sharan, to security
@sharan@metalhead.club avatar
sjvn, to security
@sjvn@mastodon.social avatar

If all kernel bugs are bugs, how do you keep your Linux safe? https://zdnet.com/article/if-all-kernel-bugs-are-security-bugs-how-do-you-keep-your-linux-safe/ by @sjvn

It's simple, says Jonathan Corbet, LWN editor-in-chief, run only distros that use Long-Term-Support kernels.

br00t4c, to Cameras
@br00t4c@mastodon.social avatar
gerowen, to privacy
@gerowen@mastodon.social avatar

This is why it's important to use good passwords and not plug things like your camera directly into the internet without a router or other hardware firewall in line.

VPN servers are an easy and secure device that takes minutes to set up and would solve a lot of these problems. Many routers even have one built in.

If you have a device that you need to access from the public internet there are secure ways to do so.

#Privacy #Security #Cybersecurity #Censys

https://youtu.be/QPjeTSFhfP4?si=ItFWzLlDZm5W5JaH

vagrantc, to guix
@vagrantc@floss.social avatar

So, a serious issue was discovered in March ... but achieved a near-total eclipse of nearly all other issues...

The security update of guix as packaged in was finally released today!

https://lists.debian.org/debian-security-announce/2024/msg00078.html

I am also pleased to say the official build servers for Debian produced a bit-for-bit identical .deb as my local build on bookworm amd64. Yay yay!

GrapheneOS, to privacy
@GrapheneOS@grapheneos.social avatar

GrapheneOS version 2024042200 released:

https://grapheneos.org/releases#2024042200

See the linked release notes for a summary of the improvements over the previous release.

Forum discussion thread:

https://discuss.grapheneos.org/d/12234-grapheneos-version-2024042200-released

#GrapheneOS #privacy #security

br00t4c, to internet
@br00t4c@mastodon.social avatar

Newsletter: New automatic iPhone feature is a 'security risk'

https://www.dailydot.com/news/daily-dot-newsletter-web-crawlr-04-22-2024/

CEDO, to privacy
@CEDO@mastodon.nl avatar

De neemt afscheid van voor e-mail, chat, telefoon gesprekken en video conferencing:
https://www.techradar.com/pro/the-united-nations-ditches-big-tech-in-a-bid-for-security
Dit vanwege en .
Met BigTech diensten ben je niet in controle over je data, ongeacht de hoeveelheid juridische inlegvelletjes er door , en SLMRijk worden toegevoegd.

smallcircles,
@smallcircles@social.coop avatar

Translation EN:

The #UN says goodbye to #BigTech for email, chat, phone conversations and video conferencing: https://www.techradar.com/pro/the-united-nations-ditches-big-tech-in-a-bid-for-security
This for #privacy and #security considerations.
When using BigTech #cloud services one is not in control of ones own data, regardless of the amount of jurisprudential attachments organisations such as #Sivon, #Surf and SMLRijk add to them.

@CEDO

sjvn, to security
@sjvn@mastodon.social avatar

OpenSSF warns of Open Source Social Engineering Threats - http://DevOps.com https://devops.com/openssf-warns-of-open-source-social-engineering-threats/ by @sjvn

: The XZ attack wasn’t the first, nor will it be the last.

kuketzblog, to security German
@kuketzblog@social.tchncs.de avatar

Politische Überwachungsphantasien, die mit dem Vorwand gerechtfertigt werden, "schlimmste Verbrechen wie den sexuellen Missbrauch von Kindern zu bekämpfen", sind unerträglich.

Wer wirklich etwas für Kinder tun will, engagiert sich im Kampf gegen den Klimawandel, für sichere Schul- und Radwege, für Bildung, gewaltfreie Familien, Chancengleichheit und freie Entfaltungsmöglichkeiten.

Stop this bullshit! 🫵

eugenialoli, to GNOME
@eugenialoli@mastodon.social avatar

WTF? Is on the store ? Apparently it was running in the bg AS IF it was an invincible extension so SystemMonitor/htop would NOT see it as a process. But (also from flatpak store) saw it as it is: an app running on startup! Killing it killed Gnome session! It was also spiking wifi, and was leaking the Gnome gjs service from 4MB RAM to 120MB. Uninstalling fixed the prob

Third party flatpak/snaps should be vetted.

helma, to security Dutch
@helma@mastodon.social avatar

Supergave functie bij ons team Vendor Compliance @SURF Wat houd je tegen om te solliciteren als Technisch Security Specialist in Utrecht?

https://werkenbij.surf.nl/vacatures/vacature-technisch-security-specialist/

kubikpixel, to Cybersecurity German
@kubikpixel@chaos.social avatar

Not quite in my opinion, but an approach to secure smaller companies in their IT application.

»The Complete Small Business Cybersecurity Checklist In 2024:
In today's world of technology, small businesses are at risk of cyber attacks. These attacks can harm the economy and put sensitive information at risk. Small businesses with less than 1,000 employees are affected by 46% of all cyber breaches.«

🔑 https://ostechnix.com/small-business-cybersecurity-checklist/

br00t4c, to Wyze
@br00t4c@mastodon.social avatar
br00t4c, to security
@br00t4c@mastodon.social avatar

Israeli Military Intelligence Chief Resigns Over Role In Failing To Prevent Oct. 7 Attack

https://www.huffpost.com/entry/israel-military-intelligence-chief-resigns_n_66262187e4b04378c08ac810

br00t4c, to security
@br00t4c@mastodon.social avatar

Rarest, strangest, form of Windows saved techie from moment of security madness

#dearreader #security

https://go.theregister.com/feed/www.theregister.com/2024/04/22/who_me/

GrapheneOS, to privacy
@GrapheneOS@grapheneos.social avatar

GrapheneOS version 2024042100 released:

https://grapheneos.org/releases#2024042100

See the linked release notes for a summary of the improvements over the previous release.

Forum discussion thread:

https://discuss.grapheneos.org/d/12219-grapheneos-version-2024042100-released

PrivacyDigest, to security
@PrivacyDigest@mas.to avatar

OpenAI's GPT-4 can real by reading advisories

While some other LLMs appear to flat-out suck

https://www.theregister.com/2024/04/17/gpt4_can_exploit_real_vulnerabilities/

outofcontrol, to security
@outofcontrol@phpc.social avatar

Just hearing about CVE-2024-2961, the glibc #security vulnerability which opens door to PHP attacks? Curious which version of glibc you are using: ldd —version

And will see a line like this:
ldd (Ubuntu GLIBC 2.35-0ubuntu3.7) 2.35

glibc v2.40 is patched and maybe backported to v2.32?

tcurdt, to php
@tcurdt@mastodon.social avatar

CVE-2024-2961 sounds pretty scary.

Supposedly especially problematic for PHP.

Exploit demonstration is scheduled for May.

https://securityonline.info/cve-2024-2961-glibc-vulnerability-opens-door-to-php-attacks-patch-immediately/

Stay safe out there.

davidaugust, to Ukraine
@davidaugust@mastodon.online avatar

Supporting our friends who are protecting us and our friends is a good idea. Glad we are again now.

#Ukraine #russia #UnitedStates #US #UA #security #allies #defense #defence #GlobalSecurity

m0bi13, to microsoft Polish
@m0bi13@pol.social avatar

Za The Register:

"#Microsoft stanowi zagrożenie dla bezpieczeństwa narodowego, twierdzi były dyrektor ds. polityki cybernetycznej Białego Domu.

Przy niewielkiej konkurencji na szczeblu rządowym, gigant #Windows nie ma motywacji, aby zwiększać bezpieczeństwo swoich systemów"

Więcej [EN}:
https://www.theregister.com/2024/04/21/microsoft_national_security_risk/

Dodam od siebie, że dla polskiego bezpieczeństwa narodowego również!

#security #cybersecurity #bezpieczenstwo

Wuzzy, to Software
@Wuzzy@cyberplace.social avatar

After the attack, I have a suggestion for all forges (, , , , etc.):
Have some way to visualize binary files better, including diffs to such files. Cuz now, we have basically nothing except byte counters.
Since they're binary files, it must be as generic as possible. But even some rendering or analysis is better than nothing.

The idea is to expose weird patterns in binary files that could be a sign of an attack.

vmbrasseur, to opensource
@vmbrasseur@social.vmbrasseur.com avatar

"…this study presents prima facie evidence of a positive effect of general #OpenSource software funding on open source software #security."

https://dfrlab.org/2024/04/18/more-money-better-security/

  • All
  • Subscribed
  • Moderated
  • Favorites
  • Leos
  • thenastyranch
  • Backrooms
  • modclub
  • magazineikmin
  • hgfsjryuu7
  • Youngstown
  • slotface
  • Durango
  • everett
  • osvaldo12
  • mdbf
  • kavyap
  • rosin
  • JUstTest
  • DreamBathrooms
  • cisconetworking
  • anitta
  • ethstaker
  • tacticalgear
  • GTA5RPClips
  • khanakhh
  • InstantRegret
  • tester
  • provamag3
  • normalnudes
  • cubers
  • lostlight
  • All magazines