Just a reminder, #centralising #security is a super shitty idea: https://krebsonsecurity.com/2023/09/expe.. #lastpass experienced a #breach where 25 #million #users had #passwords #exposed . There already appears to be $35 #million in #crypto #stolen as a result.
Very good work by #benjojo on #bgp #security #issues https://blog.benjojo.co.uk/post/bgp-path.. I think we can expect large #dos and #ddos #cyber #attacks soon! Turns out that the #isp #bgp #routing is crazy bad!
The #us finally #bans #equipement from #huawei and #zte over #national #security #concerns https://www.barrons.com/articles/u-s-ban.. This includes #telecommunications and #surveillance #products , which include #phones , #cameras , #wifi #routers and more. It's about time - we have known for a long time that #china 's #ccp are both #hostile and in control of these #tech #companies .
Really interesting #ransomware #hack , then #hack of the #hack https://krebsonsecurity.com/2022/11/rese.. It turns out that they messed up their #crypto #security https://blog.unit221b.com/dont-read-this..
#infosys #leaked important #aws #credentials on #pypi for over a year, despite being a " #security " #company https://tomforb.es/infosys-leaked-fullad..
Turns out if you are seeing #scans from the #ip range 18.171.7.246 or 35.177.10.231, the it could be the #uk #government https://lowendbox.com/blog/getting-scans.. Whilst I like the #uk #government being more #proactive in #syber #security , it feels that #politics will lead to this also being used to #exploit #vulnerable #servers too. The #temptation will be too much for these people, knowing they could gain access to important services.
I suspect #mastercard are #overstating the #security of their #creditcards by stating that they are #secure against #quantum #attacks , given that there is no known #algorithm to #secure agaisnt these #attacks https://hackaday.com/2022/10/25/masterca.. I suspect a #time -based or #mutating #onetimepad could be the way forwards to #secure against such attacks. I did come up with an #algorithm many years ago... But never pushed it.
Pretty interesting. The #cpu #speculative #computing that #intel and #amd had *massive* #security #issues with recently seems to be #redundant with some better #designed #cpu #architecture that better handles some #edgecases https://www.cs.cmu.edu/afs/cs/academic/c.. This could be a way forward for both #companies , and potentially something for #arm to look at!
Pretty crazy #openssl #heartbleed #security #patch #inbound that affects pretty much everything, including #tor https://xeiaso.net/blog/openssl-3.x-secv.. Jesus this will be bad. Tonnes of #embedded and #longterm #systems have zero possibility of #upgrading ...
#google are apparently working on a new #os called #katos which is supposed to be focussed on #security https://www.phoronix.com/news/Google-Kat.. Apparently it is built on #rust and a #microkernel . Let's see where it goes. It's not entirely clear to me just yet exactly what they intend to do with this, so it may be dead in the water before it even starts.
Apparently the #eu is now taking #energy #security much more seriously after spotting #drones near other #energy #infrastructure at #sea https://www.zerohedge.com/geopolitical/f..
Pretty good #article on #mfa #security and #notifications https://xeiaso.net/blog/push-2fa-conside.. I'm really not sold on MFA being the answer here. It's cumbersome and encourages people to #bypass it. To #login to some of my #accounts , I need receive three phone calls. I never check the #number and just do the #operations of the #keypad without #listening . I even thought about #scripting this process.
So #patreon laid off their entire #security #team , for reasons unknown, and yet people are already trying to get them re- #employed https://twitter.com/wbm312/status/156797.. One person has said to pump the brakes on anti Patreon actions, simply because it will affect them #financially https://xeiaso.net/blog/patreon-happenin.. #caution is good, but this comes from a #selfish place.
At some point I will eventually get around to #replacing #deadsocial with a #version written in C. I have most of the #libraries #written now and even have some #compelling #security #ideas now. I am still yet to #solve some basic #issues such as #anonymous #comments for non- #users , but I get there slowly.
#germany apparently looking at another #mask #mandate for #covid https://www.zerohedge.com/political/germ.. Insanity. As if they haven't got bigger problems right now, like #energy #security https://climatechangedispatch.com/german.. Hopefully they #reconsider #nuclear #power like I suggest months ago.
#china 's #ccp have got #upset about the #eu pointing them out as a #security #threat https://www.zerohedge.com/geopolitical/b.. *Bare in mind* - #china and #russia just performed #joint #operations by #circling #japan with their #navy #military .