacy respecting browsers try to prevent sites from learning about your behaviors and activities on other sites. Bounce tracking attempts to circumvent these protections by gaming how your browser behaves when you browse from one site to another."
Say a website embeds a third-party script from info.tracker. When the website is visited, the third-party script tries to read third-party cookies from info.tracker that have been stored in the visitor's browser.
If it can't β because third-party cookies are blocked β the script redirects to the info.tracker domain by writing a new URL to the browser's window.location object or via some link hijacking method like injecting an info.tracker iframe into the original website.
Doing so puts info.tracker into a first-party context, enabling it to set tracking cookies.
Info.tracker then redirects back to the original website URL and info.tracker cookies can then be read in third-party contexts. By doing so across multiple different websites, info.tracker can develop a profile of the people's interests.
To curtail privacy intrusions of this sort, Brave software engineer Aleksey Khoroshilov and senior software engineer Ivan Efremov devised a defense called Unlinkable Bouncing.
https://www.theregister.com/2022/03/09/brave_bounce_tracking/
#brave #browser #bounce #tracking #privacy
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Just say no to websites bypassing privacy protections with sneaky redirects
Browser maker Brave has developed a new way to ground "bounce tracking," a sneaky technique for bypassing privacy defenses in order to track people across different websites.
Bounce tracking, also known as redirect tracking, dates back at least to 2014 when ad companies were looking for ways to avoid third-party cookie blocking defenses.
"Bounce tracking is a way for trackers to track you even if browser-level privacy protections are in place," explained Peter Synder, senior director of privacy at Brave, on Tuesday.
"Privacy respecting browsers try to prevent sites from learning about your behaviors and activities on other sites. Bounce tracking attempts to circumvent these protections by gaming how your browser behaves when you browse from one site to another."
Say a website embeds a third-party script from info.tracker. When the website is visited, the third-party script tries to read third-party cookies from info.tracker that have been stored in the visitor's browser.
If it can't β because third-party cookies are blocked β the script redirects to the info.tracker domain by writing a new URL to the browser's window.location object or via some link hijacking method like injecting an info.tracker iframe into the original website.
Doing so puts info.tracker into a first-party context, enabling it to set tracking cookies.
Info.tracker then redirects back to the original website URL and info.tracker cookies can then be read in third-party contexts. By doing so across multiple different websites, info.tracker can develop a profile of the people's interests.
To curtail privacy intrusions of this sort, Brave software engineer Aleksey Khoroshilov and senior software engineer Ivan Efremov devised a defense called Unlinkable Bouncing.
https://www.theregister.com/2022/03/09/brave_bounce_tracking/
#brave #browser #bounce #tracking #privacy
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
The Register
Brave takes the spring out of creepy bounce tracking
Just say no to websites bypassing privacy protections with sneaky redirects
π11π1
Clone Wars - Open source clones of popular sites
100+ open-source clones and alternatives of popular sites like Airbnb, Amazon, Instagram, Netflix, TikTok, Spotify, WhatsApp, YouTube, etc. List contains source code, tutorials, demo links, tech stack, and GitHub stars count. Great for learning purpose!
https://github.com/GorvGoyl/Clone-Wars
#clonewars #opensource
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
100+ open-source clones and alternatives of popular sites like Airbnb, Amazon, Instagram, Netflix, TikTok, Spotify, WhatsApp, YouTube, etc. List contains source code, tutorials, demo links, tech stack, and GitHub stars count. Great for learning purpose!
https://github.com/GorvGoyl/Clone-Wars
#clonewars #opensource
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
GitHub
GitHub - GorvGoyl/Clone-Wars: 100+ open-source clones of popular sites like Airbnb, Amazon, Instagram, Netflix, Tiktok, Spotifyβ¦
100+ open-source clones of popular sites like Airbnb, Amazon, Instagram, Netflix, Tiktok, Spotify, Whatsapp, Youtube etc. See source code, demo links, tech stack, github stars. - GorvGoyl/Clone-Wars
π6π₯2
Staying online during a conflict
First of all, we hope that there won't come a time where you need to read this article. Nevertheless, since it may happen, here's how you can remain connected to the internet during incertain times.
Do note that this guide is covered for two scenarios: when your connection becomes less stable because of a conflict or when your country's slowly blocking social media platforms.
π‘ Element: a messaging app
Element is a messaging app that lets you talk with other users. If you pick a server in the region (e.g. one that you host yourself or one that the city's university hosts) then you won't lose your connection to the server.
Additionally, since this server can connect to any other Element (Matrix) server, you will always be able to communicate with the outside world whenever there's a brief connection.
This means it's very difficult to block. Your country cannot just block "the Signal server", they'll instead need to block every single hobbyist in the world that decides to set up a new server for Element.
π‘ Mastodon: Twitter unblocked
Mastodon uses very similar protocols to what Element uses: everyone can set up their own servers, which makes Mastodon hard to block.
Take a look at mastodon.social, ru.social, pleroma.chirno.tech, glasgow.social, witches.live, and many more.
Each of them hosts their own instance, that separately needs to be blocked from the internet. You can use instances.social to find a Mastodon instance that suits best for you.
π‘ PeerTube: when YouTube goes down
Do you need to share videos that YouTube may not want to share? Can you no longer access YouTube's foreign servers? Use PeerTube.
PeerTube allows you to broadcast your videos to whomever can see them. This can be very useful when your connection with YouTube is unstable and you'd like to share the videos yourself anyway.
π‘ Conclusion
Using these platforms, you will be able to remain connected with the world better - in situations where connections aren't always stable, as well as if the government may decide to block websites.
Take good care of yourself, and we hope these tips will be helpful for you.
https://digital-justice.com/articles/connection-during-conflict.html
#tips #element #peertube #mastodon
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
First of all, we hope that there won't come a time where you need to read this article. Nevertheless, since it may happen, here's how you can remain connected to the internet during incertain times.
Do note that this guide is covered for two scenarios: when your connection becomes less stable because of a conflict or when your country's slowly blocking social media platforms.
π‘ Element: a messaging app
Element is a messaging app that lets you talk with other users. If you pick a server in the region (e.g. one that you host yourself or one that the city's university hosts) then you won't lose your connection to the server.
Additionally, since this server can connect to any other Element (Matrix) server, you will always be able to communicate with the outside world whenever there's a brief connection.
This means it's very difficult to block. Your country cannot just block "the Signal server", they'll instead need to block every single hobbyist in the world that decides to set up a new server for Element.
π‘ Mastodon: Twitter unblocked
Mastodon uses very similar protocols to what Element uses: everyone can set up their own servers, which makes Mastodon hard to block.
Take a look at mastodon.social, ru.social, pleroma.chirno.tech, glasgow.social, witches.live, and many more.
Each of them hosts their own instance, that separately needs to be blocked from the internet. You can use instances.social to find a Mastodon instance that suits best for you.
π‘ PeerTube: when YouTube goes down
Do you need to share videos that YouTube may not want to share? Can you no longer access YouTube's foreign servers? Use PeerTube.
PeerTube allows you to broadcast your videos to whomever can see them. This can be very useful when your connection with YouTube is unstable and you'd like to share the videos yourself anyway.
π‘ Conclusion
Using these platforms, you will be able to remain connected with the world better - in situations where connections aren't always stable, as well as if the government may decide to block websites.
Take good care of yourself, and we hope these tips will be helpful for you.
https://digital-justice.com/articles/connection-during-conflict.html
#tips #element #peertube #mastodon
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Digital-Justice
Staying online during a conflict
How to remain connected to the internet during a humanitarian conflict or war.
π6
Release: Roskomnadzor (820 GB)
In the Cyberwar category, we are listing 364,000 files from the Roskomnadzor, the Russian federal agency responsible for censorship of Russian media, specifically from the republic of Bashkortostan.
In the Cyberwar category, we are listing 340,000 files from the Π ΠΎΡΠΊΠΎΠΌΠ½Π°Π΄Π·ΠΎΡ or Roskomnadzor of the Russian Republic of Bashkortostan. By population, Bashkortostan is one of the larger republics of the Russian federation, and Roskomnadzor is the Russian federal agency responsible for the monitoring and censorship of Russian media.
Roskomnadzor's activities are always a matter of public interest to the people of Russia and to the world. Their recent actions have only emphasized this:
Roskomnadzor has given instructions about what can be said and ordered media outlets to delete stories that call Russia's invasion of Ukraine an Invasion. In response to Facebook's fact-checking Russia's statements about the war, Roskomnadzor began restricting access to Facebook before later blocking it. Roskomnadzor also threatened to block access to Russian Wikipedia over their article about the Russian invasion of Ukraine. This follows an established history of similar actions in the past.
The source, a part of Anonymous, urgently felt the Russian people should have access to information about their government. They also expressed their opposition to the Russian people being cut off from independent media and the outside world. We are publishing this release in anticipation of Russia potentially being cut off from the global internet on March 11, and hope Russians will have time to download this data, before then.
https://nitter.pussthecat.org/YourAnonTV/status/1501942349550653443
via Twitter
https://www.jpost.com/breaking-news/article-700940
π‘ Download (817.5 GB)
https://ddosxlvzzow7scc7egy75gpke54hgbg2frahxzaw6qq5osnzm7wistid.onion/wiki/Roskomnadzor
#OpRussia #anonymous #roskomnadzor #cyberwar #ukraine
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
In the Cyberwar category, we are listing 364,000 files from the Roskomnadzor, the Russian federal agency responsible for censorship of Russian media, specifically from the republic of Bashkortostan.
In the Cyberwar category, we are listing 340,000 files from the Π ΠΎΡΠΊΠΎΠΌΠ½Π°Π΄Π·ΠΎΡ or Roskomnadzor of the Russian Republic of Bashkortostan. By population, Bashkortostan is one of the larger republics of the Russian federation, and Roskomnadzor is the Russian federal agency responsible for the monitoring and censorship of Russian media.
Roskomnadzor's activities are always a matter of public interest to the people of Russia and to the world. Their recent actions have only emphasized this:
Roskomnadzor has given instructions about what can be said and ordered media outlets to delete stories that call Russia's invasion of Ukraine an Invasion. In response to Facebook's fact-checking Russia's statements about the war, Roskomnadzor began restricting access to Facebook before later blocking it. Roskomnadzor also threatened to block access to Russian Wikipedia over their article about the Russian invasion of Ukraine. This follows an established history of similar actions in the past.
The source, a part of Anonymous, urgently felt the Russian people should have access to information about their government. They also expressed their opposition to the Russian people being cut off from independent media and the outside world. We are publishing this release in anticipation of Russia potentially being cut off from the global internet on March 11, and hope Russians will have time to download this data, before then.
https://nitter.pussthecat.org/YourAnonTV/status/1501942349550653443
via Twitter
https://www.jpost.com/breaking-news/article-700940
π‘ Download (817.5 GB)
https://ddosxlvzzow7scc7egy75gpke54hgbg2frahxzaw6qq5osnzm7wistid.onion/wiki/Roskomnadzor
#OpRussia #anonymous #roskomnadzor #cyberwar #ukraine
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π₯7π1
Former Canadian Government Employee Extradited to the United States to Face Charges for Dozens of Ransomware Attacks Resulting in the Payment of Tens of Millions of Dollars in Ransoms
A Canadian man was extradited yesterday from Canada to the United States on an indictment returned in the Middle District of Florida that charges him with conspiracy to commit computer fraud and wire fraud, intentional damage to a protected computer, and transmitting a demand in relation to damaging a protected computer arising from his alleged participation in a sophisticated form of ransomware known as NetWalker. NetWalker ransomware has targeted dozens of victims all over the world, including companies, municipalities, hospitals, law enforcement, emergency services, school districts, colleges, and universities. Attacks have specifically targeted the healthcare sector during the COVID-19 pandemic, taking advantage of the global crisis to extort victims.
According to court documents, Sebastien Vachon-Desjardins, 34, of Gatineau, Quebec, Canada, from April through December 2020, conspired to and did intentionally damage a protected computer and transmit a ransom demand in connection with doing so. The indictment also alleges that the United States intends to forfeit more than $27 million, which is alleged to be traceable to proceeds of the offenses. The defendant will make his initial appearance today in federal court in Tampa before U.S. Magistrate Judge Julie S. Sneed.
https://www.justice.gov/opa/pr/former-canadian-government-employee-extradited-united-states-face-charges-dozens-ransomware
#NetWalker #ransomware #usa #canada
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
A Canadian man was extradited yesterday from Canada to the United States on an indictment returned in the Middle District of Florida that charges him with conspiracy to commit computer fraud and wire fraud, intentional damage to a protected computer, and transmitting a demand in relation to damaging a protected computer arising from his alleged participation in a sophisticated form of ransomware known as NetWalker. NetWalker ransomware has targeted dozens of victims all over the world, including companies, municipalities, hospitals, law enforcement, emergency services, school districts, colleges, and universities. Attacks have specifically targeted the healthcare sector during the COVID-19 pandemic, taking advantage of the global crisis to extort victims.
According to court documents, Sebastien Vachon-Desjardins, 34, of Gatineau, Quebec, Canada, from April through December 2020, conspired to and did intentionally damage a protected computer and transmit a ransom demand in connection with doing so. The indictment also alleges that the United States intends to forfeit more than $27 million, which is alleged to be traceable to proceeds of the offenses. The defendant will make his initial appearance today in federal court in Tampa before U.S. Magistrate Judge Julie S. Sneed.
https://www.justice.gov/opa/pr/former-canadian-government-employee-extradited-united-states-face-charges-dozens-ransomware
#NetWalker #ransomware #usa #canada
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
www.justice.gov
Former Canadian Government Employee Extradited to the United States to Face Charges for Dozens of Ransomware Attacks Resultingβ¦
A Canadian man was extradited yesterday from Canada to the United States on an indictment returned in the Middle District of Florida that charges him with conspiracy to commit computer fraud and wire fraud, intentional damage to a protected computer, andβ¦
#Emotet E5 Update - Within the last several hours, we have seen some bots on the Epoch 5 botnet begin to drop SystemBC now as a module and execute it. This is the first drop beyond Cobalt Strike that we have seen since Emotet returned. This is a significant change 1/x
https://nitter.pussthecat.org/Cryptolaemus1/status/1502069552246575105
via Twitter
#emotet
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
https://nitter.pussthecat.org/Cryptolaemus1/status/1502069552246575105
via Twitter
#emotet
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Nitter
Cryptolaemus (@Cryptolaemus1)
#Emotet E5 Update - Within the last several hours, we have seen some bots on the Epoch 5 botnet begin to drop SystemBC now as a module and execute it. This is the first drop beyond Cobalt Strike that we have seen since Emotet returned. This is a significantβ¦
π1
Privacy and the Future of the Internet
The Internet is at a critical juncture. As it has been for the past decade or so, those who care about privacy and social morality are (practically) barred from participation in interest-based "focus groups", because most of them are still on Facebook, Twitter, YouTube and other anti-social networks. Even websites that have nothing to do with these networks have forgone self-management of user accounts in favor of "social logins," which are only useful until Facebook blocks your account and you realize you're now blocked from everything, and the only customer support available is provided by bots who were programmed to fix nothing and provide no information.
Government-provided services around the world are becoming more and more difficult to receive without installing apps spyware on your smartphone. Search engines grow more and more unusable every day, and our ability to self-govern is being taken away by money-hungry startups and corporations who are looking to "make the world a better place." Finally, the Internet as a whole is now nothing more than a shopping mall, where visitors implicitly consent to being searched.
https://ido50.net/rants/privacy-and-the-future-of-the-internet
#privacy #internet
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
The Internet is at a critical juncture. As it has been for the past decade or so, those who care about privacy and social morality are (practically) barred from participation in interest-based "focus groups", because most of them are still on Facebook, Twitter, YouTube and other anti-social networks. Even websites that have nothing to do with these networks have forgone self-management of user accounts in favor of "social logins," which are only useful until Facebook blocks your account and you realize you're now blocked from everything, and the only customer support available is provided by bots who were programmed to fix nothing and provide no information.
Government-provided services around the world are becoming more and more difficult to receive without installing apps spyware on your smartphone. Search engines grow more and more unusable every day, and our ability to self-govern is being taken away by money-hungry startups and corporations who are looking to "make the world a better place." Finally, the Internet as a whole is now nothing more than a shopping mall, where visitors implicitly consent to being searched.
https://ido50.net/rants/privacy-and-the-future-of-the-internet
#privacy #internet
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
ido50.net
Privacy and the Future of the Internet | Ido Perlmuter
Personal Website of Ido Perlmuter
π7π₯1
Media is too big
VIEW IN TELEGRAM
Ukraine On Fire
Ukraine. Across its eastern border is Russia and to its west-Europe. For centuries, it has been at the center of a tug-of-war between powers seeking to control its rich lands and access to the Black Sea. 2014's Maidan Massacre triggered a bloody uprising that ousted president Viktor Yanukovych and painted Russia as the perpetrator by Western media. But was it?
π‘ One or the other may wonder why this movie was posted here in this Channel. Well, the last few days did show that the war between Russia and Ukraine is also a major threat to security/privacy/democracy in the global - but especially in the Russian Net.
#cyberwar #war #security #privacy #democracy #ukraine #russia #usa
π₯@cRyPtHoN_INFOSEC_FR
π₯@cRyPtHoN_INFOSEC_EN
π₯@cRyPtHoN_INFOSEC_DE
π₯@BlackBox_Archiv
Ukraine. Across its eastern border is Russia and to its west-Europe. For centuries, it has been at the center of a tug-of-war between powers seeking to control its rich lands and access to the Black Sea. 2014's Maidan Massacre triggered a bloody uprising that ousted president Viktor Yanukovych and painted Russia as the perpetrator by Western media. But was it?
π‘ One or the other may wonder why this movie was posted here in this Channel. Well, the last few days did show that the war between Russia and Ukraine is also a major threat to security/privacy/democracy in the global - but especially in the Russian Net.
#cyberwar #war #security #privacy #democracy #ukraine #russia #usa
π₯@cRyPtHoN_INFOSEC_FR
π₯@cRyPtHoN_INFOSEC_EN
π₯@cRyPtHoN_INFOSEC_DE
π₯@BlackBox_Archiv
π4π3π₯1
BlackBox (Security) Archiv
Privacy and the Future of the Internet The Internet is at a critical juncture. As it has been for the past decade or so, those who care about privacy and social morality are (practically) barred from participation in interest-based "focus groups", becauseβ¦
Real names and pseudonyms of leading Conti members
An actor on Exploit and XSS criminal forums just shared a list of real names and aliases that allegedly belong to top Conti members
Andrey Yuryevich Zhuykov -> "Defender"
Maksim Khaliullin -> "Kagas", "maxfax"
Eduard Mizurov -> "modar"
Dimitriy Kornev -> "mustang"
Mikhail Zlydnev -> "sitev"
Andrey Maximov -> "untouch"
Sergey Gorko -> "Salamandra"
Sergey Guryev -> "Stakan"
Maksim Rudenskiy -> "silver", "buza"
Maksim Galochkin -> "Bentley", "volhvb"
https://nitter.pussthecat.org/y_advintel/status/1502348645877833736
via Twitter
#cyberwar #conti #ransomware #leak
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
An actor on Exploit and XSS criminal forums just shared a list of real names and aliases that allegedly belong to top Conti members
Andrey Yuryevich Zhuykov -> "Defender"
Maksim Khaliullin -> "Kagas", "maxfax"
Eduard Mizurov -> "modar"
Dimitriy Kornev -> "mustang"
Mikhail Zlydnev -> "sitev"
Andrey Maximov -> "untouch"
Sergey Gorko -> "Salamandra"
Sergey Guryev -> "Stakan"
Maksim Rudenskiy -> "silver", "buza"
Maksim Galochkin -> "Bentley", "volhvb"
https://nitter.pussthecat.org/y_advintel/status/1502348645877833736
via Twitter
#cyberwar #conti #ransomware #leak
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π1
Telegram Trilateration
Telegram Finally listened!
It took them over a YEAR to realize their mistake but they FINALLY lowered the accuracy of the "People Nearby" function. Or it might be that the huge sudden outburst of negativity from Russian and Ukrainian media has finally made them come to senses Β―\_(γ)_/Β―
Either way, when you run the function now, you will only see results of 500m, 1km, 2km, etc. I have little faith left in Telegram when it comes to privacy and taking issues seriously. This repository will stay online, but be adviced that none of the data collection methods in here will work as expected.
https://github.com/jkctech/Telegram-Trilateration
π‘ Read as well:
https://nitter.pussthecat.org/JKCTech/status/1489712467248926728
via Twitter
#telegram #peoplenearby
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Telegram Finally listened!
It took them over a YEAR to realize their mistake but they FINALLY lowered the accuracy of the "People Nearby" function. Or it might be that the huge sudden outburst of negativity from Russian and Ukrainian media has finally made them come to senses Β―\_(γ)_/Β―
Either way, when you run the function now, you will only see results of 500m, 1km, 2km, etc. I have little faith left in Telegram when it comes to privacy and taking issues seriously. This repository will stay online, but be adviced that none of the data collection methods in here will work as expected.
https://github.com/jkctech/Telegram-Trilateration
π‘ Read as well:
https://nitter.pussthecat.org/JKCTech/status/1489712467248926728
via Twitter
#telegram #peoplenearby
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
GitHub
GitHub - jkctech/Telegram-Trilateration: Proof of concept for abusing Telegram's "People Near Me" feature and tracking people'sβ¦
Proof of concept for abusing Telegram's "People Near Me" feature and tracking people's location - jkctech/Telegram-Trilateration
π4
Exclusive: U.S. spy agency probes sabotage of satellite internet during Russian invasion, sources say
March 11 (Reuters) - Western intelligence agencies are investigating a cyberattack by unidentified hackers that disrupted broadband satellite internet access in Ukraine coinciding with Russia's invasion, according to three people with direct knowledge of the incident.
Analysts for the U.S. National Security Agency, French government cybersecurity organization ANSSI, and Ukrainian intelligence are assessing whether the remote sabotage of a satellite internet provider's service was the work of Russian-state backed hackers preparing the battlefield by attempting to sever communications.
The digital blitz on the satellite service began on Feb. 24 between 5 a.m. and 9 a.m., just as Russian forces started going in and firing missiles, striking major Ukrainian cities including the capital, Kyiv.
The consequences are still being investigated but satellite modems belonging to tens of thousands of customers in Europe were knocked offline, according to an official of U.S. telecommunications firm Viasat, which owns the affected network.
https://www.reuters.com/world/europe/exclusive-us-spy-agency-probes-sabotage-satellite-internet-during-russian-2022-03-11/
#russia #ukraine #sabotage #satellite #internet #cyberwar
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
March 11 (Reuters) - Western intelligence agencies are investigating a cyberattack by unidentified hackers that disrupted broadband satellite internet access in Ukraine coinciding with Russia's invasion, according to three people with direct knowledge of the incident.
Analysts for the U.S. National Security Agency, French government cybersecurity organization ANSSI, and Ukrainian intelligence are assessing whether the remote sabotage of a satellite internet provider's service was the work of Russian-state backed hackers preparing the battlefield by attempting to sever communications.
The digital blitz on the satellite service began on Feb. 24 between 5 a.m. and 9 a.m., just as Russian forces started going in and firing missiles, striking major Ukrainian cities including the capital, Kyiv.
The consequences are still being investigated but satellite modems belonging to tens of thousands of customers in Europe were knocked offline, according to an official of U.S. telecommunications firm Viasat, which owns the affected network.
https://www.reuters.com/world/europe/exclusive-us-spy-agency-probes-sabotage-satellite-internet-during-russian-2022-03-11/
#russia #ukraine #sabotage #satellite #internet #cyberwar
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Reuters
Exclusive: U.S. spy agency probes sabotage of satellite internet during Russian invasion, sources say
Western intelligence agencies are investigating a cyberattack by unidentified hackers that disrupted broadband satellite internet access in Ukraine coinciding with Russia's invasion, according to three people with direct knowledge of the incident.
π2