#CyberSecurity
Explore tagged Tumblr posts
Visit Tumblr Blog
Explore Tumblr blogs with no restrictions, modern design and the best experience.
Last Seen Tumblr Blogs
Fun Fact
70% of Tumblr users say the Dashboard is their favorite place to spend time online.
Text
I made a tool that takes an image and visualizes how vulnerabilities in some encryption methods allow patterns to be discerned from it, even after encryption. I find the resulting effects to be very interesting!
if you want to try this yourself, you can download the tool here! https://espimyte.itch.io/eyecrypt
405 notes
·
View notes
Text
idk if people on tumblr know about this but a cybersecurity software called crowdstrike just did what is probably the single biggest fuck up in any sector in the past 10 years. it's monumentally bad. literally the most horror-inducing nightmare scenario for a tech company.
some info, crowdstrike is essentially an antivirus software for enterprises. which means normal laypeople cant really get it, they're for businesses and organisations and important stuff.
so, on a friday evening (it of course wasnt friday everywhere but it was friday evening in oceania which is where it first started causing damage due to europe and na being asleep), crowdstrike pushed out an update to their windows users that caused a bug.
before i get into what the bug is, know that friday evening is the worst possible time to do this because people are going home. the weekend is starting. offices dont have people in them. this is just one of many perfectly placed failures in the rube goldburg machine of crowdstrike. there's a reason friday is called 'dont push to live friday' or more to the point 'dont fuck it up friday'
so, at 3pm at friday, an update comes rolling into crowdstrike users which is automatically implemented. this update immediately causes the computer to blue screen of death. very very bad. but it's not simply a 'you need to restart' crash, because the computer then gets stuck into a boot loop.
this is the worst possible thing because, in a boot loop state, a computer is never really able to get to a point where it can do anything. like download a fix. so there is nothing crowdstrike can do to remedy this death update anymore. it is now left to the end users.
it was pretty quickly identified what the problem was. you had to boot it in safe mode, and a very small file needed to be deleted. or you could just rename crowdstrike to something else so windows never attempts to use it.
it's a fairly easy fix in the grand scheme of things, but the issue is that it is effecting enterprises. which can have a looooot of computers. in many different locations. so an IT person would need to manually fix hundreds of computers, sometimes in whole other cities and perhaps even other countries if theyre big enough.
another fuck up crowdstrike did was they did not stagger the update, so they could catch any mistakes before they wrecked havoc. (and also how how HOW do you not catch this before deploying it. this isn't a code oopsie this is a complete failure of quality ensurance that probably permeates the whole company to not realise their update was an instant kill). they rolled it out to everyone of their clients in the world at the same time.
and this seems pretty hilarious on the surface. i was havin a good chuckle as eftpos went down in the store i was working at, chaos was definitely ensuring lmao. im in aus, and banking was literally down nationwide.
but then you start hearing about the entire country's planes being grounded because the airport's computers are bricked. and hospitals having no computers anymore. emergency call centres crashing. and you realised that, wow. crowdstrike just killed people probably. this is literally the worst thing possible for a company like this to do.
crowdstrike was kinda on the come up too, they were starting to become a big name in the tech world as a new face. but that has definitely vanished now. to fuck up at this many places, is almost extremely impressive. its hard to even think of a comparable fuckup.
a friday evening simultaneous rollout boot loop is a phrase that haunts IT people in their darkest hours. it's the monster that drags people down into the swamp. it's the big bag in the horror movie. it's the end of the road. and for crowdstrike, that reaper of souls just knocked on their doorstep.
114K notes
·
View notes
Text
For those on tumblr not in the know, Mark Zuckerberg lobbied the United States Congress to ban Tiktok from the United States after proving difficulty to overcome the loss of users to Tiktok. Through gifts and stocks, the House Energy and Commerce Committee successfully banned Tiktok. It needs to be very clear to those who have not been able to pay attention: The Committee interviewed Tiktok's CEO with questions that did not relate to Tiktok but instead to META. This precedent is very alarming. What is fine for one, is not the other- even if the other isn't participating.
Some key points:
Tiktok stores (stored, depending on what day you see this) all United States data on US soil in Texas and gives backdoor entry to the NSA. - This is important for the United States to check for the bad people on all platforms.
Listed members on the committee asked questions of activities Tiktok does not participate in but all of META does. Giving us immediate confirmation our government is fine with domestic platforms selling our data without consent.
An incredibly concerning detail showed its face while this was going down. All META platforms have access to every device's data using the same WIFI you connect to and they use that data.
META has given me the urge to puke for several years but last year was a moment of true question of how I move forward in a world that already seemingly has my data, even if I did not consent to the passing around of it.
When META decided to include AI in their system after investors seemed to require everyone to do so, the question of safety crossed my mind. META had announced the platforms were using everything you produce and have produced (posts, videos, photos) to not just train their own AI system, but they were also sending your information to a 3rd party as well. This included a setting toggle for consent that was default ON.
When the masses found out and toggled it off, META redesigned the Settings page to make it harder for you to find the consent option. They also made it so it wasn't just a "toggle" but now you had to write to them.
When the masses found out again (because we don't want this) how to get there, they redesigned the settings page again, hid the consent deeper, and required you to write to them with proof they even used your information... So that you can consent or not to consent to use their information.
I have been on this app since 2008 and relied heavily on this website when I was 14 while trying to escape the all seeing eyes I was friends with on Facebook. During this, tumblr became an amazing news resource for bills about to pass that endangered every bit of what the internet is known for: free speech and free of choice.
Back then, this site was all I had. I worshipped Tumblr for giving me emotional outlets and outside opinions during a very rough and miserable transition as a teen. So when Tumblr shared Bills trying to regulate our internet that would prevent reaching sites like Tumblr, I campaigned to my 150 student school and the two 1000 student public schools near me to reach out to our representatives, especially those 18 year olds waiting for a new horizon. With this, our representative and our governor in South Carolina, reached out to us at the time, letting us know they didn't realize how loved these spaces were and that they needed protecting. Communicating knowledge is powerful.
Having sites like Tumblr and Reddit circulate incoming bills like this was required to know about it. No one on Facebook saw any of that coming and they definitely won’t find out now with Zuckerberg making sure of it.
I have always seen the importance of internet regulation but for whatever reason (propaganda pushing) the People who work for us (reps, congress, the house, the committees) always wanted to pass bills that prevented people from talking and accessing new information.
The Tiktok ban passed by our government is not a good sign for anyone who uses the internet. The total amount of Americans who use this app to create community, careers, businesses, market their art, is at 102.3 million. That's a shit ton of businesses and communities that just end on the 19th of January.
And you might think, well why wouldn't they backup to another platform and I am sure many will, but Tiktok has such a unique algorithm that actually pushes businesses into the limelight and because of that, there is a massive community there that uplifts businesses that are falling behind. Currently, there is no other algorithm on US soil that compares to just how much it uplifts accounts that don't do well starting out. We lost so many creators after Vine because no other app could translate the humor and creativity. It's going to be a bigger loss after Tiktok goes because of that same issue.
------------------------------------------------------------------------------
If they are willing to ban a site that is very minimally connected to China, an incredibly huge resource for Americans for everything and anything and all for an increase in paycheck, what else will they be banning in the future when money is waved in their faces by one entity? They already went for one where the American people are heavily reliant on and one that is supposed to be protected under free speech and free of choice. If META wants something dead, give it a year, and it will die.
The Internet and social platforms have always been protected by free speech and freedom of choice. But these aspects have also been on the chopping block since the wild wild west of internet. I fear, this will not stop with just Tiktok.
#people’s march#dataprotection#propaganda#chinese#red book#rednote#washington dc#politics#trump#tiktok#president trump#christianity#2024#trump 47#maga#kamala harris#biden#dark brandon#cybersecurity#facebook#threads#best memes#lgbtq community#communication#social interaction#social skills
72 notes
·
View notes
Text
Oh yes — that’s the legendary CIA Triad in cybersecurity. It’s not about spies, but about the three core principles of keeping information secure. Let’s break it down with some flair:
⸻
1. Confidentiality
Goal: Keep data private — away from unauthorized eyes.
Think of it like locking away secrets in a vault. Only the right people should have the keys.
Examples:
• Encryption
• Access controls
• Two-factor authentication (2FA)
• Data classification
Threats to it:
• Data breaches
• Shoulder surfing
• Insider threats
⸻
2. Integrity
Goal: Ensure data is accurate and trustworthy.
No tampering, no unauthorized changes — the data you see is exactly how it was meant to be.
Examples:
• Checksums & hashes
• Digital signatures
• Version control
• Audit logs
Threats to it:
• Malware modifying files
• Man-in-the-middle attacks
• Corrupted files from system failures
⸻
3. Availability
Goal: Data and systems are accessible when needed.
No point in having perfect data if you can’t get to it, right?
Examples:
• Redundant systems
• Backup power & data
• Load balancing
• DDoS mitigation tools
Threats to it:
• Denial-of-service (DoS/DDoS) attacks
• Natural disasters
• Hardware failure
⸻
Why it matters?
Every cybersecurity policy, tool, and defense strategy is (or should be) built to support the CIA Triad. If any one of these pillars breaks, your system’s security is toast.
Want to see how the CIA Triad applies to real-world hacking cases or a breakdown of how you’d protect a small business network using the Triad? I got you — just say the word.
24 notes
·
View notes
Text
Masterpost of informational posts
All posts are written for everyone, including those with no prior computer science education. If you know how to write an email and have used a computer at least sparingly, you are qualified for understanding these posts. :)
What is a DDoS
What are the types of malware
Vulnerabilities and Exploits (old and somewhat outdated)
Example of how malware can enter your computer
What are botnets and sinkholes
How does passwords work
Guide for getting a safer password
Here are various malware-related posts you may find interesting:
Stuxnet
The North Korean bank heist
5 vintage famous malware
Trickbot the Trickster malware (old and not up to date)
jRAT the spy and controller (old and not up to date)
Evil malware
New to Linux? Here's a quick guide for using the terminal:
Part 1: Introduction
Part 2: Commands
Part 3: Flags
Part 4: Shortcuts
If you have any questions, request for a topic I should write about, or if there is something in these posts that you don't understand, please send me a message/ask and I'll try my best to help you. :)
- unichrome
Bonus: RGB terminal
#datatag#masterpost#malware#cybersecurity#infosec#security#hacking#linux#information#informative#computer science
403 notes
·
View notes
Text
INTERVIEW: @nyancrimew on online privacy and operational security
Our interview series about practical tactics to keep yourself and your community safe from the rising tide of fascism continues this week as Josh talks with maia arson crimew (it/she), a hacktivist and past guest on the show. Topics include:
The mechanics of how corporations and governments identify and track you across virtual and real-world spaces
Common ways that your devices give away information without your knowledge and how to disable those features
What encryption is and why it matters, especially when it comes to law enforcement
Tools that you can use to anonymize your usage online
3K notes
·
View notes
Text
Hackers (1995)
#hackers#cyberpunk aesthetic#macintosh#retro computing#cyber security#cyberpunk#cyberpunk movies#gifs#gifset#cybersecurity#cyberspace#macos#mac os#apple mac#hypercard#hacking#data security#e=mc2#floppy disk
3K notes
·
View notes
Text
Hey y'all, there's been a zero-day vulnerability found in WinRAR, so you gotta update it if you're on an older version (anything below 6.24/6.23). It doesn't auto update so you need to do it manually. It's been around for a few months and has been fixed, but if you don't update your shit then your computer will still be vulnerable.
please reblog this so that people learn about it or whatever (10/19/23)
10K notes
·
View notes
Text
With Trump headed back to office, now is a good time to beef up your digital security.
Here's the Feminist Guide to Digital Security & 4 tips to get started.
Alt-text included on all pieces.
#art#feminism#feminist#digital security#surveillance#cybersecurity#feminist organizing#direct action#social justice#activism#digital activism
1K notes
·
View notes
Text
August 2016: Australia’s national census night fails after authorities report the website is receiving a sophisticated DDOS attack that has taken it offline.
It was later revealed that the so called “attack” was actually just the entire population of Australia attempting to complete the census.
9K notes
·
View notes
Note
Soo if they HAD to, how would they rank themselves in terms of oldest to youngest?
Because while WE may have a timeline on our end, for them its a bit nebulous within the multiverse and parallel timelines and don’t seem to be set in any true time period?
Honestly I get Blur’s reaction if a 15yo called me old I think I would have a crisis
For actual time-wavey explanations: SxS Gen happened for 16yo Guide and Prince and 10yo Classic! Which means two years have passed for them but only a few months for Classic.
Boom just has college kid energy but not old enough to drink yk
SatBK is the oldest bc yk, bro has an entire child. And Frontiers has gone through enough adventures so he’s gotta age at one point. I would’ve made them 30s but Tail’s age is slightly important so Cyber and SatBK are tied to him 😔
For Movies, timeline wise I’m saying it happened in 2022! So 2yo Socks got yeeted to earth, spent 10 years alone then 2 years with Tom and Maddie until movie 3, which we know happened in 2024. And Shadow I made slightly older because at least one pair had to be different ages lmao
Prev | Start | Next
[playlist]
#sonic ask blog#sonic the hedgehog#shadow the hedgehog#sonic#sth#sonic movie 3#satbk#satbk sir lancelot#sonic frontiers#sonic boom#sonic prime#sonadow#shadic#for some of the pairs lol#lansoni#cybersecurity
478 notes
·
View notes
Text
Hey everyone. Friendly reminder that if you get a pm such as this, DO NOT click ANY suspicious links. Or any links in general. These are bots made to steal your data, and do not have your best interests in mind. Instead, you should click „Mark as spam.“ to remove the message.
Again; NEVER CLICK THESE LINKS. Just mark as spam and move on with your day.
3K notes
·
View notes
Text
yeah that'll do it
167 notes
·
View notes
Text
stardom dreams, stalking devices and the secret conglomerate selling both
over the last half a year, @rhinozzryan and i have worked on an investigation into Tracki, a "world leader in GPS tracking", and ExploreTalent, one of the biggest talent listing services in the world. what the hell do those two have in common?
(feature art by @catmask)
#maia arson crimew#fuckstalkerware#tracki#gps trackers#exploretalent#catmask#fourleafisland#ami shafrir#ryan fae#cybersecurity#investigative journalism#talent listing#hollywood
7K notes
·
View notes
Text
#mutual aid#direct action#opsec#opsec 101#cybersecurity#security#cyber security#anarchism#anarchist#anarchy
271 notes
·
View notes