A firm called @SpyCloudCo is selling your data to law enforcement.
— @Richi Jennings (@RiCHi) July 10, 2020
What’s worse is that the sources of that data are hackers. https://t.co/RbXbsNCqa1
1/…
Friday, 10 July 2020
Police Buy Hacked Data, to Fish for Evidence—Is That Even Legal? - Security Boulevard
Quis Custodiet Ipsos Custodes?
Thursday, 9 July 2020
Feds warn: MSPs being hacked—so stop your complacency - TechBeacon
Mismanaged SP?
The US @SecretService issued a mysterious alert, warning that managed service providers are being targeted by criminals. It doesn’t name names, but we think it’s connected with a #vulnerability in software used by many MSPs. https://t.co/J3iocjeP08
— @Richi Jennings (@RiCHi) July 9, 2020
1/…
Tuesday, 7 July 2020
F5 BIG-IP Has Huge, Enormous, Bad, Scary Security Holes (Patch NOW) - Security Boulevard
Hair. On. Fire.
Drop everything: A #CVSS score of 10 is as bad as it gets. Trivial to #exploit, this @F5Networks BIG-IP #vulnerability lets criminals pwn your entire network, and redirect your customers elsewhere. https://t.co/QDN0yCp6LX
— @Richi Jennings (@RiCHi) July 7, 2020
1/…
Friday, 3 July 2020
1,000 False Wakewords: A Letter! Buy 200 Toilet Rolls - Security Boulevard
Election! Confirm Purchase.
Researchers have found a thousand ways to say smart-speaker wakewords: @Alexa99, okay @Google, #heySiri, and so on. It highlights the problem of misheard speech causing private audio to be squirreled away on corporations’ servers for later analysis. https://t.co/JdjEwulPEj
— @Richi Jennings (@RiCHi) July 3, 2020
1/…
Thursday, 2 July 2020
Google, Apple, Mozilla enforce 1-year max certificate expiration - TechBeacon
Time’s up for lazy DevOps
If you use #TLS certificates with long validity periods, then listen up.
— @Richi Jennings (@RiCHi) July 2, 2020
Any cert issued after next month needs to last no longer than a year (plus a month’s grace): https://t.co/UfAqeoUWoG
Subscribe to:
Posts (Atom)