NL

There are strong indications that the hack at the Public Prosecutor's Office is linked to Russia. The hackers may have had access for weeks.

https://www.ad.nl/binnenland/sterke-signalen-dat-russen-achter-hack-om-zitten-zaten-mogelijk-weken-in-systeem~a6bd3c60/

#security #cybersecurity #tech #law #netherlands #russia #politics #privacy

This dumb password rule is from Bendigo Bank.

**Exactly** eight characters.

https://dumbpasswordrules.com/sites/bendigo-bank/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from HM Revenue & Customs (UK Tax).

We store basically all of your data, but we can't store your password.

https://dumbpasswordrules.com/sites/hm-revenue-and-customs-uk-tax/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

Age assurance is a red flag. A big one 🚩

By not requiring regulation of the industry in the Online Safety Act, UK users are thrown into a wild west of privacy and security standards.

Sign our letter to demand the UK government regulates the industry NOW ⬇️

https://action.openrightsgroup.org/sign-open-letter-dsit-regulating-age-assurance

#onlinesafetyact #privacy #cybersecurity #ageverification #ageassurance #dataprotection #ukpolitics #ukpol #onlinesafety

Millions of UK users will be asked to upload ID documents or have a biometric facial scan to check their age.

You'll do this with different providers for different platforms without a regulatory guarantee.

This multiplies the risk of phishing, sextortion, data breaches and data reuse.

#onlinesafetyact #privacy #cybersecurity #ageverification #ageassurance #dataprotection #ukpolitics #ukpol #onlinesafety

This dumb password rule is from AT&T.

The only special characters allowed are underscores and hyphens.

https://dumbpasswordrules.com/sites/at-andt/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

UK users have no choice with age assurance.

You must use the methods and provider picked by the platform that you're trying to access.

❌ Providers aren't required to meet specific privacy or security standards.

❌ Platforms don't have to choose trusted or certified providers.

You should be able to pick a provider that can be used interoperably across every platform.

#onlinesafetyact #privacy #cybersecurity #ageverification #ageassurance #dataprotection #ukpolitics #ukpol #onlinesafety

The UK Online Safety Act requires age assurance to restrict access to porn AND any content that could be ‘harmful’ for under 18s.

If UK users don't submit to these checks, they'll either be blocked from accessing the platform entirely, or features like DMs and certain content will be restricted.

And what amounts to 'harmful' content is open to broad interpretation.

#onlinesafetyact #privacy #cybersecurity #ageverification #ageassurance #dataprotection #ukpolitics #ukpol #onlinesafety

Alt...

Quote from James Baker, ORG Programme Manager: "The British public is being forced to hand over sensitive personal data to unregulated age assurance providers if they want to have full access to platforms such as Reddit and Bluesky or Grindr."

IDs at the ready 🪪

Age assurance requirements under the UK Online Safety Act kick in this Friday.

UK users will have to hand over their sensitive data to cyber bouncers without being sure they'll protect their privacy.

ORG is calling for these age assurance providers to be regulated ⬇️

https://www.openrightsgroup.org/press-releases/org-calls-for-age-assurance-industry-to-be-regulated/

#onlinesafetyact #privacy #cybersecurity #ageverification #ageassurance #dataprotection #ukpolitics #ukpol #onlinesafety

This dumb password rule is from Walmart.

Your password must include the following:
- 8-100 characters
- Upper & lowercase letters
- At least one number or special character

https://dumbpasswordrules.com/sites/walmart/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Bendigo Bank.

**Exactly** eight characters.

https://dumbpasswordrules.com/sites/bendigo-bank/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

🔐 99% of IT/security pros want to redesign their access setup. Why?

VPNs are clunky. Identity is half-baked. Workarounds are everywhere.

📊 New report from Tailscale reveals what’s broken—and what’s next.

👉 https://tailscale.com/resources/report/zero-trust-report-2025?utm_source=Mastodon&utm_medium=owned-social&utm_campaign=zero-trust-survey-2025
#ZeroTrust #CyberSecurity #ZTNA

Finally!

> [UK] Public sector bodies and operators of critical national infrastructure, including the NHS, local councils and schools [are to] be banned from paying ransom demands to criminals

and

> businesses not covered by the ban would be required to notify the government of any intent to pay a ransom

https://www.gov.uk/government/news/uk-to-lead-crackdown-on-cyber-criminals-with-ransomware-measures

#ransomware #cybersecurity #uk

This dumb password rule is from Virgin Mobile.

You can only use PIN as your password.

https://dumbpasswordrules.com/sites/virgin-mobile/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

One weak password is believed to have been all it took for a ransomware gang to destroy a 158-year-old company and put 700 people out of work in UK. This is why you need a strong password along with 2FA and all other cybersecurity practices that can be maintained by good IT staff, including verified backups.

https://www.bbc.com/news/articles/cx2gx28815wo

#cybersecurity #infosec #IT

This dumb password rule is from Air Miles.

- Exactly 4 numbers.

https://dumbpasswordrules.com/sites/air-miles/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

Microsoft Sharepoint server vulnerability puts an estimated 10,000 organizations at risk.

@Engadget reports: "The software giant released an emergency patch but the flaw is being actively exploited."

https://flip.it/h6w1pi

#Microsoft #Cybersecurity #SharePoint #Tech #Hacking

Weak password allowed hackers to sink a 158-year-old company

Curious this BBC article doesn't once use the words "backup" or "recovery".

Seems like a journalist investigating this would at least ask the question, "Why not restore from backup?" and report the answer.

It also seems odd to report "The company said its IT complied with industry standards" and not explain why that was insufficient to allow the company to recover.

https://www.bbc.com/news/articles/cx2gx28815wo

#Journalism #Cybersecurity

#Cybercriminals were able to successfully target a 158 year old #transport company in #England with #ransomware, putting them out of business with 700 jobs lost when they were unable to pay the ransom..

#cybersecurity #UK

https://www.bbc.co.uk/news/articles/cx2gx28815wo

This dumb password rule is from Battle.net.

8 to 16 characters, at least one number and one letter and last but not least NO special characters, and can't have a password that looks like your username too. Oh, and passwords are NOT case sensitive.
A real time travel adventure through the password rules of 2005!

https://dumbpasswordrules.com/sites/battle-net/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Citi.

* Password is case-insensitive
* Can't use ANY special characters (although, adding special characters increases the "password strength" meter?!)
* Allows for a minimum password length of 6 characters
* No runs of more than two identical characters (eg. "aaa" is not allowed.)
* Does not allow you...

https://dumbpasswordrules.com/sites/citi/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

350M Cars, 1B Devices Exposed to 1-Click Bluetooth RCE

Four vulnerabilities in a popular Bluetooth implementation can be chained together to enable remote code execution (RCE) in untold millions of vehicles and miscellaneous devices.

#bluetooth #BlueSDK #PerfektBlue #automotive #auto #cars #security #cybersecurity #hackers #hacking

https://www.darkreading.com/vulnerabilities-threats/350m-cars-1b-devices-1-click-bluetooth-rce

This dumb password rule is from Inria.

This is the account for those who work at [Inria](https://www.inria.fr/)
"the French national research institute for
the digital sciences".

You have to wonder what's wrong with these special characters but not
the other ones.
- Password expiration once a year
- Your password must contain at leas...

https://dumbpasswordrules.com/sites/inria/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

Don't give in to these requests.

"TechCrunch found that when Perplexity requests access to a user’s Google Calendar, the browser asks for a broad swath of permissions to the user’s Google Account, including the ability to manage drafts and send emails, download your contacts, view and edit events on all of your calendars, and even the ability to take a copy of your company’s entire employee directory."

Tech Crunch: For privacy and security, think twice before granting AI access to your personal data https://techcrunch.com/2025/07/19/for-privacy-and-security-think-twice-before-granting-ai-access-to-your-personal-data/ @TechCrunch @zackwhittaker #AI #privacy #cybersecurity #infosec

This dumb password rule is from Seur.

Password must be between 8 and 12 characters...
Also no symbols are allowed. But this isn't displayed.

https://dumbpasswordrules.com/sites/seur/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from SunTrust.

At least there are a variety of special characters to choose from.

https://dumbpasswordrules.com/sites/suntrust/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Alipay.

- 8-20 characters (numbers or letters)
- no special characters allowed
- in the mobile app

https://dumbpasswordrules.com/sites/alipay/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

Make our voice heard at the Apple encryption hearing!

On the sly, the UK government tried to force a backdoor into the firewall that protects your privacy. We made the hearing public.

Now we need to win in court ✊

Donate now to fund legal representation ⬇️

https://action.openrightsgroup.org/make-our-voice-heard-apple%E2%80%99s-encryption-hearing

#e2ee #apple #encryption #privacy #cybersecurity #ukpolitics #ukpol #crowdfunder #surveillance #security

This dumb password rule is from AmeriHealth.

Their site says "*All information is kept safe and secure.*" Just not as
secure as you'd like.

User Password must be between 6 and 14 characters and contain 1
numerical value.

https://dumbpasswordrules.com/sites/amerihealth/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

Head's up, the "you must confirm your profile" scam is proliferating on the Fediverse. I wonder if they are trying to gather driver's licenses and credit card numbers? It's a scam.

#scam #MastoAdmin #cybersecurity

Alt...

Scam Profile confirmation required image

This dumb password rule is from Keimyung University.

Okay, doesn't looks that hard... But wait, there are hidden rules!

Hidden rules: your password can't have 3 times the same character in a row or more than 2 consecutive numbers.
Also if your password is 20 characters or more you won't be able to write it in the mobile app.

https://dumbpasswordrules.com/sites/keimyung-university/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Bloomingdale's.

16 characters maximum, no `.` `,` `-` `|` `/` `=` or `_` allowed.

https://dumbpasswordrules.com/sites/bloomingdales/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

In an email to staff announcing his sudden departure after thousands of university web pages had been down for weeks due to a security incident that the university will "likely never explain publicly", Indiana University's Vice President of IT Rob Lowden declared his department a "national — and indeed international — model of innovation, dedication, and excellence in higher education IT.”

https://www.ipm.org/news/2025-07-16/iu-vice-president-for-it-leaving-after-security-incident-crippled-website-for-weeks

#infosec #CyberSecurity #iu #IndianaUniversity #bloomingtonIN

This dumb password rule is from Targobank.

Your password must:
- must not be your username
- must at least eight characters
- must contain at least one number character
- must contain at least one uppercase character and 1 lowercase character
- must not contain spaces
- must not contain three identical characters in a row
- must not conta...

https://dumbpasswordrules.com/sites/targobank/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from ING Australia.

4 numeric digits.
"Added security" by randomising the positions on the keypad. Must be clicked.

https://dumbpasswordrules.com/sites/ing-australia/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Banca Intesa Serbia.

Online banking portal of Banca Intesa Serbia has some password restrictions.
This is the translation of the requirements:

No special characters, minimum number of characters is 8, maximum number of
characters is 22, minimum number of upper case letters is 1, lower case also 1,
numeric characters...

https://dumbpasswordrules.com/sites/banca-intesa-serbia/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

Endlich erschienen: Meine Geschichte über mein Evil Bit und wie es dazu beigetragen hat, dass ich ein Atomkraftwerk gehackt (und Barack Obamas Sicherheitsberater eine Spearphishing-E-Mail geschickt) habe.
🎁 Geschenk-Link 🎁
#Cybersecurity
https://www.zeit.de/digital/datenschutz/2025-07/cybersecurity-konferenz-europa-cyberattacken-russland-chris-kubecka?freebie=8cae0fa7

This dumb password rule is from Estheticon.

- At least 8 characters but limited to 20 characters at max
- At least 1 digit
- At least one letter (just a letter in general, no specific casing required)
- No special characters at all

https://dumbpasswordrules.com/sites/estheticon/

#password #passwords #infosec #cybersecurity #dumbpasswordrules