r/CyberGuides

How do you prevent session hijacking?

Recently my friend got hacked and lost most of social media accounts as somebody posted altcoin scams on his profile. He has 2FA enabled and uses password manager religiously, so he was confused how that even happened. What are some things I should implement to make sure this doesn't happen to me?

reddit.com
u/brthrfrd — 1 day ago

Security breach?

Has anybody else experienced small security issues with iPhones lately? For example, over the last six months I’ve had two breaches of my Microsoft mail account. The first time, I received an email apparently sent “from me to me.” After resetting the password, everything was fine for a few months, until early this morning (while I was asleep) when I received a single-use verification code confirmation.

If this was a hacking attempt or a successful breach, what confuses me is that this email/password combination is only used on my Apple account and has never been used on browsers or any other devices — only on my phone?

reddit.com
u/ecrljeni — 4 days ago
▲ 7 r/CyberGuides+1 crossposts

Over 500,000 websites wrongly blocked in Spain as La Liga anti-piracy campaign backfires

A new report reveals the shocking scale of collateral damage caused by Spain's IP-blocking efforts, taking down everything from human rights platforms to crucial cloud infrastructure.

techradar.com
u/Chiara_TPL — 4 days ago
▲ 28 r/CyberGuides+2 crossposts

Apple's Hide My Email vulnerability reportedly exposes users' real email addresses

A newly disclosed privacy vulnerability in Apple's Hide My Email feature can reportedly allow an attacker to uncover the real email address behind a generated alias. According to the researcher who found the bug, it was responsibly disclosed to Apple more than a year ago but remains unpatched, and independent testing has verified the issue

thecybersecguru.com
u/NapierPalm — 5 days ago
▲ 10 r/CyberGuides+1 crossposts

Many crypto investigations end with a wallet, not a suspect

Blockchain analysis has become incredibly powerful. Investigators can often trace stolen cryptocurrency across dozens or even hundreds of transactions. The challenge is that following the money and identifying the person behind it are two completely different problems.

In many cases, investigators know exactly which wallet received stolen funds, exactly where those funds moved, and exactly where they are sitting today. What they don't know is who controls the private keys.

This creates a strange situation that doesn't exist in traditional banking. The money can be completely visible while the owner remains completely anonymous. Some investigations stall for years at this exact point.

https://preview.redd.it/kl8nlxqjdn8h1.png?width=1095&format=png&auto=webp&s=08f9cc3b78559850b115d32fa09d0ab6dfb0824f

reddit.com
u/ImaginationFair9201 — 14 days ago