Meta / Facebook Performs MiTM Attacks via SSL Bumping (Interception) with Onavo VPN
In 2019, Facebook shuttered its VPN app Onavo after investigations found that it was abusing user trust by spying on their activity. TechCrunch journalists found that under the guise of a VPN, Facebook would pay users between 13 and 35 up to $20 per month, plus referral fees, to sell access to their devices via its “Facebook Research”…
Read MoreWhat is HTTPS?
Hypertext Transfer Protocol Secure (HTTPS) is a derivative of the Hypertext Transfer Protocol (HTTP). This “protocol” is used to transfer data on the web. It’s a critical piece of how the web works to communicate between a browser and a web server. If you’d like a more in depth break down of how the HTTPS…
Read MoreHow to Improve Consumer Security with Online Applications
Improving our security should not be difficult, but it does have to be top of mind if you have an online presence. This article will touch on a few true and tested techniques every online consumer should lean into as it has global application across almost all modern systems you might interface with on a…
Read MoreCalifornia EDD Prepaid Debit Card SMISHING Scam
This morning I received a text message informing me that my California EDD Prepaid Debit Card was being suspended with a deposit of $6,390 until I verified my Bank of America credit card: If you don’t live in California, this screams scam; but if you live in California and work with the CA EDD this…
Read More“You Must Contact Us Immediately So That Our Engineers can Guide You Through the Removal Process by Phone. Your Computer is Disabled”
This past weekend, I watched The Beekeeper. I knew nothing of it, but that it had Jason Stratham in it, which meant there would be some action scenes. It turns out that the premise of the movie is Jason taking revenge for the effects of an online scam where someone he cared about committed suicide…
Read MoreA Practical Guide to Good Password Hygiene
On December 2nd, 2023, the Cybersecurity and Infrastructure Security Agency (CISA) reported that an Iran-linked hacking group had been targeting US critical infrastructure, specifically US Water Facilities. Two harsh realities made this hack possible. First, system misconfigurations allowed systems to be publicly accessible via the internet vs. limiting its access to their intranet. Second, administrators used weak…
Read More