Yesterday we published a report about a large campaign of phishing attacks targeting 100s in MENA. The attackers setup a system with Selenium e Chromedriver to automate the malicious login procedure and bypass 2FA. More details here:
In my latest newsletter I write on the recent events and discoveries surrounding the infamous Israeli surveillance company NSO Group. You can subscribe to it here: https://nex.sx/newsletter/
I released a new version of my Firefox extension that will forcefully redirect you away from privacy erosive services to better alternatives. It started as a joke, but I end up actually using it.
When I want to look up a place, I instinctively and mechanically start typing "maps.googl...". This extension will instead take me to OpenStreetMaps. It will also functionally translate Google Search links to DuckDuckGo and Google Translate links to Deepl.
As if we needed any more, here's yet another case of NSO software being used for gross abuses. https://citizenlab.ca/2018/11/mexican-journalists-investigating-cartels-targeted-nso-spyware-following-assassination-colleague/
In an attempt to further disconnect from social media, I decided to start curating a personal newsletter where to aggregate thoughts on technology, privacy and surveillance and share material and updates on my projects. You can subscribe here: https://nex.sx/newsletter/
It's been one year since I last used Mastodon and pondering a potential comeback. Abandoning Twitter seems impossible, but I'm committed to continue scaling back my use of it. At the same time, I'm considering starting a personal newsletter as a different vehicle to keep folks up to date with my work. What do you think?
Or is it called Unicode art these days?
Fatigued security researcher seeking for a different life.
Server run by the main developers of the project It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!