The MattChrobok’s Podcast

The British government has demanded that Apple give them unlimited access to iCloud user data stored in the cloud. With a backdoor.
Sources:
https://zurl.co/sJxYH
https://zurl.co/nOfhT
#Apple #UK #iCloud #privacy

👂 Can an employer snoop on their employees' network traffic and how? Does encryption protect against such voyeurism? Is it even legal?
I will do my best to answer these questions. Let’s go!
Sources:
❓What is a router?
https://www.cloudflare.com/en-gb/learning/network-layer/what-is-a-router/
🛜 My home network: Ubiquiti UniFi gear, fiber gigabit Internet, CAT6 and CAT3 wiring
https://jeffwilcox.blog/2018/04/seattle-network/
🔐 Data Loss Prevention (DLP)
https://www.imperva.com/learn/data-security/data-loss-prevention-dlp/
🇬🇧 The UK's data protection legislation
https://www.gov.uk/data-protection
📟 Electronic Communications Privacy Act of 1986 (ECPA)
https://bja.ojp.gov/program/it/privacy-civil-liberties/authorities/statutes/1285#0-0
💉BSNL is injecting code on to your browsers, and here's what it does. #SaveTheInternet
https://internetfreedom.in/taking-a-closer-look-at-bsnls-code-injections-savetheinternet-2/
🤔 What is Deep Packet Inspection? How it Works and Why It Is Important
https://www.endpointprotector.com/blog/what-is-deep-packet-inspection-how-it-works-and-why-it-is-important/
🔍 Deep inspection
https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/122078/deep-inspection
🇪🇬 Egypt launches deep-packet inspection system
https://www.theverge.com/2014/9/17/6350191/egypt-launches-deep-packet-inspection-with-help-from-an-american
📩 Regex validation of email addresses according to RFC5321/RFC5322
https://stackoverflow.com/questions/13992403/regex-validation-of-email-addresses-according-to-rfc5321-rfc5322
📑 unknown scripts are running and redirecting on click to unknown websties
https://stackoverflow.com/questions/51064933/unknown-scripts-are-running-and-redirecting-on-click-to-unknown-websties
🖥️ Technical Tip: Blocking and monitoring Tor traffic
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Blocking-and-monitoring-Tor-traffic/ta-p/196239
📊 Analyzing Tor traffic through Deep Packet Inspection?
https://security.stackexchange.com/questions/237082/analyzing-tor-traffic-through-deep-packet-inspection
Relevant xkcd: https://xkcd.com/208/
© All trademarks, logos and brand names are the property of their respective owners.
All company, product and service names used in this website are for identification purposes only.
Use of these names, trademarks and brands does not imply endorsement.
My socials:
Instagram @mattchrobok https://www.instagram.com/mattchrobok/
Twixxer @ChrobokMatt https://twitter.com/ChrobokMatt
Mastodon https://infosec.exchange/@mateuszchrobok
LinkedIn @mateuszchrobok https://www.linkedin.com/in/mateuszchrobok/
TikTok @mattchrobok
Facebook https://www.facebook.com/mattchrobok
Chapters:
00:00 Intro
00:21 The Rrrole of Rrrrouters
02:19 Insides
04:01 Work
06:56 Leak
08:35 Lawfulness
12:20 More?
15:02 What To Do And How To Live?
#data #leak #Surveillance #networking #work

It is worth shedding light on those who want to remain in the shadows at all costs.
Sources:
https://zurl.co/WjBcH
https://zurl.co/sUDXl
#Variston #spyware #UAE #Heliconia

North Korea-aligned DeceptiveDevelopment targets freelance developers.
Sources:
https://zurl.co/d8EZ7
https://zurl.co/fbPlO
#IT #work #recruitment #LinkedIn

🎺  How did the Serbians utilize Israeli software – paid for by the Norwegians via the UN – to spy on Serbian journalists and activists?
Because the Balkans are burning once again. And even though we might be used to that, this time something truly inexplicable happened. Not to be outdone by us, the Serbians got a Pegasus of their own. And „their own” is a key aspect of this whole story.
Sources:
👂 Serbia: Authorities using spyware and Cellebrite forensic extraction tools to hack journalists and activists
https://securitylab.amnesty.org/latest/2024/12/serbia-a-digital-prison-spyware-and-cellebrite-used-on-journalists-and-activists/
👀 Accelerate justice with Cellebrite.
https://cellebrite.com/en/home/
📲 Mobile Verification Toolkit
https://docs.mvt.re/en/latest/
🔐 BFU and AFU Lock States
https://blogs.dsu.edu/digforce/2023/08/23/bfu-and-afu-lock-states/
🗄️ iPhones stored for forensic analysis unexpectedly reboot, causing problems for police
https://appleinsider.com/articles/24/11/07/iphones-stored-for-forensic-analysis-unexpectedly-reboot-causing-problems-for-officials
🐊 KROKODILL. Engaging Words
https://www.krokodil.rs/eng/
🪤 Serbia: Civil society threatened by spyware
https://securitylab.amnesty.org/latest/2023/11/serbia-civil-society-threatened-by-spyware/
👤 Spyware Targeting Against Serbian Civil Society
https://citizenlab.ca/2023/11/serbia-civil-society-spyware/
❗️Spyware in Serbia: civil society under attack
https://www.accessnow.org/spyware-attack-in-serbia/
🚨 SPYWARE ATTACK ATTEMPTS ON MOBILE DEVICES OF MEMBERS OF CIVIL SOCIETY DISCOVERED
https://www.sharefoundation.info/en/spyware-attack-attempts-on-mobile-devices-of-members-of-civil-society-discovered/
📑 Global/India: Apple notifications highlight the unabated threat of unlawful targeted surveillance
https://www.amnesty.org/en/latest/news/2023/10/global-india-apple-notifications-highlight-the-unabated-threat-of-unlawful-targeted-surveillance/
🇷🇸 Treasury Sanctions Official Linked to Corruption in Serbia
https://home.treasury.gov/news/press-releases/jy1606
📣 BIA announcement 16.12.2024https://www.bia.gov.rs/mediji/saopstenja-za-javnost/saopstenje-bia-16-12-2024-godine/
🧾 Cellebrite Statement About Amnesty International Report
https://cellebrite.com/en/cellebrite-statement-about-amnesty-international-report/
Relevant xkcd: https://www.xkcd.com/850/
© All trademarks, logos and brand names are the property of their respective owners.
All company, product and service names used in this website are for identification purposes only.
Use of these names, trademarks and brands does not imply endorsement.
My socials:
Instagram @mattchrobok https://www.instagram.com/mattchrobok/
Twixxer @ChrobokMatt https://twitter.com/ChrobokMatt
Mastodon https://infosec.exchange/@mateuszchrobok
LinkedIn @mateuszchrobok https://www.linkedin.com/in/mateuszchrobok/
TikTok @mattchrobok
Facebook https://www.facebook.com/mattchrobok
Chapters:
00:00 Intro
00:51 Arrest
02:14 Cellebreite
04:33 AFU vs BFU
08:48 Novispy
12:38 Attribution
15:24 Srbija
18:30 The Reaction
20:45 What To Do And How To Live?
#Pegasus #Serbia #Surveillance #politics #NoviSpy

Hegseth orders Cyber Command to stand down on Russia planning.
Sources:
https://zurl.co/fvXHr
https://zurl.co/aQ4Sx
#america #CISA #Trump #russia

Several serious vulnerabilities have been discovered in Paragon Partition Manager.
Sources:
https://zurl.co/zxP0Q
https://zurl.co/PjN0L
#Paragon #Windows #software #driver

The browser which many consider to be the last defender of privacy in a market monopolised by tech giants has changed its terms of service.
Sources:
https://zurl.co/ZeN3M
https://zurl.co/ccBsa
#Firefox #Internet #mozilla #Chrome

New evidence had been obtained on the phone spyware targeting journalists and activists by the Serbian Police.
Sources:
https://zurl.co/jEd2p
https://zurl.co/bgBMU
#Serbia #NoviSpy #Pegasus #spyware

Unfortunately, Elon has been in a different stratosphere for a while now, but he’s still full of surprises.
Sources: https://www.wired.com/story/x-ddos-attack-march-2025/
#elonmusk #Musk #Twitter #DDoS