Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
101010.pl is one of the many independent Mastodon servers you can use to participate in the fediverse.
101010.pl czyli najstarszy polski serwer Mastodon. Posiadamy wpisy do 2048 znaków.

Administered by:

Server stats:

559
active users

101010.pl: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.4.0-alpha.4

#cybersecurity

286 posts157 participants32 posts today
Public
gcve.eu

Five GNA register to Global CVE (GCVE) allocation system vuldb.com, Ericsson PSIRT, EACG, SCHUTZWERK and DFN-CERT.

If you want to join and get a unique identifier
gcve.eu/about/#eligibility-and

gcve.euAboutGCVE: Global CVE Allocation SystemThe Global CVE (GCVE) allocation system is a new, decentralized approach to vulnerability identification and numbering, designed to improve flexibility, scalability, and autonomy for participating entities. While remaining compatible with the traditional CVE system, GCVE introduces GCVE Numbering Authorities (GNAs). GNAs are independent entities that can allocate identifiers without relying on a centralised block distribution system or rigid policy enforcement. Key Concepts GCVE Numbering Authorities (GNA) A GCVE Numbering Authority (GNA) is an approved entity that is authorised to allocate GCVE identifiers.
#cve#gcve#cybersecurity
Public
Brian Clark

Sekoia has a good report out on Interlock ransomware. One thing that jumped out at me is the continued abuse of Cloudflare’s free trycloudflare[.]com service. This domain should be blocked if you want to avoid ransomware as this isn’t the only group using this service for C2 and remote access. If your developers need this kind of functionality, you should have them sign up for the inexpensive paid version of the service that allows for the use of your own custom domain name. #cybersecurity

From: @sekoia_io
infosec.exchange/@sekoia_io/11

Infosec ExchangeSekoia.io (@sekoia_io@infosec.exchange)Attached: 1 image Since the apparition of the #Interlock ransomware, the Sekoia #TDR team observed its operators evolving, improving their toolset (#LummaStealer and #BerserkStealer), and leveraging new techniques such as #ClickFix to deploy the ransomware payload. https://blog.sekoia.io/interlock-ransomware-evolving-under-the-radar/
Public
dan_nanni

Firewalls function at various layers of the OSI model. Basic stateless firewalls work at layers 3 and 4, filtering traffic by IP address and port. In contrast, application-layer firewalls operate at layer 7, analyzing the actual content of the traffic to make filtering decisions

Here is an overview of firewalls across OSI layers 😎👇 #infosec #sysadmin

Find high-res pdf books with all my #cybersecurity related infographics at study-notes.org

Public *
Terence Eden’s Blog

That's Not How A SIM Swap Attack Works

shkspr.mobi/blog/2025/04/thats

There's a disturbing article in The Guardian about a person who was on the receiving end of a successful cybersecurity attack.

EE texted to say they had processed my sim activation request, and the new sim would be active in 24 hours. I was told to contact them if I hadn’t requested this. I hadn’t, so I did so immediately. Twenty-four hours later, my mobile stopped working and money was withdrawn from my bank account.

With their alien sim, the ­fraudster infiltrated my handset and stole details for every account I had. Passwords and logins had been changed for my finance, retail and some social media accounts.

(Emphasis added.)

I realise it is in the consumer rights section of the newspaper, not the technology section, and I dare-say some editorialising has gone on, but that's nonsense.

Here's how a SIM swap works.

  1. Attacker convinces your phone company to reassign your telephone number to a new SIM.
  2. Attacker goes to a website where you have an account, and initiates a password reset.
  3. Website sends a verification code to your phone number, which is now in the hands of the attacker.
  4. Attacker supplies verification code and gets into your account.

Do you notice the missing step there?

At no point does the attacker "infiltrate" your handset. Your handset is still in your possession. The SIM is dead, but that doesn't give the attacker access to the phone itself. There is simply no way for someone to put a new SIM into their phone and automatically get access to your device.

Try it now. Take your SIM out of your phone and put it into a new one. Do all of your apps suddenly appear? Are your usernames and passwords visible to you? No.

There are ways to transfer your data from an iPhone or Android - but they require a lot more work than swapping a SIM.

So how did the attacker know which websites to target and what username to use?

What (Probably) Happened

Let's assume the person in the article didn't have malware on their device and hadn't handed over all their details to a cold caller.

The most obvious answer is that the attacker already knew the victim's email address. Maybe the victim gave out their phone number and email to some dodgy site, or they're listed on their contact page, or something like that.

The attacker now has two routes.

First is "hit and hope". They try the email address on hundreds of popular sites' password reset page until they get a match. That's time-consuming given the vast volume of websites.

Second is targetting your email. If the attacker can get into your email, they can see which sites you use, who your bank is, and where you shop. They can target those specific sites, perform a password reset, and get your details.

I strongly suspect it is the latter which has happened. The swapped SIM was used to reset the victim's email password. Once in the email, all the accounts were easily found. At no point was the handset broken into.

What can I do to protect myself?

It is important to realise that there's nothing you can do to prevent a SIM-swap attack! Your phone company is probably incompetent and their staff can easily be bribed. You do not control your phone number. If you get hit by a SIM swap, it almost certainly isn't your fault.

So here are some practical steps anyone can take to reduce the likelihood and effectiveness of this class of attack:

  • Remember that it's OK to lie to WiFi providers and other people who ask for your details. You don't need to give someone your email for a receipt. You don't need to hand over your real phone number on a survey. This is the most important thing you can do.
  • Try to hack yourself. How easy would it be for an attacker who had stolen your phone number to also steal your email address? Open up a private browser window and try to reset your email password. What do you notice? How could you secure yourself better?
  • Don't use SMS for two-factor authentication. If you are given a choice of 2FA methods, use a dedicated app. If the only option you're given is SMS - contact the company to complain, or leave for a different provider.
  • Don't rely on a setting a PIN for your SIM. The PIN only protects the physical SIM from being moved to a new device; it does nothing to stop your number being ported to a new SIM.
  • Finally, realise that professional criminals only need to be lucky once but you need to be lucky all the time.

Stay safe out there.

A padlock engraved into a circuit board.
Terence Eden’s Blog · That's Not How A SIM Swap Attack Works
More from Terence Eden
#2fa#CyberSecurity#MFA
Public
Terence Eden

🆕 blog! “That's Not How A SIM Swap Attack Works”

There's a disturbing article in The Guardian about a person who was on the receiving end of a successful cybersecurity attack.

EE texted to say they had processed my sim activation request, and the new sim would be active in 24 hours. I was told to contact them if I hadn’t requested this. I hadn’t, so I did …

👀 Read more: shkspr.mobi/blog/2025/04/thats

#2fa #CyberSecurity #MFA #security #sim

A padlock engraved into a circuit board.
Terence Eden’s Blog · That's Not How A SIM Swap Attack Works
More from Terence Eden
Public
Zeljka Zorz

Chris Krebs leaves SentinelOne

linkedin.com/posts/christopher

www.linkedin.comKrebs Organizational Announcement | Chris Krebs | 218 commentsToday I announced that I am stepping away from my position at SentinelOne. This is my decision, and mine alone. It has been a privilege to work with the incredible people at SentinelOne, and I want to express how thankful I am to the leadership team for their support. Check out the email below to read what I shared with my fellow Sentinels earlier today. In the meantime, as I said in the email, "For those who know me, you know I don’t shy away from tough fights. But I also know this is one I need to take on fully - outside of SentinelOne." So with that, let's go. Illegitimi non carborundum | 218 comments on LinkedIn
#cybersecurity
ExploreLive feeds
About