In this week’s #TheLongView:
— @Richi 🤓 Jennings (@RiCHi) December 21, 2022
1⃣ @AWSCloud #S3 is keeping #Ukraine’s data safe from #Russia,
2⃣ we ask if #WindowsPresentationFoundation is dead, and
3⃣ #developers tell us why they switch jobs.
At @TechstrongGroup’s @DevOpsDotCom: https://t.co/O7pQv8v80r #DevOps
Wednesday 21 December 2022
AWS Saves Ukraine’s Data | WPF ‘is not Dead’ (yet) | Devs Quit for Cash - DevOps.com
Tuesday 20 December 2022
DraftKings fantasy? How YOU can prevent credential stuffing attacks - ReversingLabs
3/ Prevented how? By checking user passwords against public databases of leaked #credentials.
— @Richi 🤓 Jennings (@RiCHi) December 20, 2022
In this week’s #SSBlogwatch we urge dev teams to do more.
For @ReversingLabs’ @SecuredSoftware: https://t.co/djeNopsos6 #DevOps
Monday 19 December 2022
GitHub Secret Scanning is now Free (as in Beer) - Security Boulevard
Naturally, there’s no such thing as a free lunch. #GitHub wants you to upgrade to the premium version of the service.
— @Richi 🤓 Jennings (@RiCHi) December 19, 2022
In today’s #SBBlogwatch, we look a gift horse in the mouth.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/31wURydLAK
Friday 16 December 2022
Operation PowerOFF: DDoS Sites Denied Service (by US, UK, Europol) - Security Boulevard
And the @FBI says the operators knew full well what they’re used for.
— @Richi 🤓 Jennings (@RiCHi) December 16, 2022
In today’s #SBBlogwatch, we service their denials.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/gU4mJ4DOBh
Thursday 15 December 2022
EU Data Privacy: Try Again | SkyPilot: Choose Cheapest Cloud | WFH: Better Meetings - DevOps.com
In this week’s #TheLongView:
— @Richi 🤓 Jennings (@RiCHi) December 15, 2022
1⃣ #EU-U.S. #DataPrivacyFramework reemerges,
2⃣ @UCBerkeley brings #cloud selection box, and
3⃣ proof that #RemoteWork is good work.
At @TechstrongGroup’s @DevOpsDotCom: https://t.co/cJTTDUhlku #DevOps #GDPR #SkyPilot #WFH
Wednesday 14 December 2022
Ahoy! More insecure code washes ashore with AlphaCode - ReversingLabs
As the old saying goes: Garbage in, garbage out.
— @Richi 🤓 Jennings (@RiCHi) December 14, 2022
In this week’s #SSBlogwatch we take out the trash.
For @ReversingLabs’ @SecuredSoftware: https://t.co/hW5Mu82mqD
Tuesday 13 December 2022
Rust: Officially Released in Linux 6.1 Kernel - Security Boulevard
Linux’s initial focus is to write new device drivers in @RustLang.
— @Richi 🤓 Jennings (@RiCHi) December 13, 2022
In today’s #SBBlogwatch, we love to oxidize.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/OUZ17H6zUA
Friday 9 December 2022
TikTok Ban: Texas is Fourth State to Join; Indiana Sues
3/ They’re heeding the @FBI warning last week, no doubt.
— @Richi 🤓 Jennings (@RiCHi) December 9, 2022
In today’s #SBBlogwatch, we wonder what @TheRealRafferty would do.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/0MKYrxryHh
Thursday 8 December 2022
Dead Downtown: It’s YOUR Fault | Pentagon’s FOUR Cloud Vendors | Apple Adds MORE Price Flexibility - DevOps.com
In this week’s #TheLongView:
— @Richi 🤓 Jennings (@RiCHi) December 8, 2022
1⃣ #HomeWorking is ripping the heart out of cities,
2⃣ the @DeptofDefense’s bizarre #cloud strategy, and
3⃣ @Apple adds a $10,000 app price option.
At @TechstrongGroup’s @DevOpsDotCom: https://t.co/triFdgJAyu #DevOps #WFH #JWCC
Wednesday 7 December 2022
ChatGPT: Parlor trick or Stack Overflow replacement? - ReversingLabs
3/ Devs beware: Don’t be fooled by confident sounding AI.
— @Richi 🤓 Jennings (@RiCHi) December 7, 2022
In this week’s #SSBlogwatch we prefer #ELIZA.
For @ReversingLabs’ @SecuredSoftware: https://t.co/ILX9kIi2fh
Tuesday 6 December 2022
APT41 Sent US Covid Cash to China — Wicked Panda - Security Boulevard
3/ $20 million here, $20 million there. In today’s #SBBlogwatch, pretty soon we’re talking serious money.
— @Richi 🤓 Jennings (@RiCHi) December 6, 2022
At @TechstrongGroup’s @SecurityBlvd: https://t.co/DXj8qlsHOu
Monday 5 December 2022
Russia Hit by New ‘CryWiper’ — Fake Ransomware - Security Boulevard
3/ Who’s responsible? The @CIA? @Ukraine? Or an inside job?
— @Richi 🤓 Jennings (@RiCHi) December 5, 2022
In today’s #SBBlogwatch, we play the odds.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/WNXq1qiYR4
Friday 2 December 2022
More Lies: Anker’s Eufy Pants on Fire — ‘No Cloud’ Cams Send to Cloud - Security Boulevard
3/ It does appear to be a #Chinese plan to build a #FacialRecognition database of Americans.
— @Richi 🤓 Jennings (@RiCHi) December 2, 2022
In today’s #SBBlogwatch, we rip them off our front doors.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/sE8dITmur0
Thursday 1 December 2022
AWS re:Invent — Top 4 Things We Learned This Week - DevOps.com
In this week’s #TheLongView, four things that caught my eye from @AWScloud’s #reInvent 2022:
— @Richi 🤓 Jennings (@RiCHi) December 1, 2022
1⃣ #SnapStart turbocharges Lambda,
2⃣ #Graviton3E @ARM HPC SoC,
3⃣ #AWS continues hiring, and
4⃣ AWS’s origin story.
At @TechstrongGroup’s @DevOpsDotCom: https://t.co/lj4R4KUCmH #DevOps
Wednesday 30 November 2022
Meta’s GDPR fine: Why your DevOps needs red teaming - ReversingLabs
3/ So monitor real-time usage for unusual patterns.
— @Richi 🤓 Jennings (@RiCHi) November 30, 2022
In this week’s #SSBlogwatch we suggest how — and what to do if you find them.
For @ReversingLabs’ @SecuredSoftware: https://t.co/c8uIxlt5ED
Tuesday 29 November 2022
Naked TikTok Girls = Malware Mayhem #InvisibleFilter - Security Boulevard
3/ Just download this totally innocent Windows app.
— @Richi 🤓 Jennings (@RiCHi) November 29, 2022
But, in today’s #SBBlogwatch, we wonder where the nekkid #videos really go.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/Wb1OfDhlmN
Monday 28 November 2022
U.S. and UK Ban More Chinese Kit as Xi’s Grip Weakens - Security Boulevard
3/ Yet more woes for #XiJinping (pictured), as his citizens rise up and protest his terrifying #ZeroCovid restrictions.
— @Richi 🤓 Jennings (@RiCHi) November 28, 2022
In today’s #SBBlogwatch, we ponder possible #protectionism.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/Zc5gtQQmnT
Wednesday 23 November 2022
‘This is Appalling’ — Tax-Prep Sites Leak PII to Facebook - Security Boulevard
You are the product—except these services aren’t even free!
— @Richi 🤓 Jennings (@RiCHi) November 23, 2022
In today’s #SBBlogwatch, we’re as mad as hell and we’re not going to take it anymore.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/cwUlaeOdsy
Your support must scale: Don’t be like Meta, dev teams - ReversingLabs
🧵: A rash of small businesses on @Facebook found their accounts locked after being #hacked.
— @Richi 🤓 Jennings (@RiCHi) November 23, 2022
And it’s impossible to contact @Meta to get the problem fixed.https://t.co/69CCWN8cPU
Tuesday 22 November 2022
iPhone Privacy ‘Lies’ Exposed Again: Apple Analytics not Anonymous - Security Boulevard
3/ Everything you do is logged and permanently linked to your identity.
— @Richi 🤓 Jennings (@RiCHi) November 22, 2022
In today’s #SBBlogwatch, we ponder moving to Android.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/5G7pxf8aZr
Monday 21 November 2022
DevOps, Drought and Climate | Meta❤️PTP - DevOps.com
In this week’s #TheLongView:
— @Richi 🤓 Jennings (@RiCHi) November 21, 2022
1⃣ #DataCenters cause #ClimateChange, and
2⃣ @Meta is rolling out #PrecisionTimeProtocol.
At @TechstrongGroup’s @DevOpsDotCom: https://t.co/Ew8hiRnOIH #DevOps
Friday 18 November 2022
Oops! Meta Security Guards Hacked Facebook Users - Security Boulevard
All these questions and more will be asked in today’s #SBBlogwatch.
— @Richi 🤓 Jennings (@RiCHi) November 18, 2022
Please tell me it’s the weekend tomorrow.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/arliO84TlE
Thursday 17 November 2022
Data Centers IN SPAAACE | Discord GDPR Fine | AWS Fires Dead Wood - DevOps.com
In this week’s #TheLongView:
— @Richi 🤓 Jennings (@RiCHi) November 17, 2022
1⃣ The #EU wants to put servers in orbit,
2⃣ a #GDPR penalty for @Discord, and
3⃣ @AWSCloud has the hatchet out.
At @TechstrongGroup’s @DevOpsDotCom: https://t.co/IvBX6yI6Pp #DevOps #ASCEND
Wednesday 16 November 2022
Track this: Apple, Google hit with BIG privacy law claims - ReversingLabs
3/ #Google lost a long standing privacy case, with more in the works. And now #Apple faces a big ol’ privacy #ClassAction.
— @Richi 🤓 Jennings (@RiCHi) November 16, 2022
In this week’s #SSBlogwatch we navigate the minefield.
For @ReversingLabs’ @SecuredSoftware: https://t.co/tv9KECQfSM
Tuesday 15 November 2022
Google Pixel Can be Unlocked via SIM Swap (Other Android Phones, Too) - Security Boulevard
3/ #CVE202220465 is the vulnerability ID.
— @Richi 🤓 Jennings (@RiCHi) November 15, 2022
In today’s #SBBlogwatch, we search for the lost SIM eject tool.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/aA0X2Llwcp
Friday 11 November 2022
NSA’s Plea: Stop Using C and C++ (Because You’re Idiots) - Security Boulevard
3/ His prescription: Switch to languages such as @RustLang, like some of the #Linux kernel team are doing.
— @Richi 🤓 Jennings (@RiCHi) November 11, 2022
In today’s #SBBlogwatch, we’re only *slightly* sarcastic. At @TechstrongGroup’s @SecurityBlvd: https://t.co/VL493if9l1 #Rust #NSA
Thursday 10 November 2022
Rust Momentum Intensifies | Elon Says No WFH - DevOps.com
In this week’s #TheLongView:
— @Richi 🤓 Jennings (@RiCHi) November 10, 2022
1⃣ People won’t shut up about @Rustlang, and
2⃣ @ElonMusk mandates @Twitter teams return to the office.
At @TechstrongGroup’s @DevOpsDotCom: https://t.co/K3Gwfz44iw #DevOps #rust #RustLang #WFH
Wednesday 9 November 2022
Dropbox reveals hack: What DevOps can learn from it - ReversingLabs
Dropbox was hacked last month. The company has now revealed more details — and there are some big surprises.
3/ And it goes without saying that you shouldn’t store secrets in @GitHub.
— @Richi 🤓 Jennings (@RiCHi) November 9, 2022
In this week’s #SSBlogwatch we say it anyway.
For @ReversingLabs’ @SecuredSoftware: https://t.co/yWcAceApXS #DevOps
Tuesday 8 November 2022
Hacker Stole $3B of Bitcoin — Because ‘Crypto’ is Garbage - Security Boulevard
3/ To call him a “hacker” is frankly insulting to #hackers.
— @Richi 🤓 Jennings (@RiCHi) November 8, 2022
In today’s #SBBlogwatch, we roll our eyes.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/3qjVkTR07e
Friday 4 November 2022
Red Cross Wants Shielding from Hacks via Digital Emblem - Security Boulevard
3/ Easy to mock, but it’s an interesting idea.
— @Richi 🤓 Jennings (@RiCHi) November 4, 2022
In today’s #SBBlogwatch, we give it space to ruminate.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/5WBwPEOPgP
Thursday 3 November 2022
OpenSSL Fiasco: What can DevOps Learn? | Elon Fires ‘50%’ of Twitter - DevOps.com
In this week’s #TheLongView:
— @Richi 🤓 Jennings (@RiCHi) November 3, 2022
1⃣ The #OpenSSL project has egg on its face, and
2⃣ half of @Twitter’s staff are for the chop tomorrow.
At @TechstrongGroup’s @DevOpsDotCom: https://t.co/Ia7B1ToZ7a #DevOps
Wednesday 2 November 2022
Reflection attacks: Don’t be part of the problem - ReversingLabs
>Learning from other devs’ mistakes is the only possible silver lining in this cloudy nightmare.
— @Richi 🤓 Jennings (@RiCHi) November 2, 2022
In this week’s #SSBlogwatch we take a long, hard look in the mirror.
For @ReversingLabs’ @SecuredSoftware: https://t.co/mgnJ0O39DI
Tuesday 1 November 2022
FBI/CISA Failed: Biden’s Ransomware Summit Convenes, Impotently
But will it amount to anything of substance?
— @Richi 🤓 Jennings (@RiCHi) November 1, 2022
In today’s #SBBlogwatch, we fear not.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/JQjGnok5eB
Monday 31 October 2022
Chinese Tech: Banned in DC, but not in the States - Security Boulevard
3/ It’s almost as if states had some sort of constitutional independence—who’d a thunk it?
— @Richi 🤓 Jennings (@RiCHi) October 31, 2022
In today’s #SBBlogwatch, we go hunting for heffalump.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/0QtEyKps5P
Friday 28 October 2022
OpenSSL ‘CRITICAL’ Bug — Sky Falling — Patch Hits 11/1 - Security Boulevard
OpenSSL has a new “critical” bug. But it’s a secret—until next month.
It’s a big, fat, hairy deal. OpenSSL is in just about everything.
— @Richi 🤓 Jennings (@RiCHi) October 28, 2022
In today’s #SBBlogwatch, we make sure our #SBOMs are up to date.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/CdrJbcSpXq
Thursday 27 October 2022
Meta Income Down by Half | Will Apple Make it Worse? | Linux Secure Boot Fix - DevOps.com
In this week’s #TheLongView:
— @Richi 🤓 Jennings (@RiCHi) October 27, 2022
1⃣ @Meta’s latest results are *very* bad,
2⃣ @Apple wants its cut of @Facebook ads, and
3⃣ Lennart “@pid_eins” Poettering proposes a new #SecureBoot for #Linux.
At @TechstrongGroup’s @DevOpsDotCom: https://t.co/9FGhbIS8yc #DevOps
Wednesday 26 October 2022
Google pairs GUAC with SLSA to take a bite out of software supply chain insecurity - ReversingLabs
3/ It’s an #OpenSource project. In this week’s #SSBlogwatch we go to @GitHub and check it out.
— @Richi 🤓 Jennings (@RiCHi) October 26, 2022
For @ReversingLabs’ @SecuredSoftware: https://t.co/wg73kjbuK4
Tuesday 25 October 2022
Chinese Huawei ‘Spies’ Charged — FBI is Mad as Hell - Security Boulevard
The Chinese government sent two spies to extract information about the U.S. case against Huawei. But they didn’t expect their contact to be a double agent.
Interesting timing, with the announcement right after #XiJinping changed the constitution to stay in power indefinitely.
— @Richi 🤓 Jennings (@RiCHi) October 25, 2022
In today’s #SBBlogwatch, we won’t share our hunny with heffalumps or woozles.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/WNiFqjIFL1
Friday 21 October 2022
TikTok ‘Will’ Spy on US Citizens — Say Sources - Security Boulevard
It’s not the first allegation that #TikTok is up to no good.
— @Richi 🤓 Jennings (@RiCHi) October 21, 2022
In today’s #SBBlogwatch, we doubt it’s the last.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/ZJOJ38IcMa
Thursday 20 October 2022
Fire at Data Center Causes Chaos | 20% Costlier Cloud - DevOps.com
In this week’s #TheLongView:
— @Richi 🤓 Jennings (@RiCHi) October 20, 2022
1⃣ A South Korean conflagration leads to a *ridiculously* long outage, and
2⃣ the price of #PublicCloud is skyrocketing.
At @TechstrongGroup’s @DevOpsDotCom: https://t.co/iqu9a3CuSI #DevOps #Kakao
Wednesday 19 October 2022
Devs: Don’t rely on GitHub Copilot — legal risk gets real - ReversingLabs
3/ The lesson for devs? Be extremely careful about the code fragments you import.
— @Richi 🤓 Jennings (@RiCHi) October 19, 2022
In this week’s #SSBlogwatch we go around.
For @ReversingLabs’ @SecuredSoftware: https://t.co/PsuMS6G98T
Monday 17 October 2022
$3 BILLION in DeFi Hacks in 2022—So Far - Security Boulevard
3/ #AndNothingOfValueWasLost.
— @Richi 🤓 Jennings (@RiCHi) October 17, 2022
In today’s #SBBlogwatch, we point and laugh at naked emperors.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/sQhl9WTtev #crypto
Friday 14 October 2022
Linux Fixes 5 Gaping Holes in Wi-Fi - Security Boulevard
Some say it’s the fault of @Linus_Torvalds himself (pictured).
— @Richi 🤓 Jennings (@RiCHi) October 14, 2022
In today’s #SBBlogwatch, we decline to point the finger.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/GnJqX0C6Xm
Thursday 13 October 2022
Kill the Password: Google on Board | 4-Day Week Proves Worthy - DevOps.com
In this week’s #TheLongView:
— @Richi 🤓 Jennings (@RiCHi) October 13, 2022
1⃣ #Passkeys is getting another big-tech supporter, and
2⃣ the @4DayWeek_Global train picks up speed.
At @TechstrongGroup’s @DevOpsDotCom: https://t.co/2mZSqgmWaJ #DevOps
Wednesday 12 October 2022
DevOps lessons from Toyota FAIL: Crash test secrets - ReversingLabs
Toyota stands accused of lax DevOps standards, as the company reveals it stored prod database credentials in a public GitHub repo. That’s bad enough, but it also took five years to detect and fix.
3/ It’s not the first time this has happened. In this week’s #SSBlogwatch we know it won’t be the last.
— @Richi 🤓 Jennings (@RiCHi) October 12, 2022
For @ReversingLabs’ @SecuredSoftware: https://t.co/StM8TAr1x3
Tuesday 11 October 2022
LEAKED: Intel’s BIOS Source Code — All 6GB of It - Security Boulevard
3/ #4chan is said to be involved. In today’s #SBBlogwatch, we try to sound surprised.
— @Richi 🤓 Jennings (@RiCHi) October 11, 2022
At @TechstrongGroup’s @SecurityBlvd: https://t.co/0G08dvxa3x @insydesw @github @lenovo
Friday 7 October 2022
Hacker Paige Thompson is FREE (‘Because Transgender Status and Mental Health Issues’) - Security Boulevard
3/ It’s fair to say #erratic was an #EthicalHacker. She could have gone about it better, but imprisoning a #whistleblower is never a good look—regardless of #GenderIdentity.
— @Richi 🤓 Jennings (@RiCHi) October 7, 2022
In today’s #SBBlogwatch, we are v. fair.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/60o69IgjV0
Thursday 6 October 2022
Linux 6.0 is Faster, Cooler | Debian Goes Proprietary | Google Africa Region - DevOps.com
In this week’s #TheLongView:
— @Richi 🤓 Jennings (@RiCHi) October 6, 2022
1⃣ #Linux 6.0 promoted to Stable,
2⃣ @Debian 12 will include closed-source binaries, and
3⃣ @GoogleCloud opens its first #Africa region.
At @TechstrongGroup’s @DevOpsDotCom: https://t.co/F9Uc1UnAoc #DevOps
Wednesday 5 October 2022
Memory-safe #RustLang shines with its day in the sun - ReversingLabs
But beware of edge cases. In this week’s #SSBlogwatch we brace for one of @Linus_Torvalds’ famous rants.
— @Richi 🤓 Jennings (@RiCHi) October 5, 2022
For @ReversingLabs’ @SecuredSoftware: https://t.co/4SSu3P3AVN #RustLang
Tuesday 4 October 2022
FAIL: Los Angeles School District Loses 500GB of PII - Security Boulevard
The Los Angeles Unified School District (LAUSD) has lost control of a huge cache of sensitive data. The leak—courtesy of Russian gang Vice Society—includes staff bank account details and psych evals of children.
The self-styled “most accomplished superintendent in America’s history” definitely accomplished *something*.
— @Richi 🤓 Jennings (@RiCHi) October 4, 2022
In today’s #SBBlogwatch, we think it would have been better if he’d accomplished some improved #security.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/FVHhM4W6WS
Friday 30 September 2022
Warning: N. Korean Job Scams Push Trojans via LinkedIn - Security Boulevard
Weird things are happening on LinkedIn. Scammers, believed to be working for North Korea, are creating fake profiles and targeting job applicants.
3/ Hey, hey, #DPRK, how many people will you scam today?
— @Richi 🤓 Jennings (@RiCHi) September 30, 2022
In today’s #SBBlogwatch, we piece together the puzzle.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/MpJMRwpATu
Thursday 29 September 2022
“The OG App” Devs’ Facebook Ban | WFH vs. NYC Real Estate | Calif. Pay Law is GO - DevOps.com
In this week’s #TheLongView:
— @Richi 🤓 Jennings (@RiCHi) September 29, 2022
1⃣ A third party @Instagram app causes ructions,
2⃣ #RemoteWork causes office slump, and
3⃣ more on @California’s salary transparency law #SB1162.
At @TechstrongGroup’s @DevOpsDotCom: https://t.co/XARDmyBgos #DevOps @TheOGapp_
Wednesday 28 September 2022
DevOps teams: BGP security is BAD. But you can fix it - ReversingLabs
3/3 Are you doing them?
— @Richi 🤓 Jennings (@RiCHi) September 28, 2022
Do you want to know how? In this week’s #SSBlogwatch we point you in the right directions.
For @ReversingLabs’ @SecuredSoftware: https://t.co/yXqna3Mimv #DevSecOps
Tuesday 27 September 2022
Russia ‘Plans’ HUGE Cyberattack on Critical Infrastructure - Security Boulevard
The Ukrainian government has warned that Russia is planning a massive attack against critical infrastructure. And not just that of Ukraine, but also of its allies.
“Hello Ukraine,” the mural says.
— @Richi 🤓 Jennings (@RiCHi) September 27, 2022
In today’s #SBBlogwatch, we paint the town blue and yellow.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/DlbcNYUSpx
Monday 26 September 2022
Alleged Russian RSOCKS Hacker: ‘Send Me to US’ - Security Boulevard
The supposed owner of RSOCKS—a huge illegal botnet that provided anonymous proxy services to scrotes—wants to be extradited to the U.S. He claims to have information authorities here will want to hear.
3/3 A U.S. #prison is likely better than the alternatives.
— @Richi 🤓 Jennings (@RiCHi) September 26, 2022
In today’s #SBBlogwatch, ние сме твърде красиви.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/ggRRDz6qeB
Thursday 22 September 2022
Wipro Fires 2-Job Staff | Python Bug from 2007 | Lite Layoffs - DevOps.com
In this week’s #TheLongView:
— @Richi 🤓 Jennings (@RiCHi) September 22, 2022
1⃣ @Wipro fires 300 for #moonlighting at competitors,
2⃣ #Python has a nasty 15-year-old bug, and
3⃣ companies are finding new ways to lay people off without calling it a “#layoff.”
At @TechstrongGroup’s @DevOpsDotCom: https://t.co/JI3ow4hdGP #DevOps
Rust finds its mojo: Move forward to memory-safe code - ReversingLabs
It’s confirmed: The Linux kernel will have Rust support soon. Also this week, Microsoft’s Azure CTO said the age of C++ is over—Rust is the future.
The momentum is surely unstoppable.
— @Richi 🤓 Jennings (@RiCHi) September 22, 2022
In this week’s #SSBlogwatch we see both sides.
For @ReversingLabs’ @SecuredSoftware: https://t.co/rm1ioDphkP
Tuesday 20 September 2022
Hate Site Hacked — Kiwi Farms is ‘Very, Very Owned’ - Security Boulevard
Kiwi Farms, the notorious web forum for harassing feminists, the neurodivergent and LGBTQ+ people, has itself suffered the ultimate harassment. Its services were secretly infected for weeks by an injected script that exfiltrated data about its users.
Next we expect leaks of user details.
— @Richi 🤓 Jennings (@RiCHi) September 20, 2022
In today’s #SBBlogwatch, we get slapped in the face with the #irony fish.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/DX9Y6I9lyP #DropKiwiFarms
Monday 19 September 2022
Victims of Gym Phone Theft Lose $10,000 Each (Because SMS 2FA) - Security Boulevard
A spate of thefts from gym lockers is reminding us that SMS based two-factor authentication (2FA) is utter, utter garbage. A fraudster is stealing phones and debit/ATM cards, using them to rack up big bills in London.
Let’s unpick the #fraud.
— @Richi 🤓 Jennings (@RiCHi) September 19, 2022
In today’s #SBBlogwatch, we get pumped.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/L48Kh04XPq
Friday 16 September 2022
Uber Hacked: Its Security is ‘Awful’ and ‘Weak’ - Security Boulevard
It’s bad—REALLY bad.
— @Richi 🤓 Jennings (@RiCHi) September 16, 2022
In today’s #SBBlogwatch, we dissect a train wreck.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/8P4f9SCEl2
Thursday 15 September 2022
Heat Cooks Twitter DC | AI Will Kill All Humans | Patreon Layoffs, CSAM Claim - DevOps.com
In this week’s #TheLongView:
— @Richi 🤓 Jennings (@RiCHi) September 15, 2022
1⃣ @Twitter is in a “non-redundant state,” thanks to a hot summer,
2⃣ #AI is likely to eliminate us, and
3⃣ @Patreon fires 80 staff amid /nasty/ allegations (TW: #ChildSafety).
At @TechstrongGroup’s @DevOpsDotCom: https://t.co/kupBE1jn4z #DevOps
Why Twitter security sucks: Half of staff has PII access - ReversingLabs
Is your shop any better? If a bad actor insider abused their power, would you be able to quickly identify it and lock down #access?
— @Richi 🤓 Jennings (@RiCHi) September 15, 2022
In this week’s #SSBlogwatch we get real.
For @ReversingLabs’ @SecuredSoftware: https://t.co/xkcw4JBGC5
Tuesday 13 September 2022
Retbleed Security Fix Makes Linux go 70% Slower - Security Boulevard
Good thing @Intel is working on a better fix.
— @Richi 🤓 Jennings (@RiCHi) September 13, 2022
In today’s #SBBlogwatch, we #speculate to accumulate.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/D2rnn3NLld
Friday 9 September 2022
Patreon Fires its Security Team — and the Internet Freaks Out - Security Boulevard
3/ And there’s an unsubstantiated rumor that #Patreon has been #hacked again.
— @Richi 🤓 Jennings (@RiCHi) September 9, 2022
In today’s #SBBlogwatch, we hope it’s not as bad as 2015’s #blackmail-fest.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/caNFcqGawo
Thursday 8 September 2022
How’s Facebook Work? They Don’t Know! | Cali. Pay Law | NASA RISC-V Launch - DevOps.com
In this week’s #TheLongView:
— @Richi 🤓 Jennings (@RiCHi) September 8, 2022
1⃣ @Facebook engineers admit they’ve no idea what @Meta stores (or where),
2⃣ @California requires job ads quote salaries, and
3⃣ @RISC_V will power future @NASA spacecraft.
At @TechstrongGroup’s @DevOpsDotCom: https://t.co/12gqnIKYCd #DevOps
U.S. schools developers on supply chain security - ReversingLabs
Even so, dev teams should try to familiarize themselves with it (especially if you want to sell to governments).
— @Richi 🤓 Jennings (@RiCHi) September 8, 2022
In this week’s #SSBlogwatch we achieve full buzzword compliance.
For @ReversingLabs’ @SecuredSoftware: https://t.co/zcW5HZsKgY
Tuesday 6 September 2022
TikTok Hack: 2B Records Leak — but ByteDance Denies - Security Boulevard
3/ What’s really going on?
— @Richi 🤓 Jennings (@RiCHi) September 6, 2022
In today’s #SBBlogwatch, we sort fiction from fact.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/Kh26Rk8RpT
Friday 2 September 2022
Hackers Hail all Taxis in Moscow — HUGE Gridlock for 3 Hours - Security Boulevard
Ukraine supporters hacked Russia’s biggest ride hailing app, Yandex Taxi. They sent every available cab to a single address, all at once.
3/ Yesterday was not a great day if you were trying to drive on the west side of central #Moscow.
— @Richi 🤓 Jennings (@RiCHi) September 2, 2022
In today’s #SBBlogwatch, we get out and walk.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/xjGL1vTFUf
Wednesday 31 August 2022
Stable Diffusion Goes Public — and the Internet Freaks Out - DevOps.com
In this week’s #TheLongView: Unless you’ve been living under a rock, you’ll have seen something about @StabilityAI’s #StableDiffusion. It’s the new #OpenSource #MachineLearning model for creating images from text …
— @Richi 🤓 Jennings (@RiCHi) August 31, 2022
At @TechstrongGroup’s @DevOpsDotCom: https://t.co/CR9WZAs3SG
LastPass hacked (again): What devs can learn - ReversingLabs
The latest LastPass hack: Bad actors stole source code and other secrets from the huge password-manager firm’s dev environment. But not, it stresses, anyone’s passwords — as far as it can tell.
3/ What a mess. And it’s not the first time.
— @Richi 🤓 Jennings (@RiCHi) August 31, 2022
In this week’s #SSBlogwatch we put all our eggs in one basket.
For @ReversingLabs’ @SecuredSoftware: https://t.co/zTlkT5w8jT
Tuesday 30 August 2022
0ktapus/‘Scatter Swine’ Hacking Gang Stole 10,000 Corp Logins via Twilio - Security Boulevard
3/ And what’s with the silly names? #0ktapus? #ScatterSwine?
— @Richi 🤓 Jennings (@RiCHi) August 30, 2022
In today’s #SBBlogwatch, we dream of eight-legged pigs.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/w5GND6SbSx
Thursday 25 August 2022
Force Me Back to the Office? Apple ‘Hasn’t Learned Anything’ - DevOps.com
In this week’s #TheLongView: New ways of working.
— @Richi 🤓 Jennings (@RiCHi) August 25, 2022
Whether it’s remote work, enforced #HybridWorking or a four-day working week, let’s triage the trends and futz with the future.
At @TechstrongGroup’s @DevOpsDotCom: https://t.co/OaeWQHU5mS #DevOps
Hyundai devs used sample code signing keys, making updates vulnerable - ReversingLabs
Developers of the entertainment unit in the Hyundai Ioniq didn’t seem to follow the sample code they were using. They reused an RSA code-signing key pair from an example, rather than generating their own.
3/: It’s only the entertainment unit, right?
— @Richi 🤓 Jennings (@RiCHi) August 25, 2022
But it’s a #Linux computer with full access to the car’s critical #CANbus.
In this week’s #SSBlogwatch we’re frightened by the implications.
For @ReversingLabs’ @SecuredSoftware: https://t.co/WQK6Z3lPW0
Tuesday 23 August 2022
Oracle’s HUGE Ad Data Graph is ‘Illegal Panopticon’ — 5 BILLION People Big - Security Boulevard
Oracle “illegally” collects and links data about you, selling it to the highest bidder—all without your consent. Online and offline, your privacy is invaded daily—so says a California class action lawsuit.
3/ Stuff just got real, #AdTech industry.
— @Richi 🤓 Jennings (@RiCHi) August 23, 2022
In today’s #SBBlogwatch, we draw back the #SurveillanceCapitalism curtain.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/7DO00ddXzb
Monday 22 August 2022
NSO Group Fires CEO — and 100 Staff — in Spyware ‘Streamlining’ - Security Boulevard
NSO, notorious producer of the Pegasus nation-state spyware, is struggling. So it’s dumped its CEO, Shalev Hulio, and around 100 employees.
Is this the end for @NSOGroup?
— @Richi 🤓 Jennings (@RiCHi) August 22, 2022
In today’s #SBBlogwatch, we wave goodbye to the “S” in #NSO.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/t9RkgXIYSi
Friday 19 August 2022
VPNs Don’t Work on iOS — and Apple Doesn’t Care - Security Boulevard
“VPNs on iOS are a scam.” That’s what an angry security researcher would have you believe. He’s fed up of reproducing and documenting a serious iOS bug that Apple just won’t fix.
What use is a VPN that randomly leaks data?
— @Richi 🤓 Jennings (@RiCHi) August 19, 2022
In today’s #SBBlogwatch, we pit @DefensiveComput vs. @Tim_Cook.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/BAjWNngfIO
Thursday 18 August 2022
Agile Sucks (Redux) | Plus: DevOps on Mars - DevOps.com
In this week’s #TheLongView:
— @Richi 🤓 Jennings (@RiCHi) August 18, 2022
1⃣ #Agile is bad, but “Wagile” is worse,
2⃣ This prod is even worse than yours.
At @TechstrongGroup’s @DevOpsDotCom: https://t.co/azrc6nOTCd #DevOps @NASA @NASAJPL @MarsCuriosity
Just for devs: Best of Black Hat and DEF CON - ReversingLabs
I’ll peruse the news of the week … so you don’t have to.
— @Richi 🤓 Jennings (@RiCHi) August 18, 2022
In this week’s #SSBlogwatch we sort the heat from the chai.
For @ReversingLabs’ @SecuredSoftware: https://t.co/H6DUkWpZlU #AEPICLeak #Electron
Monday 15 August 2022
Gmail Lets Candidates Spam You — FEC FAIL - Security Boulevard
Oh, what a tangled web we weave.
— @Richi 🤓 Jennings (@RiCHi) August 15, 2022
In today’s #SBBlogwatch, we order the lobster Thermidor au crevette with a Mornay sauce, served in a Provencale manner, with shallots and aubergines, etc., etc. …
At @TechstrongGroup’s @SecurityBlvd: https://t.co/DnKlTnyyo8 @ShaeFlorentine
Friday 12 August 2022
Cisco Pwned by ‘Russian’ Gang — Data Leaked, Egg on Face - Security Boulevard
What a mess.
— @Richi 🤓 Jennings (@RiCHi) August 12, 2022
In today’s #SBBlogwatch, we try to learn from Cisco’s mistakes.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/F3WgYaRi9c
Thursday 11 August 2022
We Must Kill ‘Dinosaur’ JavaScript | Microsoft Open Sources 3D Emoji - DevOps.com
In this week’s #TheLongView:
— @Richi 🤓 Jennings (@RiCHi) August 11, 2022
1⃣ #JavaScript is a bloated barrier to progress, and
2⃣ @Microsoft’s #emoji are on @GitHub.
At @TechstrongGroup’s @DevOpsDotCom: https://t.co/Bfcjp7bHbE #DevOps
DevOps: Fix your dangerous redirects! Amex shows how - ReversingLabs
Be better netizens, #DevOps teams.
— @Richi 🤓 Jennings (@RiCHi) August 11, 2022
In this week’s #SSBlogwatch we audit our URLs.
For @ReversingLabs’ @SecuredSoftware: https://t.co/MPBjV6uFjn
Tuesday 9 August 2022
Twilio Fails Simple Test — Leaks Private Data via Phishing - Security Boulevard
… Twilio PR is spinning it as a “sophisticated” attack.
— @Richi 🤓 Jennings (@RiCHi) August 9, 2022
In today’s #SBBlogwatch, we just point and laugh.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/nRi20mV3u7
Monday 8 August 2022
Slack App Leaked Hashed User Passwords for 5 YEARS - Security Boulevard
Egg on someone’s face at @SlackHQ.
— @Richi 🤓 Jennings (@RiCHi) August 8, 2022
In today’s #SBBlogwatch, we double-check our password manager.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/caOOEwyWZ1
Friday 5 August 2022
US Emergency Alert System Has ‘Huge Flaw’ — Broadcasters Must Patch NOW - Security Boulevard
This is NOT a test.
— @Richi 🤓 Jennings (@RiCHi) August 5, 2022
In today’s #SBBlogwatch, we fear a *real* emergency.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/3mrQ1zDYz4
Thursday 4 August 2022
Recession! DevOps Hiring Freeze | Data Centers Suck (Power) | Intel to ‘be’ Wi-Fi 7 - DevOps.com
In this week’s #TheLongView:
— @Richi 🤓 Jennings (@RiCHi) August 4, 2022
1⃣ Engineer #jobs are being cut, #hiring
2⃣ #cloud infrastructure is using too much #energy, and
3⃣ @Intel’s 802.11be silicon is alive. #WiFi7
At @TechstrongGroup’s @DevOpsDotCom: https://t.co/AOQdR9Z2b4 #DevOps #thanks @ShaeFlorentine
Post-quantum algo ‘SIKE’ dead: Did math geeks find key-encap back door? - ReversingLabs
… @CosicBe researchers Wouter Castryck and Thomas Decru are eligible for a chunky #BugBounty.
— @Richi 🤓 Jennings (@RiCHi) August 4, 2022
In this week’s #SSBlogwatch we’re glad to see the system is working, not broken.
For @ReversingLabs’ @SecuredSoftware: https://t.co/lp9Ar4HrHB