Federati Nu: Federated N-series GNU Socialsecurity
https://nu.federati.net/tag/security/rss
Updates tagged with security on Federati Nu: Federated N-series GNU Social!lnxw48a1: UK election registry breached from 2021 onward. https://www.bbc.co.uk/news/uk-politics-66441010 [www bbc co uk] #security
https://nu.federati.net/notice/3428577
lnxw48a1's status on Tuesday, 08-Aug-2023 17:50:18 UTCUK election registry breached from 2021 onward. <a href="https://www.bbc.co.uk/news/uk-politics-66441010" title="https://www.bbc.co.uk/news/uk-politics-66441010" rel="nofollow external noreferrer" class="attachment" id="attachment-291231">https://www.bbc.co.uk/news/uk-politics-66441010</a> [www bbc co uk] <br /> <br /> #<span class="tag"><a href="https://nu.federati.net/tag/security" rel="tag">security</a></span>2023-08-08T17:50:18+00:00LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}lnxw48a1: Tenable CEO slams #Microsoft for not being transparent and fast to act on #Azure #Active_Directory #security holes https://nu.federati.net/url/291175 [www databreachtoday com]
https://nu.federati.net/notice/3428388
lnxw48a1's status on Thursday, 03-Aug-2023 18:35:45 UTCTenable CEO slams #<span class="tag"><a href="https://nu.federati.net/tag/microsoft" rel="tag">Microsoft</a></span> for not being transparent and fast to act on #<span class="tag"><a href="https://nu.federati.net/tag/azure" rel="tag">Azure</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/activedirectory" rel="tag">Active_Directory</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/security" rel="tag">security</a></span> holes <a href="https://www.databreachtoday.com/tenable-ceo-slams-microsoft-for-failing-to-quickly-patch-bug-a-22719" title="https://www.databreachtoday.com/tenable-ceo-slams-microsoft-for-failing-to-quickly-patch-bug-a-22719" rel="nofollow external noreferrer" class="attachment" id="attachment-291175">https://nu.federati.net/url/291175</a> [www databreachtoday com]2023-08-03T18:35:45+00:00LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}lnxw48a1: #US Senator: #Microsoft negligent in #security #breach that affected Syate Dept., #USDOJ and rest of #USGovt should hold them accountable. https://nu.federati.net/url/291129 [arstechnica com]
https://nu.federati.net/notice/3428251
lnxw48a1's status on Monday, 31-Jul-2023 02:14:30 UTC#<span class="tag"><a href="https://nu.federati.net/tag/us" rel="tag">US</a></span> Senator: #<span class="tag"><a href="https://nu.federati.net/tag/microsoft" rel="tag">Microsoft</a></span> negligent in #<span class="tag"><a href="https://nu.federati.net/tag/security" rel="tag">security</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/breach" rel="tag">breach</a></span> that affected Syate Dept., #<span class="tag"><a href="https://nu.federati.net/tag/usdoj" rel="tag">USDOJ</a></span> and rest of #<span class="tag"><a href="https://nu.federati.net/tag/usgovt" rel="tag">USGovt</a></span> should hold them accountable. <a href="https://arstechnica.com/security/2023/07/us-senator-blasts-microsoft-for-negligent-cybersecurity-practices/" title="https://arstechnica.com/security/2023/07/us-senator-blasts-microsoft-for-negligent-cybersecurity-practices/" rel="nofollow external noreferrer" class="attachment" id="attachment-291129">https://nu.federati.net/url/291129</a> [arstechnica com]2023-07-31T02:14:30+00:00LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}lnxw48a1: #Security #Microsoft_365 breached by #China See thread starting at https://cyberplace.social/@GossiTheDog/110700908976946435 ... https://cyberplace.social/@GossiTheDog/110702046297147809 > For anybody interested - the “acquired Microsoft account (MSA) consumer signing key” used in this must have come from inside Microsoft’s internal network. -- https://cyberplace.social/@GossiTheDog/110702228469010595 Includes the following links: * https://nu.federati.net/url/290987 [msrc microsoft com] * https://nu.federati.net/url/290988 [edition cnn com] * https://nu.federati.net/url/290989 [www cisa gov | pdf] * https://www.wsj.com/articles/chinese-hackers-spied-on-state-department-13a09f03 [www wsj com] #US_Govt #Microsoft #MSFT #Azure #Office_365 #penetration #Outlook #Exchange #cloud
https://nu.federati.net/notice/3427607
lnxw48a1's status on Wednesday, 12-Jul-2023 22:42:34 UTC#<span class="tag"><a href="https://nu.federati.net/tag/security" rel="tag">Security</a></span> <br /><br /> #<span class="tag"><a href="https://nu.federati.net/tag/microsoft365" rel="tag">Microsoft_365</a></span> breached by #<span class="tag"><a href="https://nu.federati.net/tag/china" rel="tag">China</a></span><br /><br /> See thread starting at <a href="https://cyberplace.social/@GossiTheDog/110700908976946435" title="https://cyberplace.social/@GossiTheDog/110700908976946435" rel="nofollow noreferrer" class="attachment">https://cyberplace.social/@GossiTheDog/110700908976946435</a> ... <a href="https://cyberplace.social/@GossiTheDog/110702046297147809" title="https://cyberplace.social/@GossiTheDog/110702046297147809" rel="nofollow noreferrer" class="attachment">https://cyberplace.social/@GossiTheDog/110702046297147809</a><br /><br /> > For anybody interested - the “acquired Microsoft account (MSA) consumer signing key” used in this must have come from inside Microsoft’s internal network. -- <a href="https://cyberplace.social/@GossiTheDog/110702228469010595" title="https://cyberplace.social/@GossiTheDog/110702228469010595" rel="nofollow noreferrer" class="attachment">https://cyberplace.social/@GossiTheDog/110702228469010595</a> <br /><br /> Includes the following links: <br /><br /> * <a href="https://msrc.microsoft.com/blog/2023/07/microsoft-mitigates-china-based-threat-actor-storm-0558-targeting-of-customer-email/" title="https://msrc.microsoft.com/blog/2023/07/microsoft-mitigates-china-based-threat-actor-storm-0558-targeting-of-customer-email/" rel="nofollow noreferrer" class="attachment">https://nu.federati.net/url/290987</a> [msrc microsoft com] <br /><br /> * <a href="https://edition.cnn.com/2023/07/12/politics/china-based-hackers-us-government-email-intl-hnk/index.html" title="https://edition.cnn.com/2023/07/12/politics/china-based-hackers-us-government-email-intl-hnk/index.html" rel="nofollow noreferrer" class="attachment">https://nu.federati.net/url/290988</a> [edition cnn com] <br /><br /> * <a href="https://www.cisa.gov/sites/default/files/2023-07/aa23-193a_joint_csa_enhanced_monitoring_to_detect_apt_activity_targeting_outlook_online.pdf" title="https://www.cisa.gov/sites/default/files/2023-07/aa23-193a_joint_csa_enhanced_monitoring_to_detect_apt_activity_targeting_outlook_online.pdf" rel="nofollow noreferrer" class="attachment">https://nu.federati.net/url/290989</a> [www cisa gov | pdf] <br /><br /> * <a href="https://www.wsj.com/articles/chinese-hackers-spied-on-state-department-13a09f03" title="https://www.wsj.com/articles/chinese-hackers-spied-on-state-department-13a09f03" rel="nofollow noreferrer" class="attachment">https://www.wsj.com/articles/chinese-hackers-spied-on-state-department-13a09f03</a> [www wsj com]<br /><br /> #<span class="tag"><a href="https://nu.federati.net/tag/usgovt" rel="tag">US_Govt</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/microsoft" rel="tag">Microsoft</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/msft" rel="tag">MSFT</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/azure" rel="tag">Azure</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/office365" rel="tag">Office_365</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/penetration" rel="tag">penetration</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/outlook" rel="tag">Outlook</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/exchange" rel="tag">Exchange</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/cloud" rel="tag">cloud</a></span>2023-07-12T22:42:34+00:00LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}lnxw48a1: Seen via @clacke: https://nondeterministic.computer/@mjg59/110216984788495049 > If you installed a Linux system with disk encryption more than a couple of years ago, there's a decent chance it's using a weak key derivation function and someone who cares enough would be in a position to brute-force it. https://mjg59.dreamwidth.org/66429.html has more details and instructions on how to update to a better KDF. #Linux #LUKS #security #encryption #privacy
https://nu.federati.net/notice/3424073
lnxw48a1's status on Tuesday, 18-Apr-2023 04:19:31 UTCSeen via @<a href="https://libranet.de/profile/clacke" class="h-card u-url p-nickname mention" title="clacke: seeking 🇸🇪🇭🇰💙💛">clacke</a>: <br /><br /><a href="https://nondeterministic.computer/@mjg59/110216984788495049" title="https://nondeterministic.computer/@mjg59/110216984788495049" rel="nofollow noreferrer" class="attachment">https://nondeterministic.computer/@mjg59/110216984788495049</a> <br /><br /> > If you installed a Linux system with disk encryption more than a couple of years ago, there's a decent chance it's using a weak key derivation function and someone who cares enough would be in a position to brute-force it. <a href="https://www.dreamwidth.org/captcha?returnto=https://mjg59.dreamwidth.org/66429.html" title="https://www.dreamwidth.org/captcha?returnto=https://mjg59.dreamwidth.org/66429.html" rel="nofollow noreferrer" class="attachment">https://mjg59.dreamwidth.org/66429.html</a> has more details and instructions on how to update to a better KDF. <br /><br /> #<span class="tag"><a href="https://nu.federati.net/tag/linux" rel="tag">Linux</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/luks" rel="tag">LUKS</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/security" rel="tag">security</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/encryption" rel="tag">encryption</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/privacy" rel="tag">privacy</a></span>2023-04-18T04:19:31+00:00LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}lnxw48a1: School district data breach involves student data, but law does not require notification https://infosec.exchange/@PogoWasRight/110005462926344518 https://nu.federati.net/url/289870 [www databreaches net] #security #ransomware #security_breach
https://nu.federati.net/notice/3422678
lnxw48a1's status on Sunday, 12-Mar-2023 05:49:24 UTCSchool district data breach involves student data, but law does not require notification <a href="https://infosec.exchange/@PogoWasRight/110005462926344518" title="https://infosec.exchange/@PogoWasRight/110005462926344518" rel="nofollow noreferrer" class="attachment">https://infosec.exchange/@PogoWasRight/110005462926344518</a> <br /><br /><a href="https://www.databreaches.net/highly-sensitive-files-from-berkeley-county-schools-dumped-by-ransomware-gang/" title="https://www.databreaches.net/highly-sensitive-files-from-berkeley-county-schools-dumped-by-ransomware-gang/" rel="nofollow noreferrer" class="attachment">https://nu.federati.net/url/289870</a> [www databreaches net] <br /><br /> #<span class="tag"><a href="https://nu.federati.net/tag/security" rel="tag">security</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/ransomware" rel="tag">ransomware</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/securitybreach" rel="tag">security_breach</a></span>2023-03-12T05:49:24+00:00LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}lnxw48a1: #Ubuntu #security notice: #Emacs flaw allows code execution. https://ubuntu.com/security/notices/USN-5781-1 [ubuntu com]
https://nu.federati.net/notice/3417904
lnxw48a1's status on Wednesday, 14-Dec-2022 22:35:42 UTC#<span class="tag"><a href="https://nu.federati.net/tag/ubuntu" rel="tag">Ubuntu</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/security" rel="tag">security</a></span> notice: #<span class="tag"><a href="https://nu.federati.net/tag/emacs" rel="tag">Emacs</a></span> flaw allows code execution. <a href="https://ubuntu.com/security/notices/USN-5781-1" title="https://ubuntu.com/security/notices/USN-5781-1" rel="nofollow external noreferrer" class="attachment" id="attachment-288936">https://ubuntu.com/security/notices/USN-5781-1</a> [ubuntu com]2022-12-14T22:35:42+00:00LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}lnxw48a1: #Mastodon issue for #activitypub-troll denial-of-service vulnerability. https://github.com/mastodon/mastodon/issues/21977 with 2 pull requests. https://github.com/mastodon/mastodon/pull/22025 and https://github.com/mastodon/mastodon/pull/22026 #security
https://nu.federati.net/notice/3416703
lnxw48a1's status on Monday, 05-Dec-2022 03:15:33 UTC#<span class="tag"><a href="https://nu.federati.net/tag/mastodon" rel="tag">Mastodon</a></span> issue for #<span class="tag"><a href="https://nu.federati.net/tag/activitypubtroll" rel="tag">activitypub-troll</a></span> denial-of-service vulnerability. <a href="https://github.com/mastodon/mastodon/issues/21977" title="https://github.com/mastodon/mastodon/issues/21977" rel="nofollow external noreferrer" class="attachment" id="attachment-288801">https://github.com/mastodon/mastodon/issues/21977</a> with 2 pull requests. <a href="https://github.com/mastodon/mastodon/pull/22025" title="https://github.com/mastodon/mastodon/pull/22025" rel="nofollow external noreferrer" class="attachment" id="attachment-288802">https://github.com/mastodon/mastodon/pull/22025</a> and <a href="https://github.com/mastodon/mastodon/pull/22026" title="https://github.com/mastodon/mastodon/pull/22026" rel="nofollow external noreferrer" class="attachment" id="attachment-288803">https://github.com/mastodon/mastodon/pull/22026</a> <br /> <br /> #<span class="tag"><a href="https://nu.federati.net/tag/security" rel="tag">security</a></span>2022-12-05T03:15:33+00:00LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}lnxw48a1: @administrator @aab I'm just guessing, but it could be related to an exploit someone launched against #Mastodon and #Misskey yesterday. From what I read, it brought several instances to their knees. Misskey released a #security patch yesterday.
https://nu.federati.net/notice/3416674
lnxw48a1's status on Sunday, 04-Dec-2022 22:26:16 UTC@<a href="https://gnusocial.net/index.php/user/1" class="h-card u-url p-nickname mention" title="admin de gnusocial.net">administrator</a> @<a href="https://khp.ignorelist.com/index.php/user/1" class="h-card u-url p-nickname mention" title="aab">aab</a> I'm just guessing, but it could be related to an exploit someone launched against #<span class="tag"><a href="https://nu.federati.net/tag/mastodon" rel="tag">Mastodon</a></span> and #<span class="tag"><a href="https://nu.federati.net/tag/misskey" rel="tag">Misskey</a></span> yesterday. From what I read, it brought several instances to their knees. Misskey released a #<span class="tag"><a href="https://nu.federati.net/tag/security" rel="tag">security</a></span> patch yesterday.2022-12-04T22:26:16+00:00LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}lnxw48a1: Tagging this thread with #Fediverse #Security ... whomever made the script obviously read some protocol docs and some source code. With just a little #JavaScript, they were able to knock some #Misskey and #Mastodon instances to their knees. This isn't the first, and it won't be the last. Remember when someone posted a humongous image and locked up any #GNUSocial instance that tried to download the image? Remember when someone's instance was replaced by some sort of cryptocurrency site and PuSH es from your site to theirs would crash your site because of their site's response? (I'll bet I still have that domain blocked at the firewall.) We have to stop being naive about the intentions of those in the current migration. The overwhelming majority will have benign, if not good, intentions. But a select few will have bad intentions. Among those intentions is to colonize the Fediverse with #Twitter's culture, to come here and impose that culture of anger and disrespect upon the inhabitants here ... which already happened once with the first wave of people joining #Mastodon instance, except it was Twitter and #Tumblr at that time.
https://nu.federati.net/notice/3416599
lnxw48a1's status on Sunday, 04-Dec-2022 16:22:39 UTCTagging this thread with #<span class="tag"><a href="https://nu.federati.net/tag/fediverse" rel="tag">Fediverse</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/security" rel="tag">Security</a></span> ... whomever made the script obviously read some protocol docs and some source code. With just a little #<span class="tag"><a href="https://nu.federati.net/tag/javascript" rel="tag">JavaScript</a></span>, they were able to knock some #<span class="tag"><a href="https://nu.federati.net/tag/misskey" rel="tag">Misskey</a></span> and #<span class="tag"><a href="https://nu.federati.net/tag/mastodon" rel="tag">Mastodon</a></span> instances to their knees. <br /><br /> This isn't the first, and it won't be the last. Remember when someone posted a humongous image and locked up any #<span class="tag"><a href="https://nu.federati.net/tag/gnusocial" rel="tag">GNUSocial</a></span> instance that tried to download the image? Remember when someone's instance was replaced by some sort of cryptocurrency site and PuSH es from your site to theirs would crash your site because of their site's response? (I'll bet I still have that domain blocked at the firewall.) <br /><br /> We have to stop being naive about the intentions of those in the current migration. The overwhelming majority will have benign, if not good, intentions. But a select few will have bad intentions. Among those intentions is to colonize the Fediverse with #<span class="tag"><a href="https://nu.federati.net/tag/twitter" rel="tag">Twitter</a></span>'s culture, to come here and impose that culture of anger and disrespect upon the inhabitants here ... which already happened once with the first wave of people joining #<span class="tag"><a href="https://nu.federati.net/tag/mastodon" rel="tag">Mastodon</a></span> instance, except it was Twitter and #<span class="tag"><a href="https://nu.federati.net/tag/tumblr" rel="tag">Tumblr</a></span> at that time.2022-12-04T16:22:39+00:00LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}lnxw48a1: Oh, good grief, #Microsoft. https://thehackernews.com/2022/10/microsoft-confirms-server.html [thehackernews com] Source: https://infosec.exchange/@jerry/109213542275494102 #security #breach #Azure #cloud
https://nu.federati.net/notice/3411396
lnxw48a1's status on Sunday, 23-Oct-2022 07:00:54 UTCOh, good grief, #<span class="tag"><a href="https://nu.federati.net/tag/microsoft" rel="tag">Microsoft.</a></span> <a href="https://thehackernews.com/2022/10/microsoft-confirms-server.html" title="https://thehackernews.com/2022/10/microsoft-confirms-server.html" rel="nofollow external noreferrer" class="attachment" id="attachment-288200">https://thehackernews.com/2022/10/microsoft-confirms-server.html</a> [thehackernews com] <br /> <br /> Source: <a href="https://infosec.exchange/@jerry/109213542275494102" title="https://infosec.exchange/@jerry/109213542275494102" rel="nofollow external noreferrer" class="attachment" id="attachment-288201">https://infosec.exchange/@jerry/109213542275494102</a> <br /> <br /> #<span class="tag"><a href="https://nu.federati.net/tag/security" rel="tag">security</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/breach" rel="tag">breach</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/azure" rel="tag">Azure</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/cloud" rel="tag">cloud</a></span>2022-10-23T07:00:54+00:00LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}lnxw48a1: If you are using #Element-iOS , #Element-Android , #Schildichat, or any other #Matrix client powered by matrix-sdk, upgrade now. #Security release is out. https://nu.federati.net/url/287969 [matrix org]
https://nu.federati.net/notice/3410219
lnxw48a1's status on Wednesday, 28-Sep-2022 19:40:42 UTCIf you are using #<span class="tag"><a href="https://nu.federati.net/tag/elementios" rel="tag">Element-iOS</a></span> , #<span class="tag"><a href="https://nu.federati.net/tag/elementandroid" rel="tag">Element-Android</a></span> , #<span class="tag"><a href="https://nu.federati.net/tag/schildichat" rel="tag">Schildichat</a></span>, or any other #<span class="tag"><a href="https://nu.federati.net/tag/matrix" rel="tag">Matrix</a></span> client powered by matrix-sdk, upgrade now. #<span class="tag"><a href="https://nu.federati.net/tag/security" rel="tag">Security</a></span> release is out.<br /> <br /> <a href="https://matrix.org/blog/2022/09/28/upgrade-now-to-address-encryption-vulns-in-matrix-sdks-and-clients/" title="https://matrix.org/blog/2022/09/28/upgrade-now-to-address-encryption-vulns-in-matrix-sdks-and-clients/" rel="nofollow external noreferrer" class="attachment" id="attachment-287969">https://nu.federati.net/url/287969</a> [matrix org]2022-09-28T19:40:42+00:00LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}lnxw48a1: https://nu.federati.net/url/286651 [arstechnica com] > Researchers have unearthed a discovery that doesn’t occur all that often in the realm of malware: a mature, never-before-seen Linux backdoor that uses novel evasion techniques to conceal its presence on infected servers, in some cases even with a forensic investigation. > On Thursday, researchers from Intezer and The BlackBerry Threat Research & Intelligence Team said that the previously undetected backdoor combines high levels of access with the ability to scrub any sign of infection from the file system, system processes, and network traffic. Dubbed Symbiote, it targets financial institutions in Brazil and was first detected in November. /via @geniusmusing #security #linux #backdoor #malware
https://nu.federati.net/notice/3403190
lnxw48a1's status on Saturday, 11-Jun-2022 20:57:15 UTC<a href="https://arstechnica.com/information-technology/2022/06/novel-techniques-in-never-before-seen-linux-backdoor-make-it-ultra-stealthy/" title="https://arstechnica.com/information-technology/2022/06/novel-techniques-in-never-before-seen-linux-backdoor-make-it-ultra-stealthy/" rel="nofollow noreferrer" class="attachment thumbnail">https://nu.federati.net/url/286651</a> [arstechnica com]<br /><br /> > Researchers have unearthed a discovery that doesn’t occur all that often in the realm of malware: a mature, never-before-seen Linux backdoor that uses novel evasion techniques to conceal its presence on infected servers, in some cases even with a forensic investigation.<br /><br /> > On Thursday, researchers from Intezer and The BlackBerry Threat Research & Intelligence Team said that the previously undetected backdoor combines high levels of access with the ability to scrub any sign of infection from the file system, system processes, and network traffic. Dubbed Symbiote, it targets financial institutions in Brazil and was first detected in November. <br /><br /> /via @<a href="https://nu.federati.net/user/16" class="h-card u-url p-nickname mention">geniusmusing</a> <br /><br /> #<span class="tag"><a href="https://nu.federati.net/tag/security" rel="tag">security</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/linux" rel="tag">linux</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/backdoor" rel="tag">backdoor</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/malware" rel="tag">malware</a></span>2022-06-11T20:57:15+00:00LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}gaba: Leap is also hiring for VPN development https://leap.se/post/2022_05_16_go_dev/ #security #devs #jobs #hiring
https://nu.federati.net/notice/3401287
gaba's status on Tuesday, 17-May-2022 21:07:42 UTC<p>Leap is also hiring for VPN development <a href="https://leap.se/post/2022_05_16_go_dev/" rel="nofollow">https://leap.se/post/2022_05_16_go_dev/</a> <a href="https://systerserver.town/tags/security" class="mention hashtag" rel="tag">#security</a> <a href="https://systerserver.town/tags/devs" class="mention hashtag" rel="tag">#devs</a> <a href="https://systerserver.town/tags/jobs" class="mention hashtag" rel="tag">#jobs</a> <a href="https://systerserver.town/tags/hiring" class="mention hashtag" rel="tag">#hiring</a></p>2022-05-17T21:07:42+00:00Brujalnxw48a1: https://nu.federati.net/url/285943 [it slashdot org] #Lenovo issues #security patches for over 100 Lenovo products. Source: https://shitposter.club/objects/6f578473-d458-464d-92a8-086d8ce96abb
https://nu.federati.net/notice/3398373
lnxw48a1's status on Wednesday, 20-Apr-2022 23:49:38 UTC<a href="https://it.slashdot.org/story/22/04/19/2118232/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware" title="https://it.slashdot.org/story/22/04/19/2118232/hackers-can-infect-over-100-lenovo-models-with-unremovable-malware" rel="nofollow noreferrer" class="attachment">https://nu.federati.net/url/285943</a> [it slashdot org] #<span class="tag"><a href="https://nu.federati.net/tag/lenovo" rel="tag">Lenovo</a></span> issues #<span class="tag"><a href="https://nu.federati.net/tag/security" rel="tag">security</a></span> patches for over 100 Lenovo products. <br /><br /> Source: <a href="https://shitposter.club/objects/6f578473-d458-464d-92a8-086d8ce96abb" title="https://shitposter.club/objects/6f578473-d458-464d-92a8-086d8ce96abb" rel="nofollow">https://shitposter.club/objects/6f578473-d458-464d-92a8-086d8ce96abb</a>2022-04-20T23:49:38+00:00LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}lnxw48a1: Some severe flaws in #Cisco small business routers. https://www.theregister.com/2022/02/04/cisco_smb_routers_critical_vulnerabilities/. [www theregister com] At publication time, some flaws and some models had not yet been patched. #security
https://nu.federati.net/notice/3392991
lnxw48a1's status on Monday, 07-Feb-2022 23:26:06 UTCSome severe flaws in #<span class="tag"><a href="https://nu.federati.net/tag/cisco" rel="tag">Cisco</a></span> small business routers. <a href="https://www.theregister.com/2022/02/04/cisco_smb_routers_critical_vulnerabilities/" title="https://www.theregister.com/2022/02/04/cisco_smb_routers_critical_vulnerabilities/" rel="nofollow external noreferrer" class="attachment" id="attachment-284906">https://www.theregister.com/2022/02/04/cisco_smb_routers_critical_vulnerabilities/</a>. [www theregister com]<br /> At publication time, some flaws and some models had not yet been patched. <br /> #<span class="tag"><a href="https://nu.federati.net/tag/security" rel="tag">security</a></span>2022-02-07T23:26:06+00:00LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}lnxw48a1: #T-mobile #security From 2018: https://nu.federati.net/url/282487 /via @rysiek @rysiek@mastodon.technology
https://nu.federati.net/notice/3376191
lnxw48a1's status on Wednesday, 18-Aug-2021 15:39:54 UTC#<span class="tag"><a href="https://nu.federati.net/tag/tmobile" rel="tag">T-mobile</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/security" rel="tag">security</a></span> <br /><br /> From 2018: <a href="https://web.archive.org/web/20180429220059if_/https://twitter.com/tmobileat/status/982187919061303296" title="https://web.archive.org/web/20180429220059if_/https://twitter.com/tmobileat/status/982187919061303296" rel="nofollow noreferrer" class="attachment">https://nu.federati.net/url/282487</a> <br /><br /> /via @<a href="https://mastodon.social/users/rysiek" class="h-card u-url p-nickname mention">rysiek</a> @rysiek@mastodon.technology2021-08-18T15:39:54+00:00LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}lnxw48a1: University of #Minnesota researchers apologize to the #Linux kernel community, ask to restore trust. https://nu.federati.net/url/280818 [lore kernel org] #MN #UMN #security
https://nu.federati.net/notice/3364363
lnxw48a1's status on Sunday, 25-Apr-2021 06:48:04 UTCUniversity of #<span class="tag"><a href="https://nu.federati.net/tag/minnesota" rel="tag">Minnesota</a></span> researchers apologize to the #<span class="tag"><a href="https://nu.federati.net/tag/linux" rel="tag">Linux</a></span> kernel community, ask to restore trust. <br /> <br /> <a href="https://lore.kernel.org/lkml/CAK8KejpUVLxmqp026JY7x5GzHU2YJLPU8SzTZUNXU2OXC70ZQQ@mail.gmail.com/t/#u" title="https://lore.kernel.org/lkml/CAK8KejpUVLxmqp026JY7x5GzHU2YJLPU8SzTZUNXU2OXC70ZQQ@mail.gmail.com/t/#u" rel="nofollow external noreferrer" class="attachment" id="attachment-280818">https://nu.federati.net/url/280818</a> [lore kernel org]<br /> <br /> #<span class="tag"><a href="https://nu.federati.net/tag/mn" rel="tag">MN</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/umn" rel="tag">UMN</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/security" rel="tag">security</a></span>2021-04-25T06:48:04+00:00LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}lnxw48a1: Further info: https://news-web.php.net/php.internals/113838 And with the presumed compromise of git.php.net, all future development activities will take place on #GitHub. #code-hosting #vcs #scm #security #git #php
https://nu.federati.net/notice/3363795
lnxw48a1's status on Sunday, 18-Apr-2021 15:41:27 UTCFurther info: <a href="https://news-web.php.net/php.internals/113838" title="https://news-web.php.net/php.internals/113838" rel="nofollow external noreferrer" class="attachment" id="attachment-280733">https://news-web.php.net/php.internals/113838</a> <br /> <br /> And with the presumed compromise of git.php.net, all future development activities will take place on #<span class="tag"><a href="https://nu.federati.net/tag/github" rel="tag">GitHub.</a></span> <br /> <br /> #<span class="tag"><a href="https://nu.federati.net/tag/codehosting" rel="tag">code-hosting</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/vcs" rel="tag">vcs</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/scm" rel="tag">scm</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/security" rel="tag">security</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/git" rel="tag">git</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/php" rel="tag">php</a></span>2021-04-18T15:41:27+00:00LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}lnxw48a1: Detecting #curl-pipe-bash from the server-side: https://www.idontplaydarts.com/2016/04/detecting-curl-pipe-bash-server-side/ [www idontplaydarts com] #security #curl #wget #pipe #bash
https://nu.federati.net/notice/3361342
lnxw48a1's status on Thursday, 25-Mar-2021 00:10:19 UTCDetecting #<span class="tag"><a href="https://nu.federati.net/tag/curlpipebash" rel="tag">curl-pipe-bash</a></span> from the server-side: <a href="https://www.idontplaydarts.com/2016/04/detecting-curl-pipe-bash-server-side/" title="https://www.idontplaydarts.com/2016/04/detecting-curl-pipe-bash-server-side/" rel="nofollow noreferrer" class="attachment">https://www.idontplaydarts.com/2016/04/detecting-curl-pipe-bash-server-side/</a> [www idontplaydarts com]<br /><br /> #<span class="tag"><a href="https://nu.federati.net/tag/security" rel="tag">security</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/curl" rel="tag">curl</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/wget" rel="tag">wget</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/pipe" rel="tag">pipe</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/bash" rel="tag">bash</a></span>2021-03-25T00:10:19+00:00LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}lnxw48a1: https://nu.federati.net/url/278948 [thejournal com] Schools are now the most targeted segment for ransomware ... make up the majority of all ransomware attacks. #security #ransomware #k-12 #schools
https://nu.federati.net/notice/3352115
lnxw48a1's status on Thursday, 17-Dec-2020 03:32:37 UTC<a href="https://thejournal.com/articles/2020/12/11/k12-has-become-the-most-targeted-segment-for-ransomware.aspx" title="https://thejournal.com/articles/2020/12/11/k12-has-become-the-most-targeted-segment-for-ransomware.aspx" rel="nofollow noreferrer" class="attachment">https://nu.federati.net/url/278948</a> [thejournal com] <br /><br /> Schools are now the most targeted segment for ransomware ... make up the majority of all ransomware attacks.<br /><br /> #<span class="tag"><a href="https://nu.federati.net/tag/security" rel="tag">security</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/ransomware" rel="tag">ransomware</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/k12" rel="tag">k-12</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/schools" rel="tag">schools</a></span>2020-12-17T03:32:37+00:00LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}lnxw48a1: #Mattermost devs discover unfixable (?) flaws in #Go-Lang library https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/ #security
https://nu.federati.net/notice/3351887
lnxw48a1's status on Monday, 14-Dec-2020 22:42:47 UTC#<span class="tag"><a href="https://nu.federati.net/tag/mattermost" rel="tag">Mattermost</a></span> devs discover unfixable (?) flaws in #<span class="tag"><a href="https://nu.federati.net/tag/golang" rel="tag">Go-Lang</a></span> library <a href="https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/" title="https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/" rel="nofollow external noreferrer" class="attachment" id="attachment-278913">https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/</a> #<span class="tag"><a href="https://nu.federati.net/tag/security" rel="tag">security</a></span>2020-12-14T22:42:47+00:00LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}lnxw48a1: The Guardian's text is pretty similar to the Jerusalem Post's: https://nu.federati.net/url/278891 #US_Treasury #security #breach
https://nu.federati.net/notice/3351780
lnxw48a1's status on Sunday, 13-Dec-2020 23:54:44 UTCThe Guardian's text is pretty similar to the Jerusalem Post's: <a href="https://www.jpost.com/breaking-news/us-treasury-breached-by-hackers-backed-by-foreign-government-sources-652007" title="https://www.jpost.com/breaking-news/us-treasury-breached-by-hackers-backed-by-foreign-government-sources-652007" rel="nofollow noreferrer" class="attachment">https://nu.federati.net/url/278891</a> <br /><br /> #<span class="tag"><a href="https://nu.federati.net/tag/ustreasury" rel="tag">US_Treasury</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/security" rel="tag">security</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/breach" rel="tag">breach</a></span>2020-12-13T23:54:44+00:00LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}lnxw48a1: US #cybersecurity firm #FireEye discloses breach, theft of tools https://finance.yahoo.com/news/u-cybersecurity-firm-fireeye-discloses-210424354.html [finance yahoo com] #SEC #security #breach #filing
https://nu.federati.net/notice/3351286
lnxw48a1's status on Wednesday, 09-Dec-2020 02:15:44 UTCUS #<span class="tag"><a href="https://nu.federati.net/tag/cybersecurity" rel="tag">cybersecurity</a></span> firm #<span class="tag"><a href="https://nu.federati.net/tag/fireeye" rel="tag">FireEye</a></span> discloses breach, theft of tools <a href="https://finance.yahoo.com/news/u-cybersecurity-firm-fireeye-discloses-210424354.html" title="https://finance.yahoo.com/news/u-cybersecurity-firm-fireeye-discloses-210424354.html" rel="nofollow noreferrer" class="attachment">https://finance.yahoo.com/news/u-cybersecurity-firm-fireeye-discloses-210424354.html</a> [finance yahoo com] <br /><br /> #<span class="tag"><a href="https://nu.federati.net/tag/sec" rel="tag">SEC</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/security" rel="tag">security</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/breach" rel="tag">breach</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/filing" rel="tag">filing</a></span>2020-12-09T02:15:44+00:00LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}geniusmusing: OpenSSL Releases Security Update CISA https://us-cert.cisa.gov/ncas/current-activity/2020/12/08/openssl-releases-security-update >OpenSSL has released a security update to address a vulnerability affecting all versions of 1.0.2 and 1.1.1 released before version 1.1.1i. An attacker could exploit this vulnerability to cause a denial-of-service condition. openssl.org/news/secadv/20201208.txt https://www.openssl.org/news/secadv/20201208.txt >EDIPARTYNAME NULL pointer de-reference (CVE-2020-1971) >====================================================== > >Severity: High > >The X.509 GeneralName type is a generic type for representing different types >of names. One of those name types is known as EDIPartyName. OpenSSL provides a >function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME >to see if they are equal or not. This function behaves incorrectly when both >GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash >may occur leading to a possible denial of service attack. > >OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes: >1) Comparing CRL distribution point names between an available CRL and a CRL > distribution point embedded in an X509 certificate >2) When verifying that a timestamp response token signer matches the timestamp > authority name (exposed via the API functions TS_RESP_verify_response and > TS_RESP_verify_token) > >If an attacker can control both items being compared then that attacker could >trigger a crash. >... #OpenSSL #Security #Update
https://nu.federati.net/notice/3351281
geniusmusing's status on Wednesday, 09-Dec-2020 01:06:10 UTCOpenSSL Releases Security Update CISA<br /><a href="https://us-cert.cisa.gov/ncas/current-activity/2020/12/08/openssl-releases-security-update" title="https://us-cert.cisa.gov/ncas/current-activity/2020/12/08/openssl-releases-security-update" rel="nofollow noreferrer" class="attachment">https://us-cert.cisa.gov/ncas/current-activity/2020/12/08/openssl-releases-security-update</a><br /><br /> >OpenSSL has released a security update to address a vulnerability affecting all versions of 1.0.2 and 1.1.1 released before version 1.1.1i. An attacker could exploit this vulnerability to cause a denial-of-service condition.<br /><br /> openssl.org/news/secadv/20201208.txt<br /><a href="https://www.openssl.org/news/secadv/20201208.txt" title="https://www.openssl.org/news/secadv/20201208.txt" rel="nofollow noreferrer" class="attachment">https://www.openssl.org/news/secadv/20201208.txt</a><br /><br /> >EDIPARTYNAME NULL pointer de-reference (CVE-2020-1971)<br /> >======================================================<br /> ><br /> >Severity: High<br /> ><br /> >The X.509 GeneralName type is a generic type for representing different types<br /> >of names. One of those name types is known as EDIPartyName. OpenSSL provides a<br /> >function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME<br /> >to see if they are equal or not. This function behaves incorrectly when both<br /> >GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash<br /> >may occur leading to a possible denial of service attack.<br /> ><br /> >OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes:<br /> >1) Comparing CRL distribution point names between an available CRL and a CRL<br /> > distribution point embedded in an X509 certificate<br /> >2) When verifying that a timestamp response token signer matches the timestamp<br /> > authority name (exposed via the API functions TS_RESP_verify_response and<br /> > TS_RESP_verify_token)<br /> ><br /> >If an attacker can control both items being compared then that attacker could<br /> >trigger a crash.<br /> >...<br /><br /> #<span class="tag"><a href="https://nu.federati.net/tag/openssl" rel="tag">OpenSSL</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/security" rel="tag">Security</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/update" rel="tag">Update</a></span>2020-12-09T01:06:10+00:00GeniusMusinggeniusmusing: Multiple Embedded TCP/IP Stacks CISA https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01 >1. EXECUTIVE SUMMARY > > CVSS v3 9.8 > ATTENTION: Exploitable remotely/low skill level to exploit > Vendor: Multiple (open source) > Equipment: uIP-Contiki-OS, uIP-Contiki-NG, uIP, open-iscsi, picoTCP-NG, picoTCP, FNET, Nut/Net > Vulnerabilities: Infinite Loop, Integer Wraparound, Out-of-bounds Read, Integer Overflow, Out-of-bounds Write, Improper Input Validation, Improper Null Termination > >CISA is aware of a public report, known as “AMNESIA:33” that details vulnerabilities found in multiple open-source TCP/IP stacks. CISA is issuing this advisory to provide early notice of the reported vulnerabilities and identify baseline mitigations for reducing risks to these and other cybersecurity attacks. > >The various open-source stacks may be implemented in forked repositories. >2. RISK EVALUATION > >Successful exploitation of these vulnerabilities could allow attackers to corrupt memory, put devices into infinite loops, access unauthorized data, and/or poison DNS cache. >3. TECHNICAL DETAILS >3.1 AFFECTED PRODUCTS > >The following are affected: > > uIP-Contiki-OS (end-of-life [EOL]), Version 3.0 and prior > uIP-Contiki-NG, Version 4.5 and prior > uIP (EOL), Version 1.0 and prior > open-iscsi, Version 2.1.12 and prior > picoTCP-NG, Version 1.7.0 and prior > picoTCP (EOL), Version 1.7.0 and prior > FNET, Version 4.6.3 > Nut/Net, Version 5.1 and prior >... #Security
https://nu.federati.net/notice/3351191
geniusmusing's status on Tuesday, 08-Dec-2020 17:32:50 UTCMultiple Embedded TCP/IP Stacks CISA<br /><a href="https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01" title="https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01" rel="nofollow noreferrer" class="attachment">https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01</a><br /><br /> >1. EXECUTIVE SUMMARY<br /> ><br /> > CVSS v3 9.8<br /> > ATTENTION: Exploitable remotely/low skill level to exploit<br /> > Vendor: Multiple (open source)<br /> > Equipment: uIP-Contiki-OS, uIP-Contiki-NG, uIP, open-iscsi, picoTCP-NG, picoTCP, FNET, Nut/Net<br /> > Vulnerabilities: Infinite Loop, Integer Wraparound, Out-of-bounds Read, Integer Overflow, Out-of-bounds Write, Improper Input Validation, Improper Null Termination<br /> ><br /> >CISA is aware of a public report, known as “AMNESIA:33” that details vulnerabilities found in multiple open-source TCP/IP stacks. CISA is issuing this advisory to provide early notice of the reported vulnerabilities and identify baseline mitigations for reducing risks to these and other cybersecurity attacks.<br /> ><br /> >The various open-source stacks may be implemented in forked repositories.<br /> >2. RISK EVALUATION<br /> ><br /> >Successful exploitation of these vulnerabilities could allow attackers to corrupt memory, put devices into infinite loops, access unauthorized data, and/or poison DNS cache.<br /> >3. TECHNICAL DETAILS<br /> >3.1 AFFECTED PRODUCTS<br /> ><br /> >The following are affected:<br /> ><br /> > uIP-Contiki-OS (end-of-life [EOL]), Version 3.0 and prior<br /> > uIP-Contiki-NG, Version 4.5 and prior<br /> > uIP (EOL), Version 1.0 and prior<br /> > open-iscsi, Version 2.1.12 and prior<br /> > picoTCP-NG, Version 1.7.0 and prior<br /> > picoTCP (EOL), Version 1.7.0 and prior<br /> > FNET, Version 4.6.3<br /> > Nut/Net, Version 5.1 and prior<br /> >...<br /> #<span class="tag"><a href="https://nu.federati.net/tag/security" rel="tag">Security</a></span>2020-12-08T17:32:50+00:00GeniusMusinglnxw48a1: https://pluralistic.net/2020/12/05/trusting-trust/ > WARNING WARNING WARNING WARNING > Security researchers are alarmed: the already-notorious Trickbot malware has been spottied probing infected computers to find out which version of UEFI they're running. This is read as evidence that Trickbot has figured out how to pull off a really scary feat. Source: https://mamot.fr/@pluralistic/105329139472008620 #Security #UEFI #BIOS #TPM #Trusted-Computing CC: @mangeurdenuage @geniusmusing @musicman It's a long article, but well worth your time.
https://nu.federati.net/notice/3350636
lnxw48a1's status on Saturday, 05-Dec-2020 19:42:34 UTC<a href="https://pluralistic.net/2020/12/05/trusting-trust/" title="https://pluralistic.net/2020/12/05/trusting-trust/" rel="nofollow noreferrer" class="attachment">https://pluralistic.net/2020/12/05/trusting-trust/</a> <br /><br /> > WARNING WARNING WARNING WARNING <br /><br /> > Security researchers are alarmed: the already-notorious Trickbot malware has been spottied probing infected computers to find out which version of UEFI they're running. This is read as evidence that Trickbot has figured out how to pull off a really scary feat.<br /><br /> Source: <a href="https://mamot.fr/@pluralistic/105329139472008620" title="https://mamot.fr/@pluralistic/105329139472008620" rel="nofollow noreferrer" class="attachment">https://mamot.fr/@pluralistic/105329139472008620</a> <br /><br /> #<span class="tag"><a href="https://nu.federati.net/tag/security" rel="tag">Security</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/uefi" rel="tag">UEFI</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/bios" rel="tag">BIOS</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/tpm" rel="tag">TPM</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/trustedcomputing" rel="tag">Trusted-Computing</a></span><br /><br /> CC: @<a href="https://loadaverage.org/index.php/user/343975" class="h-card u-url p-nickname mention">mangeurdenuage</a> @<a href="https://nu.federati.net/user/16" class="h-card u-url p-nickname mention">geniusmusing</a> @<a href="https://nu.federati.net/user/12" class="h-card u-url p-nickname mention">musicman</a> <br /><br /> It's a long article, but well worth your time.2020-12-05T19:42:34+00:00LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}lnxw48a1: "So you want to get into Infosec?" https://hackers.town/@thegibson/105243991039588873 Some links to discounted or free training in that thread. #infosec #security #training #education
https://nu.federati.net/notice/3348012
lnxw48a1's status on Friday, 20-Nov-2020 23:49:34 UTC"So you want to get into Infosec?"<br /><br /><a href="https://hackers.town/@thegibson/105243991039588873" title="https://hackers.town/@thegibson/105243991039588873" rel="nofollow noreferrer" class="attachment">https://hackers.town/@thegibson/105243991039588873</a> Some links to discounted or free training in that thread.<br /><br /> #<span class="tag"><a href="https://nu.federati.net/tag/infosec" rel="tag">infosec</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/security" rel="tag">security</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/training" rel="tag">training</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/education" rel="tag">education</a></span>2020-11-20T23:49:34+00:00LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}lnxw48a1: @aab has found something to block some traffic from unwanted portscans: https://dodweil.us/security/ufw-fail2ban-portscan.html #security #NoteToSelf
https://nu.federati.net/notice/3344987
lnxw48a1's status on Thursday, 05-Nov-2020 17:03:48 UTC@<a href="https://khp.ignorelist.com/index.php/user/1" class="h-card u-url p-nickname mention">aab</a> has found something to block some traffic from unwanted portscans: <a href="https://dodweil.us/security/ufw-fail2ban-portscan.html" title="https://dodweil.us/security/ufw-fail2ban-portscan.html" rel="nofollow">https://dodweil.us/security/ufw-fail2ban-portscan.html</a> <br /><br /> #<span class="tag"><a href="https://nu.federati.net/tag/security" rel="tag">security</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/notetoself" rel="tag">NoteToSelf</a></span>2020-11-05T17:03:48+00:00LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}lnxw48a1: @geniusmusing See https://hackers.town/@devrandom/105136083240782878 #security
https://nu.federati.net/notice/3343932
lnxw48a1's status on Sunday, 01-Nov-2020 17:06:34 UTC@<a href="https://nu.federati.net/user/16" class="h-card u-url p-nickname mention" title="GeniusMusing">geniusmusing</a> See <a href="https://hackers.town/@devrandom/105136083240782878" title="https://hackers.town/@devrandom/105136083240782878" rel="nofollow external noreferrer" class="attachment" id="attachment-277355">https://hackers.town/@devrandom/105136083240782878</a> <br /> <br /> #<span class="tag"><a href="https://nu.federati.net/tag/security" rel="tag">security</a></span>2020-11-01T17:06:34+00:00LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}sl: #NAT #slipstreaming https://samy.pl/slipstream/ #Internet #security #MSS #MTU #ALG #WebRTC #TURN #TCP #UDP #SIP #FTP #DCC #pptp #h323 #attack #exploit
https://nu.federati.net/notice/3343856
sl's status on Sunday, 01-Nov-2020 12:20:39 UTC#<span class="tag"><a href="https://loadaverage.org/tag/nat" rel="tag">NAT</a></span> #<span class="tag"><a href="https://loadaverage.org/tag/slipstreaming" rel="tag">slipstreaming</a></span> <a href="https://samy.pl/slipstream/" title="https://samy.pl/slipstream/" rel="nofollow noreferrer" class="attachment">https://samy.pl/slipstream/</a><br /> #<span class="tag"><a href="https://loadaverage.org/tag/internet" rel="tag">Internet</a></span> #<span class="tag"><a href="https://loadaverage.org/tag/security" rel="tag">security</a></span> #<span class="tag"><a href="https://loadaverage.org/tag/mss" rel="tag">MSS</a></span> #<span class="tag"><a href="https://loadaverage.org/tag/mtu" rel="tag">MTU</a></span> #<span class="tag"><a href="https://loadaverage.org/tag/alg" rel="tag">ALG</a></span> #<span class="tag"><a href="https://loadaverage.org/tag/webrtc" rel="tag">WebRTC</a></span> #<span class="tag"><a href="https://loadaverage.org/tag/turn" rel="tag">TURN</a></span> #<span class="tag"><a href="https://loadaverage.org/tag/tcp" rel="tag">TCP</a></span> #<span class="tag"><a href="https://loadaverage.org/tag/udp" rel="tag">UDP</a></span> #<span class="tag"><a href="https://loadaverage.org/tag/sip" rel="tag">SIP</a></span> #<span class="tag"><a href="https://loadaverage.org/tag/ftp" rel="tag">FTP</a></span> #<span class="tag"><a href="https://loadaverage.org/tag/dcc" rel="tag">DCC</a></span> #<span class="tag"><a href="https://loadaverage.org/tag/pptp" rel="tag">pptp</a></span> #<span class="tag"><a href="https://loadaverage.org/tag/h323" rel="tag">h323</a></span> #<span class="tag"><a href="https://loadaverage.org/tag/attack" rel="tag">attack</a></span> #<span class="tag"><a href="https://loadaverage.org/tag/exploit" rel="tag">exploit</a></span>2020-11-01T12:20:39+00:00Sami Lehtinenlnxw48a1: #Google discloses #Microsoft #Windows 10 #zero-day vulnerability that is currently being exploited in the wild. Also patched a #Chrome zero-day. https://www.zdnet.com/article/google-discloses-windows-zero-day-exploited-in-the-wild/ [www zdnet com] #Win10 #security Patch incoming 2020-11-10, #Patch_Tuesday.
https://nu.federati.net/notice/3343670
lnxw48a1's status on Saturday, 31-Oct-2020 16:32:38 UTC#<span class="tag"><a href="https://nu.federati.net/tag/google" rel="tag">Google</a></span> discloses #<span class="tag"><a href="https://nu.federati.net/tag/microsoft" rel="tag">Microsoft</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/windows" rel="tag">Windows</a></span> 10 #<span class="tag"><a href="https://nu.federati.net/tag/zeroday" rel="tag">zero-day</a></span> vulnerability that is currently being exploited in the wild. Also patched a #<span class="tag"><a href="https://nu.federati.net/tag/chrome" rel="tag">Chrome</a></span> zero-day. <a href="https://www.zdnet.com/article/google-discloses-windows-zero-day-exploited-in-the-wild/" title="https://www.zdnet.com/article/google-discloses-windows-zero-day-exploited-in-the-wild/" rel="nofollow noreferrer" class="attachment">https://www.zdnet.com/article/google-discloses-windows-zero-day-exploited-in-the-wild/</a> [www zdnet com] <br /><br /> #<span class="tag"><a href="https://nu.federati.net/tag/win10" rel="tag">Win10</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/security" rel="tag">security</a></span> <br /><br /> Patch incoming 2020-11-10, #<span class="tag"><a href="https://nu.federati.net/tag/patchtuesday" rel="tag">Patch_Tuesday.</a></span>2020-10-31T16:32:38+00:00LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}sl: Quite interesting #documentary, just watched it: Kill Chain: The #Cyber #War on #America's #Elections https://imdb.com/title/tt12041084/ #hackers #hacking #security #politics
https://nu.federati.net/notice/3339573
sl's status on Monday, 12-Oct-2020 14:52:59 UTCQuite interesting #<span class="tag"><a href="https://loadaverage.org/tag/documentary" rel="tag">documentary</a></span>, just watched it:<br /> Kill Chain: The #<span class="tag"><a href="https://loadaverage.org/tag/cyber" rel="tag">Cyber</a></span> #<span class="tag"><a href="https://loadaverage.org/tag/war" rel="tag">War</a></span> on #<span class="tag"><a href="https://loadaverage.org/tag/america" rel="tag">America</a></span>'s #<span class="tag"><a href="https://loadaverage.org/tag/elections" rel="tag">Elections</a></span><br /><a href="https://www.imdb.com/title/tt12041084/" title="https://www.imdb.com/title/tt12041084/" rel="nofollow noreferrer" class="attachment">https://imdb.com/title/tt12041084/</a><br /> #<span class="tag"><a href="https://loadaverage.org/tag/hackers" rel="tag">hackers</a></span> #<span class="tag"><a href="https://loadaverage.org/tag/hacking" rel="tag">hacking</a></span> #<span class="tag"><a href="https://loadaverage.org/tag/security" rel="tag">security</a></span> #<span class="tag"><a href="https://loadaverage.org/tag/politics" rel="tag">politics</a></span>2020-10-12T14:52:59+00:00Sami Lehtinenubuntu: Organisations are increasingly adopting #opensource but that can lead to a more fragmented landscape for security teams. In this @DarkReading@twitter.com article, we outline 3 essential steps for every enterprise to enhance their #security practices. https://bit.ly/344pG5z
https://nu.federati.net/notice/3336704
ubuntu's status on Monday, 28-Sep-2020 19:19:32 UTC<p>Organisations are increasingly adopting <a href="https://ubuntu.social/tags/opensource" class="mention hashtag" rel="tag">#<span>opensource</span></a> but that can lead to a more fragmented landscape for security teams. In this @DarkReading@twitter.com article, we outline 3 essential steps for every enterprise to enhance their <a href="https://ubuntu.social/tags/security" class="mention hashtag" rel="tag">#<span>security</span></a> practices. <a href="https://bit.ly/344pG5z" rel="nofollow"><span class="invisible">https://</span><span>bit.ly/344pG5z</span><span class="invisible"></span></a></p>2020-09-28T19:19:32+00:00Ubuntulnxw48a1: FastCompany: Don't share #passwords with your GF or BF until you read this https://www.fastcompany.com/90556503/dont-share-passwords-with-your-gf-or-bf-until-you-read-this [www fastcompany com] I didn't know people still did this. #security #relationships
https://nu.federati.net/notice/3336589
lnxw48a1's status on Monday, 28-Sep-2020 02:43:43 UTCFastCompany: Don't share #<span class="tag"><a href="https://nu.federati.net/tag/passwords" rel="tag">passwords</a></span> with your GF or BF until you read this <a href="https://www.fastcompany.com/90556503/dont-share-passwords-with-your-gf-or-bf-until-you-read-this" title="https://www.fastcompany.com/90556503/dont-share-passwords-with-your-gf-or-bf-until-you-read-this" rel="nofollow noreferrer" class="attachment">https://www.fastcompany.com/90556503/dont-share-passwords-with-your-gf-or-bf-until-you-read-this</a> [www fastcompany com]<br /><br /> I didn't know people still did this. <br /><br /> #<span class="tag"><a href="https://nu.federati.net/tag/security" rel="tag">security</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/relationships" rel="tag">relationships</a></span>2020-09-28T02:43:43+00:00LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}lnxw48a1: Chinese antivirus firm part of malware / ransomware group https://krebsonsecurity.com/2020/09/chinese-antivirus-firm-was-part-of-apt41-supply-chain-attack/ #security
https://nu.federati.net/notice/3335377
lnxw48a1's status on Wednesday, 23-Sep-2020 01:57:14 UTCChinese antivirus firm part of malware / ransomware group <a href="https://krebsonsecurity.com/2020/09/chinese-antivirus-firm-was-part-of-apt41-supply-chain-attack/" title="https://krebsonsecurity.com/2020/09/chinese-antivirus-firm-was-part-of-apt41-supply-chain-attack/" rel="nofollow external noreferrer" class="attachment" id="attachment-275487">https://krebsonsecurity.com/2020/09/chinese-antivirus-firm-was-part-of-apt41-supply-chain-attack/</a> #<span class="tag"><a href="https://nu.federati.net/tag/security" rel="tag">security</a></span>2020-09-23T01:57:14+00:00LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}ubuntu: This whitepaper provides a technical overview of how Ubuntu Core with full disk encryption and secure boot can be implemented in IoT devices to provide protection in data sensitive scenarios. #IoT #security https://bit.ly/2TMg6ht #IoT #Security
https://nu.federati.net/notice/3335371
ubuntu's status on Tuesday, 22-Sep-2020 23:50:53 UTC<p>This whitepaper provides a technical overview of how Ubuntu Core with full disk encryption and secure boot can be implemented in IoT devices to provide protection in data sensitive scenarios. <a href="https://ubuntu.social/tags/iot" class="mention hashtag" rel="tag">#<span>IoT</span></a> <a href="https://ubuntu.social/tags/security" class="mention hashtag" rel="tag">#<span>security</span></a> <a href="https://bit.ly/2TMg6ht" rel="nofollow"><span class="invisible">https://</span><span>bit.ly/2TMg6ht</span><span class="invisible"></span></a> <a href="https://ubuntu.social/tags/iot" class="mention hashtag" rel="tag">#<span>IoT</span></a> <a href="https://ubuntu.social/tags/security" class="mention hashtag" rel="tag">#<span>Security</span></a></p>2020-09-22T23:50:53+00:00Ubuntuubuntu: Did you know that misuse of the /tmp directory is one of the most common #security flaws? Learn more about how you can spot these vulnerabilities and fix them with TmpWatcher.https://bit.ly/3bpnWHA
https://nu.federati.net/notice/3331647
ubuntu's status on Wednesday, 02-Sep-2020 21:01:36 UTC<p>Did you know that misuse of the /tmp directory is one of the most common <a href="https://ubuntu.social/tags/security" class="mention hashtag" rel="tag">#<span>security</span></a> flaws? Learn more about how you can spot these vulnerabilities and fix them with TmpWatcher.</p><p><a href="https://bit.ly/3bpnWHA" rel="nofollow"><span class="invisible">https://</span><span>bit.ly/3bpnWHA</span><span class="invisible"></span></a></p>2020-09-02T21:01:36+00:00Ubuntuubuntu: This whitepaper provides a technical overview of how Ubuntu Core with full disk encryption and secure boot can be implemented in IoT devices to provide protection in data sensitive scenarios. #IoT #security https://bit.ly/2TMg6ht #IoT #Security
https://nu.federati.net/notice/3330314
ubuntu's status on Tuesday, 25-Aug-2020 12:30:47 UTC<p>This whitepaper provides a technical overview of how Ubuntu Core with full disk encryption and secure boot can be implemented in IoT devices to provide protection in data sensitive scenarios. <a href="https://ubuntu.social/tags/iot" class="mention hashtag" rel="tag">#<span>IoT</span></a> <a href="https://ubuntu.social/tags/security" class="mention hashtag" rel="tag">#<span>security</span></a> <a href="https://bit.ly/2TMg6ht" rel="nofollow"><span class="invisible">https://</span><span>bit.ly/2TMg6ht</span><span class="invisible"></span></a> <a href="https://ubuntu.social/tags/iot" class="mention hashtag" rel="tag">#<span>IoT</span></a> <a href="https://ubuntu.social/tags/security" class="mention hashtag" rel="tag">#<span>Security</span></a></p>2020-08-25T12:30:47+00:00Ubuntulnxw48a1: #ISC's #BIND continues to have security holes one after another. I do sometimes wonder why we (the world as a whole) haven't migrated to something descended from DJBDNS. #DNS #security
https://nu.federati.net/notice/3329880
lnxw48a1's status on Friday, 21-Aug-2020 21:05:22 UTC#<span class="tag"><a href="https://nu.federati.net/tag/isc" rel="tag">ISC</a></span>'s #<span class="tag"><a href="https://nu.federati.net/tag/bind" rel="tag">BIND</a></span> continues to have security holes one after another. I do sometimes wonder why we (the world as a whole) haven't migrated to something descended from DJBDNS. <br /><br /> #<span class="tag"><a href="https://nu.federati.net/tag/dns" rel="tag">DNS</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/security" rel="tag">security</a></span>2020-08-21T21:05:22+00:00LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}ubuntu: Fing's Fingbox plugs into your Wi-Fi routers to monitor, secure and troubleshoot networks and their connected devices - watch this webinar find out why they used Ubuntu Core and Snaps. http://bit.ly/2NAvr5H #IoT #security
https://nu.federati.net/notice/3329536
ubuntu's status on Wednesday, 19-Aug-2020 12:50:17 UTC<p>Fing's Fingbox plugs into your Wi-Fi routers to monitor, secure and troubleshoot networks and their connected devices - watch this webinar find out why they used Ubuntu Core and Snaps. <a href="http://bit.ly/2NAvr5H" rel="nofollow"><span class="invisible">http://</span><span>bit.ly/2NAvr5H</span><span class="invisible"></span></a> <a href="https://ubuntu.social/tags/iot" class="mention hashtag" rel="tag">#<span>IoT</span></a> <a href="https://ubuntu.social/tags/security" class="mention hashtag" rel="tag">#<span>security</span></a></p>2020-08-19T12:50:17+00:00Ubuntugeniusmusing: VU174059 GRUB2 bootloader is vulnerable to buffer overflow https://www.kb.cert.org/vuls/id/174059 >Overview > >The GRUB2 boot loader is vulnerable to buffer overflow, which results in arbitrary code execution during the boot process, even when Secure Boot is enabled. I cannot say this is related but I updated grub last night on my backup server and it no longer boots. #security #buffer #overflow #grub2
https://nu.federati.net/notice/3326674
geniusmusing's status on Thursday, 30-Jul-2020 15:21:28 UTCVU174059 GRUB2 bootloader is vulnerable to buffer overflow<br /><a href="https://www.kb.cert.org/vuls/id/174059" title="https://www.kb.cert.org/vuls/id/174059" rel="nofollow noreferrer" class="attachment">https://www.kb.cert.org/vuls/id/174059</a><br /><br /> >Overview<br /> ><br /> >The GRUB2 boot loader is vulnerable to buffer overflow, which results in arbitrary code execution during the boot process, even when Secure Boot is enabled. <br /><br /> I cannot say this is related but I updated grub last night on my backup server and it no longer boots. <br /><br /> #<span class="tag"><a href="https://nu.federati.net/tag/security" rel="tag">security</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/buffer" rel="tag">buffer</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/overflow" rel="tag">overflow</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/grub2" rel="tag">grub2</a></span>2020-07-30T15:21:28+00:00GeniusMusingubuntu: Today we released updates for a series of #vulnerabilities termed 'There's a hole in the boot' / BootHole in GRUB2 that could allow an attacker to subvert UEFI Secure Boot. Learn more here. #security #CVEhttps://bit.ly/3faG2gF
https://nu.federati.net/notice/3326515
ubuntu's status on Wednesday, 29-Jul-2020 21:00:14 UTC<p>Today we released updates for a series of <a href="https://ubuntu.social/tags/vulnerabilities" class="mention hashtag" rel="tag">#<span>vulnerabilities</span></a> termed 'There's a hole in the boot' / BootHole in GRUB2 that could allow an attacker to subvert UEFI Secure Boot. Learn more here. <a href="https://ubuntu.social/tags/security" class="mention hashtag" rel="tag">#<span>security</span></a> <a href="https://ubuntu.social/tags/cve" class="mention hashtag" rel="tag">#<span>CVE</span></a></p><p><a href="https://bit.ly/3faG2gF" rel="nofollow"><span class="invisible">https://</span><span>bit.ly/3faG2gF</span><span class="invisible"></span></a></p>2020-07-29T21:00:14+00:00Ubuntuubuntu: This whitepaper provides a technical overview of how Ubuntu Core with full disk encryption and secure boot can be implemented in IoT devices to provide protection in data sensitive scenarios. #IoT #security https://bit.ly/2TMg6ht #IoT #Security
https://nu.federati.net/notice/3326037
ubuntu's status on Monday, 27-Jul-2020 17:06:22 UTC<p>This whitepaper provides a technical overview of how Ubuntu Core with full disk encryption and secure boot can be implemented in IoT devices to provide protection in data sensitive scenarios. <a href="https://ubuntu.social/tags/iot" class="mention hashtag" rel="tag">#<span>IoT</span></a> <a href="https://ubuntu.social/tags/security" class="mention hashtag" rel="tag">#<span>security</span></a> <a href="https://bit.ly/2TMg6ht" rel="nofollow"><span class="invisible">https://</span><span>bit.ly/2TMg6ht</span><span class="invisible"></span></a> <a href="https://ubuntu.social/tags/iot" class="mention hashtag" rel="tag">#<span>IoT</span></a> <a href="https://ubuntu.social/tags/security" class="mention hashtag" rel="tag">#<span>Security</span></a></p>2020-07-27T17:06:22+00:00Ubuntukmj: #privacy #itsec #security #tor #cloudflare using Tor shows how much sites are hidden behind Cloudflare. Yesterdays DNS problem of them showed even more of this privacy problem.With the EU making it clear that data transfer to US is not allowed this opens the question if transparent proxying traffic through Cloudflare is illegal now too. Especially where this opens MITM data collecting.IMHO sites behind Cloudflare should be blocked making them learn that privacy is valued.
https://nu.federati.net/notice/3324630
kmj's status on Sunday, 19-Jul-2020 19:03:56 UTC<p><a href="https://mastodon.ctseuro.com/tags/privacy" class="mention hashtag" rel="tag">#privacy</a> <a href="https://mastodon.ctseuro.com/tags/itsec" class="mention hashtag" rel="tag">#itsec</a> <a href="https://mastodon.ctseuro.com/tags/security" class="mention hashtag" rel="tag">#security</a> <a href="https://mastodon.ctseuro.com/tags/tor" class="mention hashtag" rel="tag">#tor</a> <a href="https://mastodon.ctseuro.com/tags/cloudflare" class="mention hashtag" rel="tag">#cloudflare</a> using Tor shows how much sites are hidden behind Cloudflare. Yesterdays DNS problem of them showed even more of this privacy problem.</p><p>With the EU making it clear that data transfer to US is not allowed this opens the question if transparent proxying traffic through Cloudflare is illegal now too. Especially where this opens MITM data collecting.</p><p>IMHO sites behind Cloudflare should be blocked making them learn that privacy is valued.</p>2020-07-19T19:03:56+00:00KMJ 🇦🇹ubuntu: This whitepaper provides a technical overview of how Ubuntu Core with full disk encryption and secure boot can be implemented in IoT devices to provide protection in data sensitive scenarios. #IoT #security https://bit.ly/2TMg6ht #IoT #Security
https://nu.federati.net/notice/3319778
ubuntu's status on Wednesday, 24-Jun-2020 11:17:43 UTC<p>This whitepaper provides a technical overview of how Ubuntu Core with full disk encryption and secure boot can be implemented in IoT devices to provide protection in data sensitive scenarios. <a href="https://ubuntu.social/tags/iot" class="mention hashtag" rel="tag">#<span>IoT</span></a> <a href="https://ubuntu.social/tags/security" class="mention hashtag" rel="tag">#<span>security</span></a> <a href="https://bit.ly/2TMg6ht" rel="nofollow"><span class="invisible">https://</span><span>bit.ly/2TMg6ht</span><span class="invisible"></span></a> <a href="https://ubuntu.social/tags/iot" class="mention hashtag" rel="tag">#<span>IoT</span></a> <a href="https://ubuntu.social/tags/security" class="mention hashtag" rel="tag">#<span>Security</span></a></p>2020-06-24T11:17:43+00:00Ubuntuubuntu: Fing's Fingbox plugs into your Wi-Fi routers to monitor, secure and troubleshoot networks and their connected devices - watch this webinar find out why they used Ubuntu Core and Snaps. http://bit.ly/2NAvr5H #IoT #security
https://nu.federati.net/notice/3317715
ubuntu's status on Monday, 15-Jun-2020 12:19:41 UTC<p>Fing's Fingbox plugs into your Wi-Fi routers to monitor, secure and troubleshoot networks and their connected devices - watch this webinar find out why they used Ubuntu Core and Snaps. <a href="http://bit.ly/2NAvr5H" rel="nofollow"><span class="invisible">http://</span><span>bit.ly/2NAvr5H</span><span class="invisible"></span></a> <a href="https://ubuntu.social/tags/iot" class="mention hashtag" rel="tag">#<span>IoT</span></a> <a href="https://ubuntu.social/tags/security" class="mention hashtag" rel="tag">#<span>security</span></a></p>2020-06-15T12:19:41+00:00Ubuntulnxw48a1: https://finance.yahoo.com/news/nintendo-now-says-300-000-165803999.html [finance yahoo com] #Nintendo now estimates almost twice as many accounts were breached as its previous estimate. 300K online accounts were compromised, exposing PII. According to the company, this is still less than 1% of its userbase. #security #breach #accounts #crack #compromise #repassword
https://nu.federati.net/notice/3317194
lnxw48a1's status on Friday, 12-Jun-2020 20:18:23 UTC<a href="https://finance.yahoo.com/news/nintendo-now-says-300-000-165803999.html" title="https://finance.yahoo.com/news/nintendo-now-says-300-000-165803999.html" rel="nofollow external noreferrer" class="attachment" id="attachment-270490">https://finance.yahoo.com/news/nintendo-now-says-300-000-165803999.html</a> [finance yahoo com]<br /> <br /> #<span class="tag"><a href="https://nu.federati.net/tag/nintendo" rel="tag">Nintendo</a></span> now estimates almost twice as many accounts were breached as its previous estimate. 300K online accounts were compromised, exposing PII. According to the company, this is still less than 1% of its userbase. <br /> <br /> #<span class="tag"><a href="https://nu.federati.net/tag/security" rel="tag">security</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/breach" rel="tag">breach</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/accounts" rel="tag">accounts</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/crack" rel="tag">crack</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/compromise" rel="tag">compromise</a></span> #<span class="tag"><a href="https://nu.federati.net/tag/repassword" rel="tag">repassword</a></span>2020-06-12T20:18:23+00:00LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}lnxw48a1LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}ubuntuUbuntugeniusmusingGeniusMusing