“Website URL published on packaging has been compromised and contains explicit content unsuitable for children.”
I am old enough to remember when the Internet and the web even more were the future. Now it’s a dystopian source of evil, leading to retailers recalling kids biscuits.
Hey Security-Bubble! Habt Ihr euch auch schon mal Gedanken darüber gemacht, ob die Passwörter eurer Benutzer auch alle richtig sind? Dann gibt es gute Nachrichten für euch!
Jedenfalls berichtet t3n, dass otto-js Research Team sich einmal den Chrome & Edge Enhanced Spellcheck angeschaut haben. Und dabei stellt sich folgendes raus:
Sicherheitslücke: Rechtschreibprüfung schickt Passwörter an Microsoft und Google
The Metaverse is uncharted land. A big bet for many. Because it opens up so many new opportunities, that lie in the virtual and the physical world. MuTalk is concerned about your voice in public. With goggles on, it’s impossible to note who’s around you. Anything expressed in such a setting can end a leak to bystanders.
To let you immerse into the Metaverse on, say, a train platform while you wait for your commute, MuTalk now allows you to do virtual meetings with your corporate colleagues without risking your privacy.
MuTalk Microphone
MuTalk is a bizarre-looking Bluetooth microphone that lets you chat privately in public thanks to its sound absorption material.
From the article
The Metaverse is huge opportunity, that attracts lucky knights.
Cloud is a solution for everything. Databases, Message-Queues, Storage, Loadbalancing, everything. You’ll leverage somebody else’s Computer to run your workload, you’ll store data to help your business scale. Even Identity Authentication as a Service is a thing.
Well, until the remote provider gets hacked. This is in particular bad if the provider offers authentication and has employee credentials.
And it looks like Okta has fallen victim to Lapsus, a Russian Ransomware Group. At this point, this appears unconfirmed. But it will be a lot of trouble, way beyond Decembers Log4J RCE, if true.
Oh man, if this it what it looks (Okta got popped)… Blue Team everywhere is gonna be crazy busy. pic.twitter.com/PY4dIzfwvM
WIRED schreibt, dass es Forschern gelungen ist, mit Hilfe von GPT3, dem Generative Pre-trained Transformer 3 ML Netzwerk, Phishing Mails zu erzeugen, die deutlich wirksamer sind als von Menschen geschriebene Mails.
Endlich ein Einsatzbereich für AI, der sich auch ohne VC Geld lohnt.
The rich supply of community maintained packages make particular languages attractive to businesses. Plenty of ready made packages allow to rapidly build the most important components required to bootstrap any SaaS business. Authentication, database connectivity, model view abstraction layers, web request routing, html templating, it all can be found in either of these, at no added cost.
However, nothing in life is free and the price vendors pay is the added risk of unvalidated or unverified sources.
FossID is a software composition analysis tool that scans code for open source licenses and vulnerabilities. It is the third acquisition by Snyk in the past 6 months.
FossID, a software composition analysis tool that scans code for open source licenses and vulnerabilities
Vernetzte Türklingeln: Das Internet der Dinge liefert. Auch zu Weihnachten.
Günstige digitale Videoklingeln weisen schwere Sicherheitslücken wie Authentifizierungsprobleme auf und werden teils schon mit Softwarefehlern geliefert.
