Tag: security
-
Cyber-Recall
“Website URL published on packaging has been compromised and contains explicit content unsuitable for children.” I am old enough to remember when the Internet and the web even more were the future. Now it’s a dystopian source of evil, leading to retailers recalling kids biscuits. via:
-
047
Amerikahaus. Data for Good: #Tech Insight for #Security and #Democracy.
-
Rechtschreibprüfung schickt Passwörter
Hey Security-Bubble! Habt Ihr euch auch schon mal Gedanken darüber gemacht, ob die Passwörter eurer Benutzer auch alle richtig sind? Dann gibt es gute Nachrichten für euch! Jedenfalls berichtet t3n, dass otto-js Research Team sich einmal den Chrome & Edge Enhanced Spellcheck angeschaut haben. Und dabei stellt sich folgendes raus: Sicherheitslücke: Rechtschreibprüfung schickt Passwörter an…
-
Identity Authentication as a Service
Cloud is a solution for everything. Databases, Message-Queues, Storage, Loadbalancing, everything. You’ll leverage somebody else’s Computer to run your workload, you’ll store data to help your business scale. Even Identity Authentication as a Service is a thing. Well, until the remote provider gets hacked. This is in particular bad if the provider offers authentication and…
-
AI Wrote Better Phishing Emails
WIRED schreibt, dass es Forschern gelungen ist, mit Hilfe von GPT3, dem Generative Pre-trained Transformer 3 ML Netzwerk, Phishing Mails zu erzeugen, die deutlich wirksamer sind als von Menschen geschriebene Mails. Endlich ein Einsatzbereich für AI, der sich auch ohne VC Geld lohnt. Source: AI Wrote Better Phishing Emails Than Humans in a Recent Test…
-
Malicious PyPI Packages
It was a matter of time. After the npm-repository was hit later last year and ruby gems were found mining crypto-currency, this times it’s PyPI that spreads bad code. Supply chain attacks, as this vector is typically referred to, becomes an increasing problem. Foremost for software vendors. The rich supply of community maintained packages make…
-
Snyk Acquires FossID
FossID is a software composition analysis tool that scans code for open source licenses and vulnerabilities. It is the third acquisition by Snyk in the past 6 months. FossID, a software composition analysis tool that scans code for open source licenses and vulnerabilities Source: Snyk Acquires FossID to Accelerate Worldwide Developer-First Security Adoption | Snyk
-
Sicherheitsalbtraum: Vernetzte Türklingeln
Vernetzte Türklingeln: Das Internet der Dinge liefert. Auch zu Weihnachten. Günstige digitale Videoklingeln weisen schwere Sicherheitslücken wie Authentifizierungsprobleme auf und werden teils schon mit Softwarefehlern geliefert. Aus dem heise.de Artikel.
-
Palantir founding member of Gaia-X
Palantir is an US based company specialising in Big Data, with a very particular focus on decision making for governental and corporate situations. The companies products have inspiring names like Gotham or Metropolis and have sparked ethical controversies, when it comes to their usage. In particular these two products provides capabilities to military and police,…