c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
Community Rules
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected]
Notable mention to [email protected]
- Migrate away from Short Message Service (SMS)-based MFA
Then they should force banks and other financial institutions to actually implement it. Migrating away from SMS MFA doesn't work if the service provider doesn't offer it as an option in the first place.
- Do not use a personal virtual private network (VPN). Personal VPNs simply shift residual risks from your internet service provider (ISP) to the VPN provider, often increasing the attack surface. Many free and commercial VPN providers have questionable security and privacy policies. However, if your organization requires a VPN client to access its data, that is a different use case.
Nice try, fed! We all know how trustworthy ISPs are. While I'm at it, why don't I just install a backdoor for you? Maybe add a keylogger, as a treat?
Most of the advice is prescient, but this one is just stupid.
There are so many VPN providers selling your data, being operated by the feds, operated by cybercriminals etc. it really doesn't matter just as said in 8.