Manuel Bissey⚠️Unbelievable! The most common passwords of 2025 are still “123456” and “password.” We’ve built smarter tech — but not smarter habits. 🔑🙈 #PasswordSecurity #UserAwareness
https://www.theregister.com/2025/11/06/most_common_passwords/
ClickFix attacks keep rising — exploiting trust, curiosity, and automation fatigue. Awareness is still the strongest patch. 🧠⚠️ #UserAwareness #PhishingDefense
https://thehackernews.com/2025/10/analysing-clickfix-3-reasons-why.html
Anant Shrivastava aka anantshriSecurity problem of last decade: people dont update the software
Security problem of this decade: people autoupdate software
We have educated people we are again going to do that. What we are not going to do is fix the software environment. We can give 100 excuses of why it’s not possible but then when it comes to blaming ID01T we dont hesitate in putting user of gun point.
If software has an excuse of too complicated problem to solve, user has an excuse of too complicated toolset.
Kevin Karhan 
@hon1nbo @foone yeah, but all these things would essentially necessitate a fundamentally incompatible #Fork of the #USB standard, creating #costs, #fragmentation and lessen the likelyhood of success.
- Not to mention it'll require significant investments in #UserAwareness, #Training and would still have some issues...
I gues a sort-of "Secure HID Port" that mandates proper authentification and does full #E2EE from the Keyboard Matrix / Pointing Device controller up is an option, but you'd have to expect state-sponsored attackers willing to do "Kamikaze" Hacks...
- There's like a long talk by #TonyChen from #Microsoft explaining how they secured the #XboxOne.
#TLDW: It requires custom silicon and a hard root of trust…
- And as we saw with #GoldenKeyBoot all it takes is a single #leak of a #PrivateKey and that entire system is fucked!
How a Mini drill tool defeated security on the Xbox 360 | MVG
PUPUWEB Blog🚨 Attention WordPress Users! 🚨 A new checkbox demands you confirm NO affiliation with WP Engine before you can log in or register! Are you ready to stand your ground? 🛑💥 Stay vigilant! #WordPress #WPEngine #AccountSecurity #WebDev #UserAwareness
🛡 
"⚠️ Chae$ 4.1: Taunting direct message to researchers at Morphisec within the source code. ⚠️"
The original Chae$ malware was identified in September 2023, and its latest version, dubbed Chae$ 4.1, employs advanced code polymorphism to bypass antivirus detection. It also includes a direct message to Morphisec researchers thanking them for their effort and hoping not to disappoint.
That's got to sting...
🛡️💻🔒
Source: Hackread by Deeba Ahmed
Tags: #CyberSecurity #MalwareAlert #Chae$Malware #Morphisec #AdvancedThreats #InfoSecCommunity #DriverScam #DataProtection #UserAwareness 🚨🌍💡
Shecky - Third WheelToo often do I see and hear of people complaining about users failing phishing tests, how they are lusers, etc...
None of that helps us in security. Teach and positive reinforcement is way more effective in the long run.
Also, I bet that anyone and everyone who slams people for falling for a phish would fall for one. Why? We are human and can be gullible. ALL of us.
#infosec #phishing #userawareness
None of that helps us in security. Teach and positive reinforcement is way more effective in the long run.
Also, I bet that anyone and everyone who slams people for falling for a phish would fall for one. Why? We are human and can be gullible. ALL of us.
#infosec #phishing #userawareness
Peanutbutter Hackers🏳️🌈Y’all, make sure you’re educating your end users on the importance of burner phones! Protect your end users!
https://www.cnn.com/2023/05/09/us/utah-mom-childrens-book-husband-killing-cec/index.html
Frank #CompuWatcher Piscitello☕🍺🧑💻🖖#swphl23 #infosec session on small teams...
Entry level is not 3 to 5 years of experience...
So many technology solutions that are procured to solve one problem. #techOverload. Instead, figure out how to use more of the tools you have already.
Never ending threats. Many focus on end users. #userawareness is needed.
Limited resources including people. Orgs need to realize they may need to train for experience instead of finding unicorns.
Lots of compliance requirements. Don't waste resources doing compliance if it's not required from outside motivations. Internal measures of program can do better to tell the story to mgmt. (Measure risks and mitigation instead.)
The 5 phases of the NIST CSF framework can be used to help define your program, but still use a business risk approach.
Swatting at flies is ineffective and inefficient.
ITSEC NewsHow to Increase Your Security Posture with Fewer Resources - Plixer's Justin Jett, Compliance & Audit director, discusses how to do more with less when you... https://threatpost.com/increase-security-posture-fewer-resources/162382/ #securityresources #machinelearning #infosecinsider #domorewithless #userawareness #automation #justinjett #ransomware #education #schools #plixer
