Twitter | Pretraživanje | |
Pwn All The Things
Indictment of hackers this week a good opportunity to remind you all to sign-up for Google Advanced Protection Program if you use Gmail at home Everyone should, but *esp* journos, think-tankers, folks in politics, govt employees or activists. Do it now.
Reply Retweet Označi sa "sviđa mi se" More
Pwn All The Things 14. srp 2018.
Odgovor korisniku/ci @pwnallthethings
Modern spearphishing is *really* good. When high-end hackers come for you, will 100% fall for it. It's not a matter of being "smart" or training not to click the link. You set up countermeasures via 2FA or Yubikeys, or you are 100% trusting to chance that you never get targeted
Reply Retweet Označi sa "sviđa mi se"
Pwn All The Things 14. srp 2018.
Odgovor korisniku/ci @pwnallthethings
Seriously. Look. Just look at it. This is the email Podesta was sent. You're probably thinking "wow how come Google algorithms didn't catch this email, it's right there asking for your password?". Because the letters aren't English to trick the filters. Hackers are smart.
Reply Retweet Označi sa "sviđa mi se"
Pwn All The Things 14. srp 2018.
Odgovor korisniku/ci @pwnallthethings
And then he landed on this page. Look! * URL looks a lot like myaccount,google,com. You have to look close to see it's not. * Prepopulated his account name + picture. When. They. Come. You. Will. Fall. You put in 2FA countermeasures, or it's blind luck your emails aren't online
Reply Retweet Označi sa "sviđa mi se"
Pwn All The Things 14. srp 2018.
Odgovor korisniku/ci @pwnallthethings
And it's not just a couple of emails. Your personal email is where "forgot my password" reset emails get sent. Once your home email account falls, all your online identities get pwned all in one fell swoop. Podesta didn't just lose his email in that hack
Reply Retweet Označi sa "sviđa mi se"
Pwn All The Things 14. srp 2018.
Odgovor korisniku/ci @pwnallthethings
"But I'm not important enough to hack" Stop. Last year FBI prosecuted a guy who compromised 1000+ accounts, used that access to reset pwds to cloud accounts and searched for cloud-synced intimate pictures. You don't have to be "important" to be targeted.
Reply Retweet Označi sa "sviđa mi se"
Pwn All The Things 14. srp 2018.
Odgovor korisniku/ci @pwnallthethings
Today's the day you should enable 2FA on your home account. Or if you use Gmail, their Advanced Account Protection. No day better than today to do it. Go do it now.
Reply Retweet Označi sa "sviđa mi se"
Pwn All The Things 11. kol 2018.
Odgovor korisniku/ci @PenguinParty466
They defend against phishing, not malware.
Reply Retweet Označi sa "sviđa mi se"
David Carroll 🦅 14. srp 2018.
Odgovor korisniku/ci @pwnallthethings
Ironically government officials and registered candidates are barred for Google’s Advanced Protection Kit
Reply Retweet Označi sa "sviđa mi se"
C:\Mike\ 14. srp 2018.
Odgovor korisniku/ci @profcarroll @pwnallthethings
Maybe to comply with campaign donations regulation?
Reply Retweet Označi sa "sviđa mi se"