soc.octade.net is a Fediverse instance that uses the ActivityPub protocol. In other words, users at this host can communicate with people that use software like Mastodon, Pleroma, Friendica, etc. all around the world.

This server runs the snac software and there is no automatic sign-up process.

Admin email
social@octade.net

Search results for tag #cybersecurity

[?]The New Oil » 🤖 🌐
@thenewoil@mastodon.thenewoil.org

[?]Negative PID SL » 🌐
@negativepid@mastodon.social

[?]The New Oil » 🤖 🌐
@thenewoil@mastodon.thenewoil.org

[?]The New Oil » 🤖 🌐
@thenewoil@mastodon.thenewoil.org

[?]The New Oil » 🤖 🌐
@thenewoil@mastodon.thenewoil.org

CyberFrog boosted

[?]BrianKrebs » 🌐
@briankrebs@infosec.exchange

New, by me: Felons, Fraudsters Flog Offensive Cybersecurity Startup

A cybersecurity startup dangling millions of dollars to acquire zero-day security vulnerabilities in popular software is run by a pair of far-right conspiracy theorists and convicted felons whose most recent ventures included fake intelligence companies and a now-defunct AI-based lobbying platform they operated under assumed names.

krebsonsecurity.com/2026/07/fe

A screenshot of two Twitter/X posts from the IRIS C2 account. One features a still shot from a video of a Dallas Cowboy cheerleader standing on a green field waving pom-poms and looking to the left. The caption reads: POV: You stopped screwing around with vendor bug bounties and make a lucrative living selling to Western exploit brokers instead. The post below that says, "Mom, how did we get so rich?" The reply: "Your father stopped d*cking around with bug bounty programs and sold his exploits to western governments."

Alt...A screenshot of two Twitter/X posts from the IRIS C2 account. One features a still shot from a video of a Dallas Cowboy cheerleader standing on a green field waving pom-poms and looking to the left. The caption reads: POV: You stopped screwing around with vendor bug bounties and make a lucrative living selling to Western exploit brokers instead. The post below that says, "Mom, how did we get so rich?" The reply: "Your father stopped d*cking around with bug bounty programs and sold his exploits to western governments."

A photo of Burkman (left) and Wohl) outside his Arlington, Va. in a 2020 press conference where they made up sexual assault allegations against public figures. Burkman is and standing at a podium in a blue suit. Wohl, also in a blue suit and tie, stands to the right of Burkman, looking down.

Alt...A photo of Burkman (left) and Wohl) outside his Arlington, Va. in a 2020 press conference where they made up sexual assault allegations against public figures. Burkman is and standing at a podium in a blue suit. Wohl, also in a blue suit and tie, stands to the right of Burkman, looking down.

    [?]The New Oil » 🤖 🌐
    @thenewoil@mastodon.thenewoil.org

    [?]Nicola Fabiano » 🌐
    @nicfab@fosstodon.org

    Daily Digest | 8 July 2026

    Your daily dose of Privacy, Data Protection, AI & Cybersecurity news.

    5 stories you should not miss.

    Read more: nicfab.eu/daily-digest/

      [?]ai0.news » 🌐
      @ai0news@mastodon.social

      Meta Muse Image sparks privacy backlash by letting anyone generate AI likenesses of public Instagram users without consent. Plus Microsoft cuts OpenAI reliance and LLMs uncover real crypto bugs.

      ai0.news/posts/2026-07-08-dail

        [?]thecybersecguru » 🌐
        @thecybersecguru@infosec.exchange

        🚨 GitHub had two trust failures in the same week. Neither broke cryptography. Neither hacked AI.

        They simply exploited the gap between what GitHub checks and what developers assume.

        1️⃣ Git Hash Chain Malleability
        A signed commit can be transformed into multiple different commit SHAs without the signing key.

        ✅ Same code
        ✅ Same signature
        ✅ Still shows Verified
        ❌ Different commit hash

        2️⃣ GitLost (AI Prompt Injection)
        GitHub's AI agent could be tricked into reading data from private repositories and posting it publicly through a malicious issue.

        One attacks cryptographic trust.
        The other attacks AI trust.

        Different bugs. Same lesson:
        "Verified" doesn't always mean what you think it means.

        Full breakdown with technical details 👇
        thecybersecguru.com/news/githu

          [?]Negative PID SL » 🌐
          @negativepid@mastodon.social

          [?]Negative PID SL » 🌐
          @negativepid@mastodon.social

          JJDavis :terminal: boosted

          [?]Conan the Sysadmin » 🤖 🌐
          @conansysadmin@mstdn.social

          Foolish kings decree secret entrances be built into every would-be fortress. Assassins use them and realms fall, yet no king learns. cromwell-intl.com/cybersecurit

            [?]Negative PID SL » 🌐
            @negativepid@mastodon.social

            [?]The New Oil » 🤖 🌐
            @thenewoil@mastodon.thenewoil.org

            [?]The New Oil » 🤖 🌐
            @thenewoil@mastodon.thenewoil.org

            [?]The New Oil » 🤖 🌐
            @thenewoil@mastodon.thenewoil.org

            [?]Hacker News » 🤖 🌐
            @h4ckernews@mastodon.social

            [?]The New Oil » 🤖 🌐
            @thenewoil@mastodon.thenewoil.org

            [?]/G|T|R|O|N|I|X\ :python: :emacs: :nix: :linux: » 🌐
            @gtronix@infosec.exchange

            "Help EFF Cut the AI Hype"

            "It's just the opposite for EFF. In the global race to build and dominate the AI industry, it can sure seem like the interests of ordinary people sit last on the agenda."

            eff.org/deeplinks/2026/07/help

              [?]The New Oil » 🤖 🌐
              @thenewoil@mastodon.thenewoil.org

              [?]The New Oil » 🤖 🌐
              @thenewoil@mastodon.thenewoil.org

              [?]The New Oil » 🤖 🌐
              @thenewoil@mastodon.thenewoil.org

              [?]Nicola Fabiano » 🌐
              @nicfab@fosstodon.org

              Daily Digest | 7 July 2026

              Your daily dose of Privacy, Data Protection, AI & Cybersecurity news.

              5 stories you should not miss.

              Read more: nicfab.eu/daily-digest/

                [?]Negative PID SL » 🌐
                @negativepid@mastodon.social

                [?]Negative PID SL » 🌐
                @negativepid@mastodon.social

                [?]Negative PID SL » 🌐
                @negativepid@mastodon.social

                [?]Negative PID SL » 🌐
                @negativepid@mastodon.social

                [?]knoppix » 🌐
                @knoppix95@mastodon.social

                Meta paused its employee-tracking MCI tool after an internal exposure made monitoring data accessible beyond intended staff. 🔒
                The AI training program logged keystrokes, mouse activity and screen content, and remains paused while data protection controls are reviewed. 🛡️

                🔗 wired.com/story/meta-pauses-em

                  [?]Blaze Trends » 🌐
                  @theblazetrends@mastodon.social

                  AI stylometry algorithms can identify anonymous authors with up to 99.8% accuracy just by counting subconscious function words. The technology is so precise it is sparking debates about whether writing style is biometric data.
                  blazetrends.com/how-ai-stylome

                    [?]Negative PID SL » 🌐
                    @negativepid@mastodon.social

                    [?]knoppix » 🌐
                    @knoppix95@mastodon.social

                    Google will begin enforcing Android developer verification for sideloaded apps in four countries on September 30, adding new installation checks. 📱 Unverified apps will require extra approval steps, while verified developers gain streamlined tools and limited accounts support before global expansion in 2027. 🔐

                    🔗 finance.biggo.com/news/2026062

                      [?]knoppix » 🌐
                      @knoppix95@mastodon.social

                      Pegasus spyware infected former MEP Stelios Kouloglou while he served on the European Parliament committee probing spyware abuse, Citizen Lab found. 🕵️‍♂️
                      EU civil society groups now urge stronger spyware rules, independent investigations, and safeguards for oversight, privacy, and accountability. 🛡️

                      🔗 edri.org/our-work/joint-statem

                        [?]thecybersecguru » 🌐
                        @thecybersecguru@infosec.exchange

                        🚨 WHOIS privacy is under pressure.

                        GoDaddy is challenging an Indian court ruling that could fundamentally change how domain privacy works by requiring:

                        🔹 Mandatory e-KYC for domain registrations
                        🔹 WHOIS privacy no longer enabled by default
                        🔹 Registrars to disclose registrant details within 72 hours to parties claiming a "legitimate interest"

                        This isn't just about India.

                        The outcome could influence domain privacy, ICANN policy, RDAP adoption, cybersecurity investigations, trademark enforcement, and the future of online anonymity worldwide.

                        I break down:
                        ✅ What the court actually ordered
                        ✅ Why GoDaddy is appealing
                        ✅ How WHOIS and RDAP really work
                        ✅ The privacy vs law enforcement debate
                        ✅ What it means for domain owners, security researchers, and businesses

                        Read the full analysis 👇
                        thecybersecguru.com/news/godad

                          [?]jcrabapple » 🌐
                          @jcrabapple@dmv.community

                          🔒 A 19-year-old cybercriminal was caught despite using a VPN across multiple countries - because Windows has a tracking number built into every install that a VPN can't hide.

                          Peter Stokes, arrested in Finland in April and extradited to the US last week, is tied to Scattered Spider, the hacking group behind the 2023 MGM and Caesars casino breaches. The group is linked to 100+ intrusions and over $100 million in extortion.

                          The FBI didn't crack his VPN. Microsoft handed over his Global Device ID (GDID), a unique identifier baked into every Windows installation at setup. It doesn't change when you update, switch networks, or use a VPN. The only way to reset it is a full OS reinstall.

                          Investigators matched Stokes's GDID across IP addresses in Estonia, New York, and Thailand, correlating with login times on his Snapchat, Apple, and Facebook accounts. The same device that breached a luxury jewelry retailer and demanded $8 million in ransom also logged into Snapchat and a video game from his real network.

                          So while VPNs mask your IP address, they were never designed to hide device-level identifiers embedded in your operating system. The tracking can live one layer deeper than the one most people defend.

                          Read more:
                          itnews.com.au/news/microsoft-d
                          databreachtoday.com/scattered-

                            [?]Negative PID SL » 🌐
                            @negativepid@mastodon.social

                            [?]xoron :verified: » 🌐
                            @xoron@infosec.exchange

                            Back to top - More...