This is all a bit too neat and tidy for my liking. In today’s #SBBlogwatch at @SecurityBlvd, we check under the rug: https://t.co/7CvuWztWms
— @Richi π· Jennings (@RiCHi) February 19, 2021
Friday, 19 February 2021
SolarWinds Hack: ‘All is Well,’ Microsoft Shrugs - Security Boulevard
“Trust Us (Except Don’t)”
Thursday, 18 February 2021
Oracle is Said to Help China Find Dissidents and Jail Minorities - Security Boulevard
When Larry Met δΉ
But is there a There there? In today’s #SBBlogwatch at @SecurityBlvd, we dig in: https://t.co/Krzffz4jZb
— @Richi π· Jennings (@RiCHi) February 18, 2021
Lesson from supply chain attacks: Beware 'dependency confusion' - TechBeacon
After Alex Birsan’s $130,000 bug-bounty haul last week, hundreds of bogus npm packages have popped up out of nowhere. They appear to have been published by copycat researchers—some of whom have less-than-pure intentions.
The moral of the story? Make sure the code you’re importing really is the code you think you’re importing.
The moral of the story? Make sure the code you’re importing really is the code you think you’re importing.
And, of course, that means he was running his code on other people’s networks. In this week’s #SecurityBlogwatch at @TechBeaconCom, we get lost: https://t.co/r8SepQEDlY
— @Richi π· Jennings (@RiCHi) February 18, 2021
Monday, 15 February 2021
Internal Leak of 4,887 Users: Yandex Employee Fate Unknown - Security Boulevard
$YNDX Stays Schtum
No word on what’s happened to the scrote. In today’s #SBBlogwatch at @SecurityBlvd, we visualize them chopped up and hidden in matryoshka dolls: https://t.co/C37YigOSXu
— @Richi π· Jennings (@RiCHi) February 15, 2021
Subscribe to:
Posts (Atom)