What should I do if I find a suspicious device in public space?

This question is partially inspired by this video.

In case I find a suspicious device somewhere in a public space. What should I do with the device?

  • Take the device I’ve found to my home/lab to analyze it (I’d like to)
  • Hand it to the authority responsible for the area
  • Leave it alone and report to the authority

I’d assume it’s best to hand it to the authority, but again, should I take the device to them?

Google suspicious activity warning persists for 4 days despite my saying I recognize it, does this indicate additional security issue?

I had a google suspicious activity warning four days ago triggered by logging in from a location I don’t use often. I accepted the offer to view the activity and acknowledged that I recognized it. This normally makes the warning go away.

However in this instance every time I log back in over the last four days, I get a red warning bar at the top of a signed-in google page.

warning

When I click Review your recent activity I get the critical security alert box grayed out with a white box over it saying “You’ve already replied that you recognize this activity” followed by two options Change reply and OK.

Of course I click “OK” every time because I do not want to change my reply and lock my account.

QUESTION: Does this behavior indicate that there is a further security issue that I’m unaware of? What would happen if I instead clicked Change reply? Right now I have two-factor turned off so I’m very concerned about getting locked out. Are there any further problems that I could look for somehow?

  • macOS & Chrome incognito mode

I should note that in the last weeks I received two dialogues from google when initiating a search, to verify that I was not a robot, due to “unusual traffic from (my) computer network”. (also shown below)

That happened at a shared WiFi connection using a DSL line.


warning

warning

Suspicious SMTP server client activity – non-ASCII queries

I’ve noticed some strange activities from some remote host connected to our SMTP mail server. Queries contains non-ASCII characters, below is the copy of one of them (to each query our server responded with “command not implemented”):

..._)....pz4.H.T7.&...4..rШ./.+.... ..

The hex representation is:

20 00 00 00 5F 29 00 00 00 00 70 7A 34 00 48 00 54 37 00 26 00 00 00 34 00 00 72 D8 00 2F 00 2B 00 00 00 00 20 20 20 20 00 00 

What is the goal of such queries? Is this some kind of security attack / searching for “black doors” or something?

MacBook Pro 2017 suspicious data logs that I don’t know what they mean and think its a spying app

my Boyfriend is a computer programmer and a really good one and like the best in texas and i ask him but if he is monitoring me then of couerse he wouldnt tell me the correct answer so my question are alot but will only ask a few . so what are proxies and what does bypass proxie mean i know some of what it is but dont know what to look for or what are red flag as far as the words in the coding. so anyone with info on what shoiuld i look for and as well as what to look for when i look at the data and logs and specisfic words in coding lingo. thank you so much and i appreciate it.. enter image description here

Firewall can detect suspicious file over HTTPS

A firewall/router can intercept HTTPS traffic, analyse it and detect suspicious file download for example. From my understanding, it is acting as a proxy and/or a MITM device.

If it is capable of doing this, ISPs, Governments or whoever can read HTTPS traffic, right?

That’s my first concern. The second one is how firewalls can do that? As it’s not required to install any certificate from the device on a PC.

Suspicious Port Scan [on hold]

Yesterday i got a Bitdefender Notification that a Port Scan has been Detected and Blocked from the Private IP-Address “192.168.2.21”. I have never seen that Notification and scanned my Network with nmap to see what device that Address belongs to. I figured out that it was the iPad from my father which at the time was used by no one.

So my question is what App/Program could have caused that Port Scan without user interaction and should i be worried?