Search
Items tagged with: security
Ransomware attack leaks nearly every Maine resident's data - Desk Chair Analysts
https://dcanalysts.net/ransomware-attack-leaks-nearly-every-maine-residents-data/
#InfoSec #Maine #MOVEit #Ransomware #Security #TechNews
Ransomware attack leaks nearly every Maine resident's data - Desk Chair Analysts
A few months ago, Maine was hit by a ransomware attack. We are now just learning how bad the attack was for the government and its citizens.MajorLinux (Desk Chair Analysts)
https://gergelykalman.com/no-CVE-batsignal-a-macos-lpe.html #infosec #cybersecurity #security #apple #macos #vulnerability
batsignal (no CVE) - a macOS LPE
UPDATE: A couple hours after publication the Apple Security Changelogs were updated across the board, and they added me to CVE-2022-26704. I knew this was in the works, but it's still good to see.Gergely's hack blog
Does your browser protect you and your data? Test yourself:
https://d3ward.github.io/toolz/adblock.html
#privacy #security #adblocker #malware
Test Ad Block - Toolz
Looking for an easy way to check the efficiency of your ad blocker?Toolz offers a simple and beautiful design test that allows you to quickly and easily test the performance ofcurrent ad/content blocker solution.d3ward.github.io
https://administraitor.video/edition/Hack.lu/2023
#conference #infosec #videos #security
https://ostechnix.com/prevent-ssh-brute-force-attacks-fail2ban-linux/
* Liability should be shifted to those *deploying* Free Software instead of those *developing* Free Software and
* Those who significantly financially benefit from this deployment should make sure the software becomes CE-compliant
https://fsfe.org/news/2023/news-20230719-01.en.html
Cyber Resilience Act & Free Software: Parliament waters down its own position - FSFE
The European Parliament today voted on its position on the Cyber Resilience Act (CRA). While the position improves on the Commission's exemption to protect...FSFE - Free Software Foundation Europe
Tons of Gigabyte motherboards come with a hidden firmware backdoor https://www.pcworld.com/article/1937046/gigabyte-shipped-hundreds-of-motherboard-models-with-a-firmware-backdoor.html
#Gigabyte #Motherboards #Hardware #PC #Firmware #Backdoor #Security #InfoSec #TechNews
Tons of Gigabyte motherboards come with a hidden firmware backdoor
Gigabyte's motherboard backdoor installs software updates from unsecured web servers.Michael Crider (PCWorld)
https://theevilskeleton.gitlab.io/2023/05/11/overview-of-flatpaks-permission-models.html
I noticed that many people criticize Flatpak's security for lacking an #Android-style permission model. This article addresses this (false) information with real-world examples.
I explain the differences between the two permission models in a manner that less technical people can understand.
Huge thanks to @orowith2os for proofreading the article :)
#Flatpak #Linux #GNU #Security #FOSS #OpenSource
Overview of Flatpak’s Permission Models
Flatpak’s permissions can be confusing. Some are technical and need knowledge on how they work, and others are self-explanatory.TheEvilSkeleton
TL;DR: Don't turn it on.
The new update allows users to sign in with their Google Account and sync 2FA secrets across their iOS and Android devices.
We analyzed the network traffic when the app syncs the secrets, and it turns out the traffic is not end-to-end encrypted. As shown in the screenshots, this means that Google can see the secrets, likely even while they’re stored on their servers. There is no option to add a passphrase to protect the secrets, to make them accessible only by the user.
Why is this bad?
Every 2FA QR code contains a secret, or a seed, that’s used to generate the one-time codes. If someone else knows the secret, they can generate the same one-time codes and defeat 2FA protections. So, if there’s ever a data breach or if someone obtains access .... 🧵
#Privacy #Cybersecurity #InfoSec #2FA #Google #Security
