Info from 5.6 million patient visits among data stolen in ransomware attack on Ontario hospitals
https://www.cbc.ca/news/canada/windsor/ransomware-attack-third-bunch-data-hospital-1.7019701
Update mastodon.py by retiolus · Pull Request #44 · evilsocket/pwnagotchi-plugins-contrib
https://github.com/evilsocket/pwnagotchi-plugins-contrib/pull/44
Update and reformatting of the plugin, which was no longer working, was not optimised and did not provide enough information in the logs. Among other things, it no longer uses the Mastodon account ...
India's biggest tech centers named as cyber crime hotspots
https://www.theregister.com/2023/09/21/india_cybercrime_trends_report/
Global tech companies' Bharat offices attract the wrong sort of interest
22-year anniversary of Project Blinkenlights
breach not on the taxis?
does anyone have any idea what the new breach forums onion is? or why tor taxi and such don't share it anymore? is tor taxi or breech sussy?
Your favorite hacking / cyber podcasts?
I'm a big fan of Darknet Diaries and Smashing Security. I'm all the way caught up on them though so I'm wondering if there are any others out there I'm missing out on?
If this post gets a decent number of comments I'll create a list here of every podcast recommended.
https://dl.acm.org/doi/pdf/10.1145/358198.358210
Sensor Watch: a board swap for the classic Casio F-91W wristwatch
Sensor Watch
https://www.sensorwatch.net/
A board swap for the classic Casio F-91W wristwatch
Review: Beepy, A Palm-sized Linux Hacking Playground
Review: Beepy, A Palm-sized Linux Hacking Playground
https://hackaday.com/2023/08/07/review-beepy-a-palm-sized-linux-hacking-playground/
In the long ago times, when phones still flipped and modems sang proudly the songs of their people, I sent away for a set of Slackware CDs and embarked on a most remarkable journey. Back then, runn…
what is the best way to report internal security concerns in a corporate environment
I have repeatedly fund security concerns when working on internal applications. Simple things like sql injection, hard coded credentials, and privileged containers being run as the standard. I brought these up with my team lead, but he says that since its in the dev environment, it does not matter. To me, that is the totally wrong attitude to have about security. We should teach our developers how to not make these mistakes and fix them as we find them. Should I go over his head to report it to other managing parties? I want to say more, but am being as vague as possible just in case. How do I go about reporting internal vulnerabilities in a responsible way that won't make everyone hate me? I honestly believed that people would be happy to hear about their problems from me rather than get exploited but it does not seem to be the culture here.