Tuesday, 31 January 2023

Another Password Manager Leak Bug: But KeePass Denies CVE - Security Boulevard

‘Nihilistic; Dismissive’
Two researchers report vulnerability in KeePass. But lead developer Dominik Reichl says it’s not a problem—and refuses to fix the flaw.

Friday, 27 January 2023

‘Hive’ Russian Ransomware Gang Shut Down by FBI, DoJ, Europol, Bundeskriminalamt, et al - Security Boulevard

Site Seized; Russians Riled: The ransomware scrotes known as Hive got pwned this week. Their servers are no more.

Wednesday, 25 January 2023

Microsoft Outage Outrage: Was it BGP or DNS? - DevOps.com

The moral of the story: Life imposes things on you that you can’t control, but you still have the choice of how you’re going to live through this

Tuesday, 24 January 2023

Move over, npm: Trust VS Code extensions at your own risk, dev teams - ReversingLabs

VSC Marketplace FAIL: It’s super easy to spoof Visual Studio Code extensions. And it’s incredibly hard to detect.

Monday, 23 January 2023

US No-Fly List Leaked via Airline Dev Server by @_nyancrimew - Security Boulevard

FBI TSC CSV on AWS S3: CommuteAir, a United Airlines puddle-jumper affiliate, leaked the federal government’s No-Fly and “Selectee” lists. Or, at least, a snapshot from 2019—totaling more than 1.8 million entries.