securepaul, 2 days ago to random

A bit later than usual, and perhaps not very exciting this time around, but here are the LSM, SELinux, and audit* highlights from the Linux v6.10 merge window.

https://paul-moore.com/blog/d/2024/05/linux_v610_merge_window.html

#lsm #selinux #audit

kuketzblog, 6 days ago to firefox German

Firefox: Weshalb man LibreWolf und andere Forks bevorzugen sollte. 👇

https://www.kuketz-blog.de/firefox-weshalb-man-librewolf-und-andere-forks-bevorzugen-sollte/

#firefox #mozilla #librewolf #fennec #mull #browser #datenschutz #privacy #android #audit #dsgvo #tdddg

br00t4c, 13 days ago to random

The council debt crisis is of the government's own making

#audit #council

https://www.newstatesman.com/spotlight/2024/05/the-council-debt-crisis-is-of-the-governments-own-making

br00t4c, 15 days ago to random

'Big four' accountancy firms PwC and EY fined over LC&F audit failures

#audit #capital

https://www.theguardian.com/business/article/2024/may/07/big-four-accountancy-firms-pwc-and-ey-fined-over-lcf-audit-failures

br00t4c, 15 days ago to random

Border officers relied on outdated intel to decide whether to search incoming vessels, audit warns

#audit #canadian

https://www.cbc.ca/news/politics/cbsa-audit-marine-ports-humans-goods-1.7191621?cmp=rss

br00t4c, 16 days ago to random

Number of antisemitic incidents reached record high in 2023, says B'nai Brith Canada audit

#antisemitic #audit

https://www.cbc.ca/news/politics/bnai-brith-antisemitic-report-record-high-1.7195197?cmp=rss

ErikJonker, 21 days ago to ai

For people in the field of algorithms, AI, auditing etc.
"Law and the Emerging Political Economy of Algorithmic Audits"
(preprint)
https://osf.io/preprints/lawarchive/xvqz7
#AI #Audit #algorithms #Law

br00t4c, 1 month ago to random

Critical Audit of California's Efforts to Reduce Homelessness Has Silver Linings

#audit #state

https://capitalandmain.com/critical-audit-of-californias-efforts-to-reduce-homelessness-has-silver-linings

br00t4c, 1 month ago to Arkansas

Arkansas Government Questioned About $19,000 Lectern Purchase

#arkansas #audit

https://www.theonion.com/arkansas-government-questioned-about-19-000-lectern-pu-1851420418

br00t4c, 1 month ago to random

Driven by Israel-Gaza war, antisemitism in U.S. reached an unprecedented high in 2023

#audit #gaza

https://www.haaretz.com/us-news/2024-04-16/ty-article/.premium/driven-by-israel-gaza-war-antisemitism-in-u-s-reached-an-unprecedented-high-in-2023/0000018e-e5b5-de97-a5bf-f5f5966e0000

IHI, 1 month ago to hiring

📢#NewJobAlert: Could you be our next colleague? IHI is #hiring an administrative assistant & an ex-post control & #RiskManagement officer! If you're looking for the next step in your #ProjectManagement or #Audit career, this might be for you. More info: https://europa.eu/!Jc6g3b

br00t4c, 1 month ago to random

JK Rowling, gender critical U.K. groups cheer release of Cass Review--as activists push back

#audit #jkrowling

https://www.dailydot.com/debug/cass-review-uk/

daieuxetdailleurs, 1 month ago to random French

Et qué s'appelerio #IGAS, #IGESR, #IGAC, #IGA...
#CabinetsDeConseil #audit #fonctionpublique #conseil

securepaul, 2 months ago to random

The Linux v6.9 merge window opened earlier this week, here is my write-up on the LSM, SELinux, and audit highlights that were merged into Linus' tree.

https://paul-moore.com/blog/d/2024/03/linux_v69_merge_window.html

#lsm #selinux #audit

br00t4c, 2 months ago to random

FAA Audit of Boeing's 737 Max Production Found Dozens of Issues

#audit #faa

https://news.slashdot.org/story/24/03/12/1837214/faa-audit-of-boeings-737-max-production-found-dozens-of-issues

br00t4c, 2 months ago to random

Former NSW government accused of 'pork barrelling at public's expense' after scathing audit

#audit #post

https://www.theguardian.com/australia-news/2024/feb/28/former-nsw-government-accused-pork-barrelling-audit-covid-19-pandemic

argosopentech, 2 months ago to random

I’ve had a few people reach out to me to ask how secure Argos Translate is.

I try to take security seriously; but of course all software has bugs. To my knowledge, to date, no one has found a serious security vulnerability in Argos Translate or LibreTranslate. It’s probably inevitable though that ArgosTranslate/LibreTranslate or one of it’s dependencies will have a security vulnerability at some point.

https://community.libretranslate.com/t/argos-translate-security/974

br00t4c, 2 months ago to random

Infrastructure projects 'GBP2.5bn more than planned'

#audit #infrastructure

https://www.bbc.co.uk/news/uk-northern-ireland-68405234

vansari, 2 months ago to php German

Do you use the composer audit option in your CI/CD Pipeline and if so how do you use it?

I have implemented it very simple and all security vulnerabilities and abandoned packages must be fixed before the pipeline continues. The reason is that we don’t want this issues in our production code anymore.

#php #composer #audit #pipeline

bagder, 2 months ago to security

#curl HTTP/3 #security #audit

Performed by Trail of Bits. They found things to fix but nothing critical and no security flaws.

https://daniel.haxx.se/blog/2024/02/23/curl-http-3-security-audit/

mattotcha, 3 months ago to China

China conducts first nationwide review of retractions and research misconduct
https://www.nature.com/articles/d41586-024-00397-x #china #national #audit #Review #retractions #misconduct #universities #journals

br00t4c, 3 months ago to random

'Incredibly disturbing': calls for audit of out-of-home care providers after court hears Aboriginal baby's aunt refused as carer due to same-sex relationship

#aboriginal #audit

https://www.theguardian.com/australia-news/2024/feb/10/calls-for-audit-of-out-of-home-care-providers-after-aboriginal-babys-aunt-refused-as-carer-due-to-same-sex-relationship

nono2357, 3 months ago to random

#Tor #Code #Audit Finds 17 #Vulnerabilities
https://www.securityweek.com/tor-code-audit-finds-17-vulnerabilities/

securepaul, 4 months ago to random

A bit later than usual due to some personal travel earlier this week (Go Blue!), but here is my write-up on the SELinux and audit highlights from the Linux v6.8 merge window. As a bonus, I'm also going to start including LSM layer highlights as we've got some cool new things starting with Linux v6.8 :)

https://paul-moore.com/blog/d/2024/01/linux_v68_merge_window.html

#lsm #selinux #audit

krlaboratories, 4 months ago to Cybersecurity Ukrainian

ДЕЩО ПРО МЕРЕЖЕВІ З'ЄДНАННЯ WHATSAPP...

Приклад того як мобільний додаток WhatsApp Messenger лізе на нестандартні (5022) і незахищені (80) мережеві порти (в ідеалі має бути лише 443).

З'єднання відбуваються з інфраструктури Facebook і серверів Amazon.

З tcp 5022 впринципі зрозуміло - це XMPP, тобто Джаббер (завдяки якому WhatsApp такий швидкий в плані миттєвого обміну повідомленнями - https://isc.sans.edu/data/port/5222). А от 80-й, незахищений порт, навіщо? Про нього в довідці щось нічого не сказано: https://developers.facebook.com/docs/whatsapp/guides/network-requirements/

Цікаво, що деякі з цих IP-адрес мають шкідливі індикатори і б'ються по VirusTotal... Де гарантія того, що через них не пролізе бекдор...? Ми, звичайно, відфільтруємо подібні з'єднання фаєрволом і зашифруємось vpn'ом. А звичайний користувач? У нього усі "брами" відкриті по дефолту...

Виявляється, в інтернеті є мапа індикаторів, які були якось пов'язані з WhatsApp: https://www.virustotal.com/graph/embed/gc884e1c5d9b84730b3b00a90f2f4a73cc145436e48ae438794e2a7dd053993a1

Ось так, ведемо слідство над WhatsApp, щоб знати що поробляє жук Цук за спиною юзера... )

Далі буде.

#whatsapp #reverse #cybersecurity #messenger #messengers #audit #webappsec #appsec #network #networksecurity #networkintelligence #threatintel

image/png
image/png
image/jpeg