“Most” unique?
FFS!
Posts by Captain Badmouth
645 publicly visible posts • joined 1 Aug 2015
Coinbase extorted for $20M. Support staff bribed. Customers scammed. One hell of a SNAFU
Here's what we know about the DragonForce ransomware that hit Marks & Spencer
Infosec pros tell Trump to quit bullying Chris Krebs – it's undermining security
As CISA braces for more cuts, threat intel sharing takes a hit
Signalgate solved? Report claims journalist’s phone number accidentally saved under name of Trump official
Signalgate: Pentagon watchdog probes Defense Sec Hegseth
Signalgate storm intensifies as journalist releases full secret Houthi airstrike chat
Thursday 27th March 2025 14:39 GMT
So many ciphers…
18 (or was it 19) ciphers on the cipher chat, another cipher in the white house.
Ciphers everywhere yet so insecure.
The more we hear that they seem to be using signal on govt. phones, the more we wonder how much Putin is hearing.
This lot are dangerous in increasing ways, it needs the GOP to grow a pair - and divert the Potomac through the shite house.
Top Trump officials text secret Yemen airstrike plans to journo in Signal SNAFU
Get off that old Firefox by Friday or you'll be sorry, says Moz
Rhysida pwns two US healthcare orgs, extracts over 300K patients' data
Tech support chap showed boss how to use a browser for a year – he still didn't get it
Kids' shoemaker Start-Rite trips over security again, spilling customer card info
Mind your header! There's nothing refreshing about phishers' latest tactic
Two cuffed over suspected smishing campaign using 'text message blaster'
Wednesday 12th June 2024 10:50 GMT
Re: a bank or another official authority will ask you to share personal information
Phoning a friend instead of your bank is , certainly, one way to make sure the line is "free".
But how long before they develop a MITM telephone exchange complete with dial tone so
they can forward your "phone a friend" call and still retain control to answer your bank phone call.
Best use a different phone for that if this happens to you.
NFTs not annoying enough? Now they come with wallet-emptying malware
Brewdog might make an OK pint but its security sucks: Flaw opened door to free beers for anyone
US House Rep on cyber committees tweets Gmail password, PIN in Capitol riot lawsuit outrage
US declares emergency after ransomware shuts oil pipeline that pumps 100 million gallons a day
Tuesday 11th May 2021 16:12 GMT 
Been there, done that...
Meanwhile, the Russian/ Chinese/ Iranian/ N Korean (delete as/if necessary) state-employed Black Hats are spitting blood waiting to see if their little compromise software, sitting quietly in a dark corner of a server somewhere, will be uncovered by the security measures introduced following this mal(ware)arkey.
Voyager 2 receives and executes first command in 11 months as sole antenna that reaches it returns to work
The curse of knowing a bit about IT: 'Could you just...?' and 'No I haven't changed anything'
Trump fires cybersecurity boss Chris Krebs for doing his job: Securing the election and telling the truth about it
What a Hancock-up: Excel spreadsheet blunder blamed after England under-reports 16,000 COVID-19 cases
Proposed US fix for Boeing 737 Max software woes does not address Ethiopian crash scenario, UK pilot union warns
Microsoft leaks 6.5TB in Bing search data via unsecured Elastic server. *Insert 'Wow... that much?' joke here*
It has been 15 years, and we're still reporting homograph attacks – web domains that stealthily use non-Latin characters to appear legit
Cyber-security super-brain Rudy Giuliani forgets password, bricks iPhone, begs Apple Store staff for help
Wednesday 6th November 2019 14:45 GMT 
Website scores
I see his website scores a "T" due to certificate mismatch here:
https://www.ssllabs.com/ssltest/analyze.html?d=www.giulianisecurity.com
and, as you may have guessed, an "F" here:
https://securityheaders.com/?q=www.giulianisecurity.com&followRedirects=on
Laughed? I almost opened that attachment...
Dixons hits back at McAfee's £30m antivirus sueball: Your AV didn't work on Windows 10S
Here's to you: UK.gov praises Reg-reading techies for keeping on top of cybersecurity
Thursday 4th April 2019 20:34 GMT
Re: Let's ponder on Long AI Marches
"Have you found them to be refreshingly proactive, Olaf, and could this relatively anonymous communication channel be one of their creation and iteration?
You know, NCSC doing some Deep and Dark See Phishing for Blighty in the Almighty Strange Waters of a Cutting Edge Publication Hosting here. ..... for those more than just interested in taking and making a Walk on the Wild Side?"
Don't go solving the crypto-puzzle or, if you do, don't go phoning the no. given for the prize of 2 yrs. subscription to the magazine of your choice...
Mystery of the Chinese woman who allegedly tried to sneak into Trump's Mar-a-Lago with a USB stick of malware
TP-Link 'smart' router proves to be anything but smart – just like its maker: Zero-day vuln dropped after silence
Saturday 30th March 2019 14:41 GMT
Re: Nearshore?
Quite, although TP-Link seem to recommend DD-WRT.
But, no warranty!
"To Use Third Party Firmware In TP-Link Products
Some official firmware of TP-Link products can be replaced by the third party firmware such as DD-WRT. TP-Link is not obligated to provide any maintenance or support for it, and does not guarantee the performance and stability of third party firmware. Damage to the product as a result of using third party firmware will void the product's warranty."
Huawei savaged by Brit code review board over pisspoor dev practices
Data breach rumours abound as UK Labour Party locks down access to member databases
Use an 8-char Windows NTLM password? Don't. Every single one can be cracked in under 2.5hrs
Ticketmaster tells customer it's not at fault for site's Magecart malware pwnage
Worrying Windows 10 wrecking-ball weapon weirdly wanders wildly on worldwide web
Sealed with an XSS: IT pros urge Lloyds Group to avoid web cross talk
Friday 21st September 2018 13:02 GMT
Re: Multi-layered security controls across our systems
"I got a similar answer from EDF when I asked them why I needed to disable 'Auto remove overlays', 'uBlock Origin' and Safescript in order to access the site."
With noscript you have to enable google.com and gstatic.com and sometimes an amazonaws script in addition to the edf script in order to log in. The google and gstatic scripts seem to be there for supplying the captctha. The amazonaws is not always present but if it is you have to enable it. I've complained about this excessive use of 3rd party stuff but they seem not to understand, their ssl labs rating was a B until I told them about it, they've since improved it.
Biting the hand that feeds IT
