National Security Agency |Cybersecurity Information

Securing IPsec Virtual Private Networks

Many organizations currently utilizeIP Security (IPsec) Virtual Private Networks (VPNs) to connect remote sites andenable telework capabilities. These connections use cryptographytoprotect sensitive information that traversesuntrusted networks. To protect this trafficand ensure data confidentiality, it is critical that these VPNs use strong cryptography.This guidance identifiescommon VPN misconfigurations andvulnerabilities.

👀 PDF:
https://media.defense.gov/2020/Jul/02/2002355625/-1/-1/0/SECURING_IPSEC_VIRTUAL_PRIVATE_NETWORKS_EXECUTIVE_SUMMARY_2020_07_01_FINAL_RELEASE.PDF

#nsa #cybersecurity #IPsec #vpn #information #guide #pdf
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@NoGoolag
📡@BlackBox

Report: No-Log VPNs Exposed Users’ Logs and Personal Details for All to See

A group of free VPN (virtual private network) apps left their server completely open and accessible, exposing private user data for anyone to see. This lack of basic security measures in an essential part of a cybersecurity product is not just shocking. It also shows a total disregard for standard VPN practices that put their users at risk.

The vpnMentor research team, led by Noam Rotem, uncovered the server and found Personally Identifiable Information (PII) data for potentially over 20 million VPN users, according to claims of user numbers made by the VPNs.

Each of these VPNs claims that their services are “no-log” VPNs, which means that they don’t record any user activity on their respective apps. However, we found multiple instances of internet activity logs on their shared server. This was in addition to the PII data, which included email addresses, clear text passwords, IP addresses, home addresses, phone models, device ID, and other technical details.

The VPNs affected are UFO VPN, FAST VPN, Free VPN, Super VPN, Flash VPN, Secure VPN, and Rabbit VPN – all of which appear to be connected by a common app developer and white-labeled for other companies.

👀 👉🏼 https://www.vpnmentor.com/blog/report-free-vpns-leak/

#vpn #breach #leak #cybersecurity
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

PM Modi: India will soon have a new cyber security policy

During today's Independence Day speech, PM Modi announced India will soon introduce a new cyber security policy.

During today’s Independence Day speech, Prime Minister Narendra Modi said that technology will play a big role in developing the country. PM also made a crucial announcement related to the importance of cyber security. Modi announced India will soon introduce a new cyber security policy.

Addressing the nation from New Delhi’s Red Fort, PM Modi talked about threats from cyber space that can harm the country’s society, economy and development. He said, “threats from cyber space can endanger all these aspects of Indian life.” “The government is alert on this,” PM Modi said added and said the government of India will soon come out with a policy on this. The details related to the cyber security policy will be revealed in the days to come.

https://indianexpress.com/article/technology/tech-news-technology/pm-modi-india-will-have-a-new-cybersecurity-policy-soon-6555565/

#Asia #India #cybersecurity #policy

Budding cyber crims can now enrol at ‘hacker university’

For a one-off fee of $125, you too can become one of those scumbags who preys on elderly Internet users and small online businesses.

Cybersecurity software provider Armor this week revealed in its latest annual threat report that it has found a so-called ‘hacker university’ offering online courses that teach students how to commit various cyber crimes. These include how to access a router’s admin software; deploying ransomware; locating targets on compromised networks; and trafficking stolen credit card information, among others.

According to Armor, the ‘university’ also plans to sell its own range of ransomware, keyloggers password stealers, and trojans.

All of this is accessible for the low price of $125, paid in Bitcoin or Monero – a cryptocurrency that prides itself in offering anonymous payments.

“Creators of the site advertise that they want to ‘teach people about cybercrime and how to become a professional cybercriminal. By taking the course offered you will gain the knowledge and skills needed to hack an individual or company successfully with whatever malware you have at your disposal’,” said Armor, in its threat report.

Charming. Presumably the university doesn’t offer a course on ethics, where students are encouraged to try and reconcile their idealised image of hackers as modern-day outlaws with the reality that all they are really doing is stealing old peoples’ pensions.

Among the other findings in Armor’s report is an a la carte menu of various dark-Web products and services and their prices.

These include but are not limited to perennial favourites like an individual’s credit card information ($5-$35 depending on nationality and type of card) or DDoS attack ($100-$250 depending on the size of Website), to something a little more exotic, like personal identifiable information – street-name ‘fullz’ – or a white-label turnkey e-commerce platform that enables anyone to set up their own darkweb online store. There is even a service that offers to destroy a rival small business by bombarding it with spam and unwanted items ($185).

👀 👉🏼 https://telecoms.com/506692/budding-cyber-crims-can-now-enrol-at-hacker-university/

#cyber #crims #crime #hacker #university #cybersecurity #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Suspected Russian hack is much worse than first feared: Here's what you need to know

👉🏼 The U.S. Cybersecurity and Infrastructure Security Agency said the threat "poses a grave risk to the federal government."

👉🏼 CISA has not said who it thinks is the "advanced persistent threat actor" behind the "significant and ongoing" campaign, but many experts are pointing to Russia.

👉🏼 It's not clear exactly what the hackers have done beyond accessing top-secret U.S. government networks and monitoring data.

The scale of a sophisticated cyberattack on the U.S. government that was unearthed this week is much bigger than first anticipated.

The Cybersecurity and Infrastructure Security Agency said in a summary Thursday that the threat "poses a grave risk to the federal government."

It added that "state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations" are also at risk.

CISA believes the attack began at least as early as March. Since then, multiple government agencies have reportedly been targeted by the hackers, with confirmation from the Energy and Commerce departments so far.

"This threat actor has demonstrated sophistication and complex tradecraft in these intrusions," CISA said. "Removing the threat actor from compromised environments will be highly complex and challenging."

https://telegra.ph/Suspected-Russian-hack-is-much-worse-than-first-feared-Heres-what-you-need-to-know-12-18

via www.cnbc.com

#hacker #hacked #usa #russia #cybersecurity #cyberattack #compromised #cisa
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@NoGoolag
📡@BlackBox

Login To HELL: The nightmares of an infosec professional in South America

"In 2014, Alberto Daniel Hill, an expert in cybersecurity, found a security issue in a medical provider’s website. In reporting the issue, it led him to become the first person imprisoned in Uruguay for a computer-related crime—a crime he didn’t commit, and one that probably never even happened.

Alberto, a hacker, was the perfect target for a judicial system that doesn’t understand cybersecurity or cybercrimes. Through police misconduct and incompetence, his life was thrown into upheaval, and he is still recovering from a system where there are no guarantees of a fair trial.

https://media.ccc.de/v/rc3-625023-login_to_hell

🎙Darknetdiaries - EP 25: Alberto
https://t.me/BlackBox_Archiv/1678

#alberto #truecrime #darknetdiaries #rc3 #ccc #cybersecurity #cybercrime #podcast #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Apple Tracks Every Tap On Its App Store
@takebackourtech | SOURCE

iOS developers & privacy researchers at Mysk have recently found that the Apple App Store sends every tap you make to Apple.

https://nitter.takebackourtech.org/mysk_co/status/1588308341780262912

—
⚡️ Follow us
🗣 Discuss
📩 Newsletter

0xor0ne@infosec.exchange - Beginners introduction to stack buffer overflows by Stefano Lanaro

https://steflan-security.com/complete-guide-to-stack-buffer-overflow-oscp/

#infosec #cybersecurity #beginners #learning #BufferOverflow

KeePassXC Vulnerability CVE-2023-35866 allows attackers to change the master password and second-factor authentication settings
BY DO SON · JUNE 19, 2023

KeePassXC, a modern and secure password manager, is the bulwark of choice for many who demand the utmost security in managing their personal data. However, every fortress has its weakness. A recent vulnerability was discovered in KeePassXC: CVE-2023-35866.

mttaggart@infosec.exchange - Right so, in KeePassXC, if you have an unlocked session, the change password flow does not require you to enter the current database password.

That means someone who accesses the machine locally (Or via RDP? Maybe?) would be able to change those settings. But then, they'd also be able to just read the passwords so ¯\_(ツ)_/¯

#CVE202335866 #ThreatIntel #InfoSec #CyberSecurity


#KeepassXC

Leveraging Android Permissions: A Solver Approach – Thalium - 2022

The logic of the rules behind this system are mostly implemented in two framework services: PermissionManagerService and PackageManagerService.

Recently, those components have suffered from several vulnerabilities that were found through fuzzing. They led to critical privilege escalation without user consent.

In this blog post, we first present a case study of a permission management vulnerability. Then, we describe the solver approach we followed to help in the vulnerability research. Eventually, we explain a new vulnerability that was discovered thanks to the solver, and which was reported to Google.

#Cybersecurity #Vulnerabilities #ApplicationPermissions #Android

0xor0ne@infosec.exchange - Very cool series about persistence in Linux environments

Persistence map: https://pberba.github.io/assets/posts/common/20220201-linux-persistence.pdf

Auditd, Sysmon, Osquery: https://pberba.github.io/security/2021/11/22/linux-threat-hunting-for-persistence-sysmon-auditd-webshell/

Account Creation and Manipulation: https://pberba.github.io/security/2021/11/23/linux-threat-hunting-for-persistence-account-creation-manipulation/

Systemd, Timers, and Cron: https://pberba.github.io/security/2022/01/30/linux-threat-hunting-for-persistence-systemd-timers-cron/

Initialization Scripts and Shell Configuration: https://pberba.github.io/security/2022/02/06/linux-threat-hunting-for-persistence-initialization-scripts-and-shell-configuration/

Systemd Generators: https://pberba.github.io/security/2022/02/07/linux-threat-hunting-for-persistence-systemd-generators/

#Linux #kernel #malware #cybersecurity #infosec

France’s browser-based website blocking proposal will set a disastrous precedent for the open internet –Mozzila Blog

"In a well-intentioned yet dangerous move to fight online fraud, France is on the verge of forcing browsers to create a dystopian technical capability. It would force browser providers to create the means to mandatorily block websites present on a government provided list. Such a move will overturn decades of established content moderation norms and provide a playbook for authoritarian governments"

#censorship
#france #browser #cybersecurity #mozilla #security #surveillance

Privacy Companies Push Back Against EU Plot To End Online Privacy

An urgent appeal has been relayed to ministers across the #EU by a consortium of tech companies, exacting a grave warning against backing a proposed regulation focusing on child sexual abuse as a pretense to jeopardize the security integrity of internet services relying on end-to-end encryption and end privacy for all citizens.

In a open letter a total of 18 organizations – predominantly comprising providers of encrypted email and messaging services – have voiced concerns about the potential experimental regulation by the European Commission (EC), singling out the “detrimental” effects on children’s #privacy and #security and the possible dire repercussions for #cybersecurity.

#BigBrother #EUChatControl
#ChatControl #Encryption

Know Thy Enemy: The Taxonomies That Meta Uses to Map the Offensive Privacy Space

This talk introduces and examines privacy-inclusive taxonomies Meta has developed and uses to track privacy weaknesses, enumerate privacy adversarial TTPs, deconflict privacy and security efforts, and scale detection and remediation efforts. Taxonomies, such as #MITRE's #CVE, #CAPEC, and #ATT&CK® #frameworks, have long been used to track and understand cybersecurity weaknesses and the tactics of cyber adversaries. These taxonomies help #organizations stay abreast of trends, guide software development best practices, and pinpoint the most effective remediation and detection strategies to common #cybersecurity issues. As the field of offensive privacy matures, organizations require similar taxonomies to understand #privacy threats and align efforts across #security and privacy teams....

By: Zach Miller , David Renardy

Full Abstract and Presentation Materials

#OPSEC #Cybersecurity

So ive been doing a little research that was kicked off by listening to this 🔽 podcast posted in other channels.

https://t.me/FuryRoad_Intel/38724


https://podcast.app/anonymous-mobile-devices-e140593630/

From journalist:

It seems there is a way, albeit slightly convoluted to get an anonymous phone and messaging services. It requires a google phone bought with cash, swapped to grapheneOS, a prepaid cellular data plan and then getting a VOIP service. Im still fuzzy on the detail exactly, but using VOIP means that the number isnt tied to you and you never actually use the number that is tied to the sim card. If a cell towers sees the phone, it doesnt know who the phone belongs to. Then you would use signal for messaging also. Again if the communications were intercepted, they wouldnt know who the device belonged to. Could they figure it out? probably, but it requires more man hours and leg work. GrapheneOS doesnt call back home like android and apple do.

I listened to a podcast from the same guy from above and it was about how they caught people from Jan 6th. A lot of it was pretty common sense shit, like social media posts, facebook and google handing over all the data they have on a person or phone number. One guy they caught in part because of a news interview he gave in 2012 which gave them a very close name match and a voice match and tattoo match to a person they were looking for. Its crazy, no matter how innocuous you think something is it can be used against you a decade later.

Unboxing Elecrow ThinkNode M1 & M2 | #Meshtastic Setup, Field Test, Review & Off-Grid Comms Breakdown
https://rumble.com/v6v1uk1

In this video, I take you deep into the world of off-grid communication as I unbox and test two brand-new devices from Elecrow: the ThinkNode M1 and ThinkNode M2. These tools come pre-installed with Meshtastic firmware and are built for encrypted, decentralized communication — no SIM card, no Wi-Fi, and no cell towers required. Whether you’re prepping for a blackout, building a resilient mesh network, or just exploring survival tech, this video is packed with everything you need to know.

We start with a full unboxing of both devices, breaking down what makes each unique. The ThinkNode M1 is powered by the nRF52840 chip and includes a GPS module for location tracking, a 1.54” sunlight-readable EPD screen, and a 1200mAh battery built to last over 48 hours. It’s rugged, outdoor-ready, and ideal for emergency kits or remote travel. In contrast, the ThinkNode M2 is lighter, smaller, and powered by the ESP32-S3 chip. It includes a 1.3” OLED display, Bluetooth support, a 1000mAh battery, and is better suited for modular integration or stealthy builds.

After the unboxing, I walk you through a step-by-step setup of each device using the Meshtastic mobile app. I show you how to configure them, pair with Bluetooth, and get your private mesh network up and running in minutes. From there, I run live tests to see how each device performs in real-world conditions and compare their features, form factor, and best use cases.

If you’re interested in off-grid privacy tools, these are two of the most beginner-friendly and capable devices out there right now. I also include a breakdown of which device might be better depending on your needs—whether you’re building a neighborhood mesh or planning for emergency scenarios.

Make sure to check out the official product pages using the links below. These links track monthly performance, so I appreciate your support if you use them:

👉 ThinkNode M1:
https://www.elecrow.com/thinknode-m1-meshtastic-lora-signal-transceiver-powered-by-nrf52840-with-154-screen-support-gps.html?idd=5

👉 ThinkNode M2:
https://www.elecrow.com/thinknode-m2-meshtastic-lora-signal-transceiver-powered-by-esp32-s3-with-1-3-oled-display.html?idd=5

Elecrow is also running a giveaway where you can win LoRa modules or get PCB assembly sponsorship. Don’t miss this opportunity to level up your off-grid gear for free:
https://www.elecrow.com/blog/lora-modules-giveaway-and-pcb-assembly-sponsorship.html?idd=5

These tools are more than tech — they represent freedom. In a world where networks can go dark and censorship can silence, devices like these keep people connected, informed, and in control. With Meshtastic and LoRa, you are the signal. You are the network. And it’s all open source.

If you found this helpful, drop a comment, like the video, and subscribe for more content on off-grid tech, cybersecurity gadgets, and digital autonomy. Let me know which one you’d trust in your blackout bag — the rugged M1 or the sleek, portable M2.

⸻

📡 Hashtags:

#LoRa #Meshtastic #ThinkNodeM1 #ThinkNodeM2 #Elecrow #OffGridCommunication #EmergencyComms #GridDown #PreppingGear #TechUnboxing #ESP32 #nRF52840 #SurvivalTech #MeshNetworking #DecentralizedComms #EncryptedMessaging #HamRadioAlternative #LongRangeRadio #DigitalFreedom #TacticalTech #CyberSecurity #LoRaWAN #MeshRadio #HackerTools #BlackoutReady #BugOutBag #PrivacyTech #RadioComms #DisasterPreparedness #MeshtasticSetup #FreedomThroughTech