Notices tagged with security, page 2

lnxw48a1 (lnxw48a1@nu.federati.net)'s status on Wednesday, 24-Mar-2021 20:10:19 EDT lnxw48a1

Detecting #curl-pipe-bash from the server-side: https://www.idontplaydarts.com/2016/04/detecting-curl-pipe-bash-server-side/ [www idontplaydarts com]

#security #curl #wget #pipe #bash

In conversation Wednesday, 24-Mar-2021 20:10:19 EDT from nu.federati.net permalink
lnxw48a1 (lnxw48a1@nu.federati.net)'s status on Wednesday, 16-Dec-2020 22:32:37 EST lnxw48a1

https://nu.federati.net/url/278948 [thejournal com]

Schools are now the most targeted segment for ransomware ... make up the majority of all ransomware attacks.

#security #ransomware #k-12 #schools
In conversation Wednesday, 16-Dec-2020 22:32:37 EST from nu.federati.net permalink
Attachments
1. K–12 Has Become the Most Targeted Segment for Ransomware -- THE Journal
  
  from THE Journal
  
  Malicious actors have disrupted remote learning by targeting school systems in their ransomware, malware and DDoS attacks.
lnxw48a1 (lnxw48a1@nu.federati.net)'s status on Monday, 14-Dec-2020 17:42:47 EST lnxw48a1

#Mattermost devs discover unfixable (?) flaws in #Go-Lang library https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/ #security
In conversation Monday, 14-Dec-2020 17:42:47 EST from nu.federati.net permalink
Attachments
1. Coordinated disclosure of XML round-trip vulnerabilities in Go XML
  
  By Juho Nurminen from Mattermost - Open-source collaboration, self-managed or SaaS
  
  Coordinated disclosure of XML round-trip vulnerabilities in Go’s standard library
lnxw48a1 (lnxw48a1@nu.federati.net)'s status on Tuesday, 08-Dec-2020 21:15:44 EST lnxw48a1

US #cybersecurity firm #FireEye discloses breach, theft of tools https://finance.yahoo.com/news/u-cybersecurity-firm-fireeye-discloses-210424354.html [finance yahoo com]

#SEC #security #breach #filing
In conversation Tuesday, 08-Dec-2020 21:15:44 EST from nu.federati.net permalink
Attachments
1. U.S. cybersecurity firm FireEye discloses breach, theft of hacking tools
  
  (Reuters) -FireEye, one of the largest cybersecurity companies in the United States, said on Tuesday that it had been hacked, likely by a government, and that an arsenal of hacking tools used to test the defenses of its clients had been stolen. The hack of FireEye, a company with an array of contracts across the national security space both in the United States and its allies, is among the most significant breaches in recent memory. The FireEye breach was disclosed in a public filing with the Securities and Exchange Commission citing CEO Kevin Mandia.
GeniusMusing (geniusmusing@nu.federati.net)'s status on Tuesday, 08-Dec-2020 20:06:10 EST GeniusMusing

OpenSSL Releases Security Update CISA
https://us-cert.cisa.gov/ncas/current-activity/2020/12/08/openssl-releases-security-update

>OpenSSL has released a security update to address a vulnerability affecting all versions of 1.0.2 and 1.1.1 released before version 1.1.1i. An attacker could exploit this vulnerability to cause a denial-of-service condition.

openssl.org/news/secadv/20201208.txt
https://www.openssl.org/news/secadv/20201208.txt

>EDIPARTYNAME NULL pointer de-reference (CVE-2020-1971)
>======================================================
>
>Severity: High
>
>The X.509 GeneralName type is a generic type for representing different types
>of names. One of those name types is known as EDIPartyName. OpenSSL provides a
>function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME
>to see if they are equal or not. This function behaves incorrectly when both
>GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash
>may occur leading to a possible denial of service attack.
>
>OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes:
>1) Comparing CRL distribution point names between an available CRL and a CRL
> distribution point embedded in an X509 certificate
>2) When verifying that a timestamp response token signer matches the timestamp
> authority name (exposed via the API functions TS_RESP_verify_response and
> TS_RESP_verify_token)
>
>If an attacker can control both items being compared then that attacker could
>trigger a crash.
>...

#OpenSSL #Security #Update

In conversation Tuesday, 08-Dec-2020 20:06:10 EST from nu.federati.net permalink
GeniusMusing (geniusmusing@nu.federati.net)'s status on Tuesday, 08-Dec-2020 12:32:50 EST GeniusMusing

Multiple Embedded TCP/IP Stacks CISA
https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01

>1. EXECUTIVE SUMMARY
>
> CVSS v3 9.8
> ATTENTION: Exploitable remotely/low skill level to exploit
> Vendor: Multiple (open source)
> Equipment: uIP-Contiki-OS, uIP-Contiki-NG, uIP, open-iscsi, picoTCP-NG, picoTCP, FNET, Nut/Net
> Vulnerabilities: Infinite Loop, Integer Wraparound, Out-of-bounds Read, Integer Overflow, Out-of-bounds Write, Improper Input Validation, Improper Null Termination
>
>CISA is aware of a public report, known as “AMNESIA:33” that details vulnerabilities found in multiple open-source TCP/IP stacks. CISA is issuing this advisory to provide early notice of the reported vulnerabilities and identify baseline mitigations for reducing risks to these and other cybersecurity attacks.
>
>The various open-source stacks may be implemented in forked repositories.
>2. RISK EVALUATION
>
>Successful exploitation of these vulnerabilities could allow attackers to corrupt memory, put devices into infinite loops, access unauthorized data, and/or poison DNS cache.
>3. TECHNICAL DETAILS
>3.1 AFFECTED PRODUCTS
>
>The following are affected:
>
> uIP-Contiki-OS (end-of-life [EOL]), Version 3.0 and prior
> uIP-Contiki-NG, Version 4.5 and prior
> uIP (EOL), Version 1.0 and prior
> open-iscsi, Version 2.1.12 and prior
> picoTCP-NG, Version 1.7.0 and prior
> picoTCP (EOL), Version 1.7.0 and prior
> FNET, Version 4.6.3
> Nut/Net, Version 5.1 and prior
>...
#Security

In conversation Tuesday, 08-Dec-2020 12:32:50 EST from nu.federati.net permalink
lnxw48a1 (lnxw48a1@nu.federati.net)'s status on Saturday, 05-Dec-2020 14:42:34 EST lnxw48a1
https://pluralistic.net/2020/12/05/trusting-trust/

> WARNING WARNING WARNING WARNING

> Security researchers are alarmed: the already-notorious Trickbot malware has been spottied probing infected computers to find out which version of UEFI they're running. This is read as evidence that Trickbot has figured out how to pull off a really scary feat.

Source: https://mamot.fr/@pluralistic/105329139472008620

#Security #UEFI #BIOS #TPM #Trusted-Computing

CC: @mangeurdenuage @geniusmusing @musicman

It's a long article, but well worth your time.
In conversation Saturday, 05-Dec-2020 14:42:34 EST from nu.federati.net permalink
Attachments
1. File without filename could not get a thumbnail source.
  
  Pluralistic: 05 Dec 2020
  
  By Cory Doctorow from Pluralistic: Daily links from Cory Doctorow
  
  Pluralistic: 05 Dec 2020
Hypolite Petovan (hypolite@friendica.mrpetovan.com)'s status on Thursday, 03-Dec-2020 14:03:51 EST Hypolite Petovan

No, <website>, I do not want to mark this device as "trusted". I enabled two-factor authentication exactly because I do not trust my devices. #security

In conversation Thursday, 03-Dec-2020 14:03:51 EST from friendica.mrpetovan.com permalink
lnxw48a1 (lnxw48a1@nu.federati.net)'s status on Friday, 20-Nov-2020 18:49:34 EST lnxw48a1

"So you want to get into Infosec?"

https://hackers.town/@thegibson/105243991039588873 Some links to discounted or free training in that thread.

#infosec #security #training #education

In conversation Friday, 20-Nov-2020 18:49:34 EST from nu.federati.net permalink
lnxw48a1 (lnxw48a1@nu.federati.net)'s status on Thursday, 05-Nov-2020 12:03:48 EST lnxw48a1
- aab
@aab has found something to block some traffic from unwanted portscans: https://dodweil.us/security/ufw-fail2ban-portscan.html

#security #NoteToSelf

In conversation Thursday, 05-Nov-2020 12:03:48 EST from nu.federati.net permalink
lnxw48a1 (lnxw48a1@nu.federati.net)'s status on Saturday, 31-Oct-2020 12:32:38 EDT lnxw48a1

#Google discloses #Microsoft #Windows 10 #zero-day vulnerability that is currently being exploited in the wild. Also patched a #Chrome zero-day. https://www.zdnet.com/article/google-discloses-windows-zero-day-exploited-in-the-wild/ [www zdnet com]

#Win10 #security

Patch incoming 2020-11-10, #Patch_Tuesday.
In conversation Saturday, 31-Oct-2020 12:32:38 EDT from nu.federati.net permalink
Attachments
1. Google discloses Windows zero-day exploited in the wild | ZDNet
  
  from ZDNet
  
  Windows zero-day (not yet patched) is used as part of an exploit chain that also includes a Chrome zero-day (already patched).
lnxw48a1 (lnxw48a1@nu.federati.net)'s status on Sunday, 27-Sep-2020 22:43:43 EDT lnxw48a1

FastCompany: Don't share #passwords with your GF or BF until you read this https://www.fastcompany.com/90556503/dont-share-passwords-with-your-gf-or-bf-until-you-read-this [www fastcompany com]

I didn't know people still did this.

#security #relationships
In conversation Sunday, 27-Sep-2020 22:43:43 EDT from nu.federati.net permalink
Attachments
1. Don’t share passwords with your GF or BF until you read this
  
  from Fast Company
  
  Sharing doesn’t end after a breakup: A quarter of respondents in a new survey admitted to using location-sharing apps to check the whereabouts of an ex.
lnxw48a1 (lnxw48a1@nu.federati.net)'s status on Tuesday, 22-Sep-2020 21:57:14 EDT lnxw48a1

Chinese antivirus firm part of malware / ransomware group https://krebsonsecurity.com/2020/09/chinese-antivirus-firm-was-part-of-apt41-supply-chain-attack/ #security

In conversation Tuesday, 22-Sep-2020 21:57:14 EDT from nu.federati.net permalink
Ute Hauth (miradlo@pirati.ca)'s status on Wednesday, 02-Sep-2020 09:06:51 EDT Ute Hauth

♲ @golem@squeet.me:
Trotz Cloud Act: Telefónica/O2 vertraut sein 5G-Kernnetz Amazon an - Golem.de
Der Mobilfunkbetreiber Telefónica Deutschland setzt bei seinem 5G-Kernnetz auf Server in Deutschland. Doch der Betreiber ist Amazon aus den USA.
Trotz Cloud Act: Telefónica/O2 vertraut sein 5G-Kernnetz Amazon an - Golem.de https://www.golem.de/news/trotz-cloud-act-telefonica-o2-vertraut-sein-5g-kernnetz-amazon-an-2009-150632.html
#AWS #Datenschutz #Datensicherheit #MarkusHaas #Privatsphäre #WebService #Server #Microsoft #Internet #Security
In conversation Wednesday, 02-Sep-2020 09:06:51 EDT from pirati.ca permalink
Attachments
1. Trotz Cloud Act: Telefónica/O2 vertraut sein 5G-Kernnetz Amazon an - Golem.de
  
  Der Mobilfunkbetreiber Telefónica Deutschland setzt bei seinem 5G-Kernnetz auf Server in Deutschland. Doch die gehören Amazon aus den USA.
Dr. Roy Schestowitz (罗伊) (schestowitz@pleroma.site)'s status on Sunday, 30-Aug-2020 05:09:33 EDT Dr. Roy Schestowitz (罗伊)
- Dr. Roy Schestowitz (罗伊)
#clownComputing = #security is already compromised completely https://translate.google.com/translate?depth=1&hl=en&prev=search&rurl=translate.google.co.uk&sl=de&u=https://www.heise.de/news/CCC-hackt-digitale-Corona-Liste-mit-87-000-Eintraegen-4881198.html see e.g. http://techrights.org/2019/07/20/slack-is-dead/
In conversation Sunday, 30-Aug-2020 05:09:33 EDT from pleroma.site permalink
Attachments
1. Slack Committed a Very Major Crime That Can Cost Many Billions If Not Trillions in Damages for Years to Come
  
  from Techrights
  
  The inevitable has happened to Slack, which no longer deserves to exist as a company; moreover, the people who ran the company must be held criminally accountable
Dr. Roy Schestowitz (罗伊) (schestowitz@pleroma.site)'s status on Saturday, 29-Aug-2020 23:16:23 EDT Dr. Roy Schestowitz (罗伊)
- Dr. Roy Schestowitz (罗伊)
#BleepingComputer is an anti- #gnu #linux site. Whenever it mentions "LINUX" it's an attack (a #security FUD angle usually), now #microsoft EEE against it! "How to run Linux programs from a Windows 10 command prompt"

In conversation Saturday, 29-Aug-2020 23:16:23 EDT from pleroma.site permalink
Dr. Roy Schestowitz (罗伊) (schestowitz@pleroma.site)'s status on Friday, 28-Aug-2020 22:54:02 EDT Dr. Roy Schestowitz (罗伊)
- Dr. Roy Schestowitz (罗伊)
#Security and FUD (Fear, Uncertainty, Doubt) Leftovers http://www.tuxmachines.org/node/141501 #fud #freesw #gnu #linux

In conversation Friday, 28-Aug-2020 22:54:02 EDT from pleroma.site permalink
Dr. Roy Schestowitz (罗伊) (schestowitz@pleroma.site)'s status on Friday, 28-Aug-2020 21:35:44 EDT Dr. Roy Schestowitz (罗伊)
- Dr. Roy Schestowitz (罗伊)
That's not even counting the deliberate #backdoors , as the goal seems to be #remoteaccess for spies rather than real #security (and they've become shameless about this) https://www.darkreading.com/vulnerabilities---threats/vulnerability-volume-poised-to-overwhelm-infosec-teams/d/d-id/1338776
In conversation Friday, 28-Aug-2020 21:35:44 EDT from pleroma.site permalink
Attachments
1. Vulnerability Volume Poised to Overwhelm Infosec Teams
  
  from Dark Reading
  
  The collision of Microsoft and Oracle patches on the same day has contributed to risk and stress for organizations.
Dr. Roy Schestowitz (罗伊) (schestowitz@pleroma.site)'s status on Friday, 28-Aug-2020 11:19:26 EDT Dr. Roy Schestowitz (罗伊)
- Dr. Roy Schestowitz (罗伊)
● NEWS ● #TechDirt #Bridgefy ☞ Bridgefy , A Messaging App Hyped As Great For Protesters, Is A #Security Mess https://www.techdirt.com/articles/20200825/07384045173/bridgefy-messaging-app-hyped-as-great-protesters-is-security-mess.shtml
In conversation Friday, 28-Aug-2020 11:19:26 EDT from pleroma.site permalink
Attachments
1. Bridgefy, A Messaging App Hyped As Great For Protesters, Is A Security Mess
  
  from Techdirt.
  
  Over the last year Bridgefy, a messaging app developed by Twitter cofounder Biz Stone, has been heavily promoted as just perfect for those trying to stand up to oppressive, authoritarian governments. The reason: the app uses both Bluetooth and mesh...
Dr. Roy Schestowitz (罗伊) (schestowitz@pleroma.site)'s status on Friday, 28-Aug-2020 09:01:01 EDT Dr. Roy Schestowitz (罗伊)
- Dr. Roy Schestowitz (罗伊)
#Security Leftovers http://www.tuxmachines.org/node/141468

In conversation Friday, 28-Aug-2020 09:01:01 EDT from pleroma.site permalink

After
Before

Public

Notices tagged with security, page 2

Trotz Cloud Act: Telefónica/O2 vertraut sein 5G-Kernnetz Amazon an - Golem.de