Cybersecurity Tips

Share this post

๐Ÿฆ Twitter data breach, another Google ban and how Google Authenticator works - Newsletter #4

cyb3rsecurity.tips

๐Ÿฆ Twitter data breach, another Google ban and how Google Authenticator works - Newsletter #4

Plus: a few interesting things I read last month.

Nuno
Aug 7, 2022
2
Share this post

๐Ÿฆ Twitter data breach, another Google ban and how Google Authenticator works - Newsletter #4

cyb3rsecurity.tips

As weโ€™re right in the silly season, I decided to change the Newsletter format, making it lighter and easier to read. Think of it as a pocket-sized newsletter for people laying on the beach but canโ€™t forget about Cybersecurity. I know you exist ๐Ÿ–๏ธ.

What I read last month

  • Digital Services Package: Commission welcomes the adoption by the European Parliament of the EU's new rulebook for digital services (European Comission)

  • Facebook data privacy scandal: A cheat sheet (Tech Republic)

  • DNS Esoterica - Why you can't dig Switzerland (Terrence Edenโ€™s Blog)

  • Your compliance obligations under the UKโ€™s Online Safety Bill; or, welcome to hell (WebDevLaw)

  • โ€˜Zero Trustโ€™ security is a poor choice of words (Mendhak) - Agree with this one and Iโ€™ll talk about this soon

  • TeamViewer installs suspicious font only useful for web fingerprinting (Ctrl.blog)

  • Will new UK data laws put adequacy agreement with EU at risk? (Techmonitor.ai)

  • Twitter data breach exposes contact details for 5.4M accounts; on sale for $30k (9to5Mac)

  • Denmark bans Gmail and Co from schools due to privacy concerns. (Tutanota)

  • People should be a LOT more mad about data collection than they are (Reddit)


Subscribe for my weekly newsletter and other Cybersecurity thoughts


On Twitter

Twitter avatar for @LitMoose
Moose @LitMoose
I hate how accurate this is.
Image
4:57 PM โˆ™ Jul 30, 2022
2,444Likes407Retweets

This is indeed accurate. Well, sort of: if your InfoSec maturity is that low, you can spend 50k on the pentest and 450k on corrections. Either way, according to Cybersecurity Dive, the average ransomware payment is now 812k, so we might need to reconsider the calculations.

Twitter avatar for @Nickieyey
Nicky @Nickieyey
I have compiled a list of Best Cybersecurity Youtube Channels, that talk about various topics related to cybersecurity. Do check it out ๐Ÿ‘‡ Here is the link to the Github repository: github.com/Nickyie/Cybersโ€ฆ #Pentesting #CyberSec #cyberawarness #bugbounty #infosec #bugbounty
Image
5:27 AM โˆ™ Jul 31, 2022
2,176Likes661Retweets

Very interesting list for those who prefer a Video-like learning experience. Go check it out.

Twitter avatar for @geerlingguy
Jeff Geerling @geerlingguy
lol for one of my #opensource projects, an #infosec employee at @EpicGames emailed me this questionnaire with over 100 questions and wants me to fill it out so *they* can use my freely available open source software. No.
Image
7:24 PM โˆ™ Jun 30, 2022
4,916Likes629Retweets

The old Vendor Risk Assessment subject. This time, an Open Source developer was asked to fill a form by a corporation worth $31.5 billion dollars so they can use the software.

It certainly makes sense for the company to assess the software they use, but for an Open Source software with no guarantees, it might be asking too much.

Twitter avatar for @alexxubyte
Alex Xu @alexxubyte
How does ๐†๐จ๐จ๐ ๐ฅ๐ž ๐€๐ฎ๐ญ๐ก๐ž๐ง๐ญ๐ข๐œ๐š๐ญ๐จ๐ซ (or other types of 2-factor authenticators) work? Google authenticator is commonly used for logging into our accounts when 2-factor authentication is enabled. How does it guarantee security?
Image
3:42 PM โˆ™ Jul 20, 2022
3,823Likes923Retweets

Very interesting visual explanation about how Google Authenticator works. If you, like me, use it everyday, this is useful to understand how the transaction is done.

Twitter avatar for @HoodedNinjas
Hooded Ninjas @HoodedNinjas
Image
4:00 AM โˆ™ Jul 10, 2022
1,718Likes76Retweets

At least someone has them ๐Ÿ˜‚

Share this post

๐Ÿฆ Twitter data breach, another Google ban and how Google Authenticator works - Newsletter #4

cyb3rsecurity.tips
Previous
Next
Comments
TopNewCommunity

No posts

Ready for more?

ยฉ 2023 Nuno Batista
Privacy โˆ™ Terms โˆ™ Collection notice
Start WritingGet the app
Substackย is the home for great writing