no more cubes

Tag: security

  • Cyber-Recall

    “Website URL published on packaging has been compromised and contains explicit content unsuitable for children.” I am old enough to remember when the Internet and the web even more were the future. Now it’s a dystopian source of evil, leading to retailers recalling kids biscuits. via:

  • 047

    047

    Amerikahaus. Data for Good: #Tech Insight for #Security and #Democracy.

  • Rechtschreibprüfung schickt Passwörter

    Hey Security-Bubble! Habt Ihr euch auch schon mal Gedanken darüber gemacht, ob die Passwörter eurer Benutzer auch alle richtig sind? Dann gibt es gute Nachrichten für euch! Jedenfalls berichtet t3n, dass otto-js Research Team sich einmal den Chrome & Edge Enhanced Spellcheck angeschaut haben. Und dabei stellt sich folgendes raus: Sicherheitslücke: Rechtschreibprüfung schickt Passwörter an…

  • VR Microphone to preserve privacy

    The Metaverse is uncharted land. A big bet for many. Because it opens up so many new opportunities, that lie in the virtual and the physical world. MuTalk is concerned about your voice in public. With goggles on, it’s impossible to note who’s around you. Anything expressed in such a setting can end a leak…

  • Identity Authentication as a Service

    Cloud is a solution for everything. Databases, Message-Queues, Storage, Loadbalancing, everything. You’ll leverage somebody else’s Computer to run your workload, you’ll store data to help your business scale. Even Identity Authentication as a Service is a thing. Well, until the remote provider gets hacked. This is in particular bad if the provider offers authentication and…

  • AI Wrote Better Phishing Emails

    WIRED schreibt, dass es Forschern gelungen ist, mit Hilfe von GPT3, dem Generative Pre-trained Transformer 3 ML Netzwerk, Phishing Mails zu erzeugen, die deutlich wirksamer sind als von Menschen geschriebene Mails. Endlich ein Einsatzbereich für AI, der sich auch ohne VC Geld lohnt. Source: AI Wrote Better Phishing Emails Than Humans in a Recent Test…

  • Malicious PyPI Packages

    It was a matter of time. After the npm-repository was hit later last year and ruby gems were found mining crypto-currency, this times it’s PyPI that spreads bad code. Supply chain attacks, as this vector is typically referred to, becomes an increasing problem. Foremost for software vendors. The rich supply of community maintained packages make…

  • Snyk Acquires FossID

    FossID is a software composition analysis tool that scans code for open source licenses and vulnerabilities. It is the third acquisition by Snyk in the past 6 months. FossID, a software composition analysis tool that scans code for open source licenses and vulnerabilities Source: Snyk Acquires FossID to Accelerate Worldwide Developer-First Security Adoption | Snyk

  • Sicherheitsalbtraum: Vernetzte Türklingeln 

    Vernetzte Türklingeln: Das Internet der Dinge liefert. Auch zu Weihnachten. Günstige digitale Videoklingeln weisen schwere Sicherheitslücken wie Authentifizierungsprobleme auf und werden teils schon mit Softwarefehlern geliefert. Aus dem heise.de Artikel.

  • Palantir founding member of Gaia-X

    Palantir is an US based company specialising in Big Data, with a very particular focus on decision making for governental and corporate situations. The companies products have inspiring names like Gotham or Metropolis and have sparked ethical controversies, when it comes to their usage. In particular these two products provides capabilities to military and police,…