Gillo

5 reasons why attackers are phishing over LinkedIn Attackers are increasingly phishing over LinkedIn to reach executives and bypass email security tools. Push Security explains how real-time browser protection detects and blocks phishing across apps a...

In the new multi-channel social engineering landscape, LinkedIn is one of the main breeding grounds for phishing attacks. This article, even if biased given its sponsor, gives a good overview of the risks.
www.bleepingcomputer.com/news/securit... #socialengineering #phishing #infosec #linkedin

The curious, intertwined history of climate and digital rights activism It’s going much [better|worse] than expected.

Very good article by the excellent Cory Doctorow about how digital activism and climate activism actually have a ton in common - really interesting connections between the two movements and how they’re tackling similar challenges. #climate #environment #activism
doctorow.medium.com/https-plural...

Germany slams brakes on EU's Chat Control snoopfest : Berlin's opposition likely kills off Brussels' bid to scan everyone's messages

Germany has committed to oppose the EU’s controversial “Chat Control” regulations which means most likely that this law will not be accepted by the EU council next week. Germany’s position was influenced by huge pressure from multiple activists.  www.theregister.com/2025/10/08/g... #infosec

What the Arrival of A.I.-Fabricated Video Means for Us

Sora and AI generated videos are a game changers in terms of mis/disinformation: they are making it impossible to trust what we see in videos—deepfakes are now mainstream and everyone needs to be skeptical. #ai #deepfakes #sora #openai #disinformation
www.nytimes.com/2025/10/09/t...

White House official inadvertently reveals plans to send elite army unit to Portland | US military | The Guardian Anthony Salisbury displayed chat about deployment of 82nd airborne division on cell phone while in Minnesota

Geeez…. The US administration is really running out of funds. They don’t even have enough money to buy privacy screens. www.theguardian.com/us-news/2025... #infosec #shouldersurfing

The EU “Chat Control” law would scan everyone’s messages, breaking encryption and risking digital rights for all—kids included. Experts & civil groups say it’s dangerous. Sign to stop mass surveillance: crm.edri.org/stop-scannin...

Original post: mastodon.archive.org/@internetarc...

Why attackers are moving beyond email-based phishing attacks Phishing isn't just email anymore. Attackers now use social media, chat apps & malicious ads to steal credentials. Push Security explains the latest tactics and shows how to stop multi-channel phishin...

Attackers move beyond email-based phishing, personal accounts (messengers, social media, etc.) are being targeted more often than work ones and regular phishing campaign trainings might create a false sense of security. #phishing #socialengineering #infosec
www.bleepingcomputer.com/news/securit...

Alaa Abd El-Fattah pardoned: Egyptian president orders release of prominent activist, state media reports | CNN Egypt’s President Abdel Fattah el-Sisi has ordered the release of prominent activist Alaa Abd El-Fattah, the Egyptian state-run outlet Al Ahram reported on Monday.

Amazing news in the activism and human rights world edition.cnn.com/2025/09/22/m...

Von der Leyen’s plane hit by suspected Russian GPS jamming Commission president was on a tour of frontline states when her plane was the target of interference.

GPS jamming at work… www.politico.eu/article/ursu...

UK Official Calls for Age Verification on VPNs to Prevent Porn Loophole The call comes as governments go to war with the anonymous web.

And now… Bad bad UK!! Cracking down on VPNs is a horrible idea. gizmodo.com/uk-official-...

UK drops demand for backdoor into Apple encryption Here’s hoping that ADP returns to the UK.

Well done UK (although it took US pressure…) www.theverge.com/news/761240/...

📣 Are you aware of journalists being harassed at immigration courts? Officers photographing them or their press badges? Being asked to sign in when others aren't?

@freedom.press and our partner organizations want to know about it.

Reach out on Signal to ssugars.01 or via DM.

Imagine if AI chatbots’ popularity had started just before COVID… futurism.com/man-poisons-...

Citizen Lab director warns cyber industry about US authoritarian descent | TechCrunch Ron Deibert, the head of the prominent digital human rights groups Citizen Lab, sounds the alarm at the Black Hat security conference about the "dramatic descent into authoritarianism," but one that t...

techcrunch.com/2025/08/06/c...

AI scammer posing as Marco Rubio targets officials in growing threat | US news | The Guardian Fake voice and text messages on Signal tricked senior leaders, as AI impersonation rises in global politics

Nobody is immune to deepfakes, and definitely not the current US administration www.theguardian.com/us-news/2025... #ai #infosec #deepfakes #marcorubio #socialengineering

Using Signal groups for activism Things are heating up. Millions of people are taking to the streets against Trump's rising authoritarianism. Communities around the US are organizing to defend against ICE raids, to protest Israeli ge...

Very good article by @micahflee.com about using Signal groups for activism. Some new tips there like creating announcement-only groups for rapid response and using QR codes during physical meetings. micahflee.com/using-signal... #infosec #signal #activism #security #privacy

Two Factor Insecurity How Google, Amazon, Meta and thousands of other companies leave customers vulnerable over one-time codes to save time and money

Researchers found out that recently a million SMS two-factor authentication codes and login information were intercepted!  As expected, authenticator apps or security keys are the best solution. www.lighthousereports.com/investigatio... #infosec #2FA #leaks #sms

How to secure your phone before attending a protest | The Verge Here are some privacy measures you can take

More on how to secure your phone before a protest.
www.theverge.com/21276979/pho... #protest #activism #surveillance #USA #privacy #infosec

How to Protest Safely in the Age of Surveillance | WIRED Law enforcement has more tools than ever to track your movements and access your communications. Here’s how to protect your privacy if you plan to protest.

Interesting WIRED article about how law enforcement uses facial recognition and phone tracking at protests. www.wired.com/story/how-to... #protest #surveillance #infosec #USA

Researchers confirm two journalists were hacked with Paragon spyware | TechCrunch The confirmation of two hacked victims further deepens an ongoing spyware scandal that, for now, appears largely focused on the Italian government.

New forensic research proves two Italian journalists were hacked using government spyware made by Israeli surveillance tech provider Paragon. techcrunch.com/2025/06/12/r... #spyware #paragon #journalists #italy #infosec

Protect your information and devices while traveling Protect your information and devices while traveling

Frontline Defenders have updated their Guide to Protect Information while Traveling.
Although the guide’s target audience is usually at-risk human rights defenders, it’s still a great article for general security guidelines.
securityinabox.org/en/assess-pl... #infosec #opsec

Jeff Bezos makes his most ghoulish deal yet | The Verge Freedom of the press ain’t free.

Besos investing in Saudi Arabia, the country guilty of killing one of his journalists, is as disgusting as it sounds. #amazon #bezos #saudiarabia #mbs #ai #humanrights #kashoggi www.theverge.com/amazon/66791...

Apple notifies new victims of spyware attacks across the world | TechCrunch Two alleged victims came forward claiming they received a spyware notification from Apple.

Apple sent notifications this week to several people who the company believes were targeted with government spyware. techcrunch.com/2025/04/30/a... #infosec #apple #spyware

Deepfake-enabled fraud caused more than $200 million in losses In Q1 2025, deepfake-driven fraud led to $200 million in financial losses.

AI has been a gift from Heaven for social engineers... www.securitymagazine.com/articles/101... #deepfakes #socialengineering #infosec

U.S. governmental visits turning deadly

This ‘College Protester’ Isn’t Real. It’s an AI-Powered Undercover Bot for Cops | WIRED Massive Blue is helping cops deploy AI-powered social media bots to talk to people they suspect are anything from violent sex criminals all the way to vaguely defined “protesters.”

A new US company, Massive Blue, is helping law enforcement agencies deploy AI-powered social media bots to interact with suspected criminals. Unfortunately this can also be used against activists…
www.wired.com/story/massiv... #activism #ai #deepfakes #socialengineering

Spyware Maker NSO Group Is Paving a Path Back Into Trump’s America | WIRED The Israeli spyware maker, still on the US Commerce Department’s “blacklist,” has hired a new lobbying firm with direct ties to the Trump administration, a WIRED investigation has found.

Just lovely… Spyware maker NSO, still on the US Commerce Department’s “blacklist,” has hired a new lobbying firm with direct ties to the Trump administration. www.wired.com/story/nso-gr... #spyware #nso #trump #infosec

Des hackers chinois ont volé des données sensibles à la Sûreté de l’Etat Durant près de deux ans, des hackers à la solde de l’espionnage chinois ont exploité la brèche d’une cybersociété américaine pour siphonner 10 % des courriels entrants et sortants du service de rensei...

For almost two years,Chinese hackers stole sensitive data and captured 10% of the incoming and outgoing emails of the Belgian intelligence service (VSSE).

According to sources, it’s the most serious security incident ever experienced by the VSSE.

www.lesoir.be/657866/artic...

I decided to "bridge" my Mastodon account to Bsky, so my posts will appear here:

@gillo.infosec.exchange.ap.brid.gy

If you want your Bluesky account to be discoverable on Mastodon, just follow @ap.brid.gy here on Bluesky