(safe) Unsecure security

218 readers
1 users here now

(un) Security - Who will guard the guards?

founded 3 years ago
MODERATORS
saint@group.lt
skrt@group.lt
KasTas@group.lt
listing: all - local
51
1
French unemployment agency data breach impacts 43 million people (www.bleepingcomputer.com)
submitted 1 year ago by KasTas@group.lt to c/saugumas@group.lt
0 comments fedilink
52
1
Secret Backdoor Codes in Safe Locks (www.404media.co)
submitted 1 year ago by saint@group.lt to c/saugumas@group.lt
0 comments fedilink
 
 

The little known “manufacturer” or “manager” reset codes could let third parties—such as spies or criminals—bypass locks without the owner’s consent and are sometimes not disclosed to customers.

The fact the DoD protected its own interests while not warning the public gives a stark demonstration of what could happen if a backdoor was inserted into a consumer electronics device or similar.

The documentation also explicitly says that sometimes the existence of a manager code may not be sent to an actual user of the device. “In some instances the Manager Code and associated Operating Instructions are not issued to the End User,” it reads, meaning that people may be using these locks without understanding that they can include a backdoor code.

53
1
Meta sues ex VP of Infrastructure for 'trade secret theft' (www.theregister.com)
submitted 1 year ago by saint@group.lt to c/saugumas@group.lt
0 comments fedilink
 
 

"Khurana was handsomely compensated," Meta continued in its complaint. "But ... that was not enough." Despite that fat pay package and VP title, Khurana may have failed to consider the level of monitoring or logging that goes on inside Meta's networks, if the lawsuit's allegations are correct.

54
1
Behind the doors of a Chinese hacking company, a sordid culture fueled by influence, alcohol and sex (apnews.com)
submitted 1 year ago by saint@group.lt to c/saugumas@group.lt
0 comments fedilink
55
1
Lithuania security services warn of China's espionage against the country (securityaffairs.com)
submitted 1 year ago by saint@group.lt to c/saugumas@group.lt
0 comments fedilink
56
1
NSA Hacker Chief Explains How to Keep Him Out of Your System (www.wired.com)
submitted 1 year ago by saint@group.lt to c/saugumas@group.lt
0 comments fedilink
57
1
Why securing systems is perhaps not uniquely difficult (www.theregister.com)
submitted 1 year ago by saint@group.lt to c/saugumas@group.lt
0 comments fedilink
58
1
Save Flipper - Vehicle thefts - Insecure vehicles should be banned, not security tools like the Flipper Zero (saveflipper.ca)
submitted 1 year ago by saint@group.lt to c/saugumas@group.lt
0 comments fedilink
59
1
An Online Dump of Chinese Hacking Documents Offers a Rare Window Into Pervasive State Surveillance (www.securityweek.com)
submitted 1 year ago by saint@group.lt to c/saugumas@group.lt
0 comments fedilink
60
1
FTC says Avast promised privacy, but pirated consumers’ data for treasure (ftc.gov)
submitted 1 year ago by KasTas@group.lt to c/saugumas@group.lt
0 comments fedilink
 
 

Funnilly, Avast is under the same umbrella as AVG, Norton, Symatec and bunch of over tools like CCleaner: https://en.wikipedia.org/wiki/Gen_Digital

61
1
A turning point for CVE numbers [LWN.net] - Linux became an CVE authority (CNA) (lwn.net)
submitted 1 year ago by KasTas@group.lt to c/saugumas@group.lt
0 comments fedilink
62
1
Police arrest LockBit ransomware members, release decryptor in global crackdown (www.bleepingcomputer.com)
submitted 1 year ago by KasTas@group.lt to c/saugumas@group.lt
0 comments fedilink
63
1
TruffleHog: Open-source solution for scanning secrets - Help Net Security (www.helpnetsecurity.com)
submitted 1 year ago by saint@group.lt to c/saugumas@group.lt
0 comments fedilink
64
1
Wyze admits 13k users could've seen strangers' camera feeds (www.theregister.com)
submitted 1 year ago by saint@group.lt to c/saugumas@group.lt
0 comments fedilink
65
1
CySecurity News - Latest Information Security and Hacking Incidents: AI Unravels the Mystery of Fingerprints: Are We Truly Unique? (www.cysecurity.news)
submitted 1 year ago by saint@group.lt to c/saugumas@group.lt
0 comments fedilink
 
 

Interesting study

66
1
DNS Server Vulnerability: Single DNS Packet Can Bring Down The System (gbhackers.com)
submitted 1 year ago by saint@group.lt to c/saugumas@group.lt
0 comments fedilink
67
1
New Wi-Fi Authentication Bypass Flaws Expose Home, Enterprise Networks (www.securityweek.com)
submitted 1 year ago by saint@group.lt to c/saugumas@group.lt
0 comments fedilink
 
 

No action required to be exploited

68
1
Stolen Face ID scans used to break into bank accounts (www.theregister.com)
submitted 1 year ago by saint@group.lt to c/saugumas@group.lt
0 comments fedilink
 
 

Well.. what movie we live in?

69
1
Chinese Hackers Exploited Fortinet zero-day Flaw to hack Dutch defense networks (cybersecuritynews.com)
submitted 2 years ago by saint@group.lt to c/saugumas@group.lt
0 comments fedilink
 
 

70
1
Cloudflare discloses breach related to stolen Okta data | TechTarget (www.techtarget.com)
submitted 2 years ago by saint@group.lt to c/saugumas@group.lt
0 comments fedilink
 
 

Today's Indra's Net - everything is interconnected.

71
1
Tor Code Audit Finds 17 Vulnerabilities (www.securityweek.com)
submitted 2 years ago by saint@group.lt to c/saugumas@group.lt
0 comments fedilink
 
 

:/

72
1
Vastaamo hacker traced via ‘untraceable’ Monero transactions, police says (www.bleepingcomputer.com)
submitted 2 years ago by saint@group.lt to c/saugumas@group.lt
0 comments fedilink
 
 

;-)

73
1
In major gaffe, hacked Microsoft test account was assigned admin privileges — How does a legacy test account grant access to read every Office 365 account? (arstechnica.com)
submitted 2 years ago by saint@group.lt to c/saugumas@group.lt
0 comments fedilink
 
 

cross-posted from: https://lemmy.world/post/11279921

In major gaffe, hacked Microsoft test account was assigned admin privileges — How does a legacy test account grant access to read every Office 365 account?::undefined