u/Moist-Water8832

▲ 14 r/yubikey

Queries on yubikey/cybersecurity

Hello, I hope this thread finds you well.

I recently became interested in privacy/safety opsec and would like to further improve that.

I decided to look into hardware keys and found this brand to be the most promising and decided to look into the series 5. However I am a couple of questions that I want to solve

Is it better to purchase the FIPS series or the consumer brand? I wanted to look into the FIPS because it appears to offer the most protection, however, I am confused by the difference between them, as far I can tell, one is commerical and the other is for orgs but is there anything I would be missing out on when buying either one?

Second, I am aware that a common hack is infostealing/session hijacking. I do not believe a hardware key is strong enough to counteract. However, is it possible that to prevent session stealing, I can merely logout when I am done and login using my yubikey and delete cookies all the way through? Assume a hacker does get into my account, what could he possibly do as in order to change my password he would need my passkey approval.

Third, incase, I lose my first key, is there a cheap 2nd key that I may buy preferably type c and is as safe as the previous, or is it better to just buy two?

reddit.com
u/Moist-Water8832 — 2 days ago
▲ 4 r/GMail

Two-Step Verification for phone randomly removed from account?

I got an email randomly at midnight while asleep citing how my 2FA for mobile was removed because "There was something unusual about this 2-Step Verification phone, so we removed it to protect your security."

I have no clue how this happened.

Truth be told, I downloaded some form of malware a month ago but wipe my pc by reinstalling windows and had already enabled DBSC prior and is on right now. I had logged out of the infected device and basically everything.

I do not believe it had anything to do with that since it was a month ago and they definitely would have done more but I find this to be strange. Has anyone encountered this I need help to figure out what had happened.

reddit.com
u/Moist-Water8832 — 12 days ago

Three week aftermath of installing renpy need help to ensure if I am clear

Hello, It had been 3 weeks since I had installed renpy on my system. Ever since, I have been extremely paranoid about this. When I first saw signs, I saw my ubisoft and ea tried to get taken where my ubisoft was stolen (recovered since).

I was extremely nervous and just woke up so I had stupidly changed all my passwords on the infected device and left to work as I had to go that day. After coming back I did more research and had reinstalled Windows (through USB and deleted all files), however, I did not delete partitions through the BIOS, I did it via disk management (it said my drives were locked via bitlocker so I do not believe the malware came through).

During the reinstallion of Windows I used my other clean device (work laptop) to reinstall Windows and to change all the passwords/enabled 2FA on anything I can.

The only infection that I saw/noticed was my Instagram but I saw it the same time those scams occured and eliminated the threat.

I want to know a couple of things if that is alright, preferably someone with experience like those able to check the FRST scan and those who had experienced it or are just knowledgeable in this field

  1. Is my USB safe to use again? I would like to know this for future purposes if I need to reinstall
  2. Did I do enough repair already? Since then, when I am installing something suspicous (I do not do anything problematic to begin with) I log out of chrome and enable DBSC on Chrome, specifcally standard, persistance, federated registrations, and for Google products.
  3. Ever since these 3 weeks have gone by, my battle net tried to get taken but I had changed the password and it had 2fa, my ebay was compromised but ebay notified me. Can I rest easy knowing that even if one of these accounts have been compromised and taken, they cannot change my email on the account to begin with and they have no access to my email and they can not change the email as a result and I may reset passsword/file a support ticket should anything go wrong. (I am positive) my email is secure as I have logged out of it on the infected device through their manager system and changed passwords/2fa like several times after (last changed was may 29 and the infection occured 6 days prior).
  4. Maybe unrelated to RENPY but when I was adding 2FA yesterday on Instagram, I noticed the username being "Haozhplus2" that is not my username, and people on Reddit are saying this is some sort of hacker, if anyone is familiar with this, could you tell me what to do? All I did currently was change my password and disabled the emails associated with it which was a solution somebody had told me. However, is there a way to be able to use those emails again for META? As I want to have extra authencation on my service.

For the FRST scan, frst txt is azure-registry  in general

addition txt is noble-valley in general

Note: I changed usernames/personal info to generic tags, I apologize if this is an inconvience but I want to be safe.

Edit: I am also aware that the FRST scan is used when there is an infection to begin with, however, I am extremely paranoid and just want to make sure that as of now it is safe with no malware as of the moment.

Edit 2: I did not mention banking either, I apologize for the inconvience and continous edits. In regards to banking, I had changed the password on the infected device andever since on the same day have changed the password on a clean device. I never save my cards for anything on the internet or do internet spending. It has been 3 weeks and nothing has happened, I imagine that if something has happened, I may report a fraudenlent claim and get my money back right? I have had a similar experience where my money was fraudenlently taken but I had since received it.

reddit.com
u/Moist-Water8832 — 23 days ago
▲ 0 r/GMail

How does gmail protect you against information stealers/session theft

I am asking this because I noticed that Google has a lot of protections regarding 2fa and recovery contacts but once a session is taken all of this is useless

Is the actual protection just that when you try to change passwords or remove backup code it asks for a login again and the intruder needs your device pin number or no?

reddit.com
u/Moist-Water8832 — 1 month ago