Finally getting a chance to read this.
It has it all:
- Supply Chain Hacks
- Hardware Backdoors
- Nation-State Intelligence Ops
Finally getting a chance to read this.
It has it all:
- Supply Chain Hacks
- Hardware Backdoors
- Nation-State Intelligence Ops
Doomsday is when AES is broken.
Still using RSA for OpenSSH authentication?
You should read: https://latacora.singles/2018/08/03/the-default-openssh.html
tl;dr: OpenSSH uses by default the md5 hash of your password to encrypt the id_rsa private key.
Good news, you can fix it by running this command (with -o it uses the improved key-format):
ssh-keygen -o -p -f ~/.ssh/id_rsa
Or even better, generate a new ed25519 key (they use the improved key-format by default):
ssh-keygen -t ed25519
Thanks @amenthes for pointing me to the article!
Hackers steal $13.5 million from Indian bank in global attack https://www.tripwire.com/state-of-security/security-data-protection/hackers-indian-bank-attack/#new_tab #infosec
I just discovered a GitHub awesome list for bug bounties. This is exactly the kind of resource I needed. I'm going to make my way though everything in this list Γ°ΕΈβΒ
https://github.com/djadmin/awesome-bug-bounty/blob/master/README.md
Using advanced entropy analysis, university researchers developed a #nextcloud app which enables users to undo the damage of #ransomware attacks. #infosec
https://nextcloud.com/blog/fighting-ransomware-with-guided-undo-nextcloud-in-research-protecting-users/
tiflolinux.org - GNU Social is a social network, courtesy of tiflolinux.org. It runs on GNU social, version 2.0.1-beta0, available under the GNU Affero General Public License.
All tiflolinux.org - GNU Social content and data are available under the Creative Commons Attribution 3.0 license.