Cybersecurity

5553 readers

198 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 1 year ago

MODERATORS

[email protected]

Severe flaws in E2EE cloud storage platforms used by millions (www.bleepingcomputer.com)

submitted 6 hours ago by [email protected] to c/[email protected]

2 comments fedilink hide all child comments

top 2 comments

sorted by: hot top controversial new old

[–] synapse1278 1 points 2 hours ago

Encrypt first, then upload. Of course, not always easily applicable.

[–] [email protected] 2 points 5 hours ago

Cryptographic analysis from ETH Zurich researchers Jonas Hofmann and Kien Tuong Turong revealed issue with Sync, pCloud, Icedrive, Seafile, and Tresorit services, collectively used by more than 22 million people. The analysis was based on the threat model of an attacker controlling a malicious server that can read, modify, and inject data at will, which is realistic for nation-state actors and sophisticated hackers.

Interesting stuff, but it’s worth noting the scope and circumstances.