You don’t really trust this leftist liberal biased wikipedia, do you?

(/s to be sure)

I will do it tomorrow, no need to be stressed about this task today.

Funny when a zero day vulnerability keeps its status for 100+ days. Well done, Microsoft /s

You’re right, these devices are end of life and hopefully not near critical infrastructure.

I’m so thankful for what Let’s Encrypt did for the internet.10 or 15 years ago it was as easy as installing an app to steal credentials from all other users on the local lan.

Certificates were expensive and complicated, and not many used them.

If i recall correctly, they opened up their offer to the general public in 2015.

Does anyone need some old SCART, VGA, DVI, serial, parallel, USB type B, coax, RJ11 cables? And that’s only the stuff I know the names of.

No dad, YOU never know when you might need them. I know for sure that keeping charging cables and headphones with proprietary connectors will never again be useful.

If it’s a civil and interesting discussion, why not?

This kind of spam is luckily pretty rare in europe, I get maybe one or two spam calls a year.

Fleet is an open source device management software. Calling it literal malware seems odd to me.

How would you manage hundeds or thousands of devices without Intune, SCCM, Ivanti, Ansible or whatever tool your org uses?

I would be more worried if the company had no means of controlling their devices, keeping them updated, secure and compliant.

When it comes to protect the rights of thw users, there are typically laws in place (at least where I live).

Probably yes. But most apps probably behave well

Many apps have “notification channels” (on android), to customize what notifications you get. You could choose to disable some notifications and keep others.

The worst are apps that send ads through notifications.

There are some legitimate attacks on MFA, like stealing cookies. But in most cases, MFA is solid and attackers target the humans behind it (phishing, scamming, social engineering).

Not really a MFA bypass, but rather some impressive social engineering:

The attacker leverages AI-generated deepfakes to create a synthetic identity complete with a forged government document (e.g., passport) and a facial recognition bypass video.

They use this identity to gain access to the account, if I understood it right.

Surely they can do a man-in-the-middle attack and gemerate the required private keys and certs on the fly.

With an enterprise CA this is not a huge trouble, but not exactly easy either.

They should have split it so both of them can enjoy at least 50% of it.

Does anyone know how many corporations have the technical ability to inspect TLS 1.3?