home.social

#securiy — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #securiy, aggregated by home.social.

  1. Spent yesterday at #UofM to discuss Next Gen Workforce in Cyber Security with a focus on healthcare. Got to see a ton of interesting work that is going on at the college and meet a bunch of cool people.

    Got to speak about #memsec and @biohacking_village.

    #CyberSec #securiy #nextgen #healthCare

  2. Spent yesterday at #UofM to discuss Next Gen Workforce in Cyber Security with a focus on healthcare. Got to see a ton of interesting work that is going on at the college and meet a bunch of cool people.

    Got to speak about #memsec and @biohacking_village.

    #CyberSec #securiy #nextgen #healthCare

  3. Spent yesterday at #UofM to discuss Next Gen Workforce in Cyber Security with a focus on healthcare. Got to see a ton of interesting work that is going on at the college and meet a bunch of cool people.

    Got to speak about #memsec and @biohacking_village.

    #CyberSec #securiy #nextgen #healthCare

  4. Spent yesterday at #UofM to discuss Next Gen Workforce in Cyber Security with a focus on healthcare. Got to see a ton of interesting work that is going on at the college and meet a bunch of cool people.

    Got to speak about #memsec and @biohacking_village.

    #CyberSec #securiy #nextgen #healthCare

  5. Spent yesterday at to discuss Next Gen Workforce in Cyber Security with a focus on healthcare. Got to see a ton of interesting work that is going on at the college and meet a bunch of cool people.

    Got to speak about and @biohacking_village.

  6. Strange question and I “think” the answer is NO, but I’m looking for #fediverse wisdom. Is there a way to generate a valid #SSL certificate (not self signed, and no private CA) for a device running on the .local domain. It would need to recognised by any browser trying to connect to it without having to “accept the risk”. It’s also probably not a job for let’s encrypt because it would be great if this worked out of the box with zero config by a user after setting up. #linux #opensource #securiy

  7. Strange question and I “think” the answer is NO, but I’m looking for #fediverse wisdom. Is there a way to generate a valid #SSL certificate (not self signed, and no private CA) for a device running on the .local domain. It would need to recognised by any browser trying to connect to it without having to “accept the risk”. It’s also probably not a job for let’s encrypt because it would be great if this worked out of the box with zero config by a user after setting up. #linux #opensource #securiy

  8. Strange question and I “think” the answer is NO, but I’m looking for #fediverse wisdom. Is there a way to generate a valid #SSL certificate (not self signed, and no private CA) for a device running on the .local domain. It would need to recognised by any browser trying to connect to it without having to “accept the risk”. It’s also probably not a job for let’s encrypt because it would be great if this worked out of the box with zero config by a user after setting up. #linux #opensource #securiy

  9. Strange question and I “think” the answer is NO, but I’m looking for #fediverse wisdom. Is there a way to generate a valid #SSL certificate (not self signed, and no private CA) for a device running on the .local domain. It would need to recognised by any browser trying to connect to it without having to “accept the risk”. It’s also probably not a job for let’s encrypt because it would be great if this worked out of the box with zero config by a user after setting up. #linux #opensource #securiy

  10. Strange question and I “think” the answer is NO, but I’m looking for #fediverse wisdom. Is there a way to generate a valid #SSL certificate (not self signed, and no private CA) for a device running on the .local domain. It would need to recognised by any browser trying to connect to it without having to “accept the risk”. It’s also probably not a job for let’s encrypt because it would be great if this worked out of the box with zero config by a user after setting up. #linux #opensource #securiy

  11. Maybe i need to post this agaian that everyone does understand me

    I AM NOT AGAINST "SIGNAL" MESSENGER

    I am just calling their demand of an phone number for registration to be the antithesis of an anonyous secure messenger

    In the second when Signal allows anonymous registrations without a phone nuber, im right to join there

    #SignalMessenger #Securiy #Anonymousity #BoostsWelcome

  12. Maybe i need to post this agaian that everyone does understand me

    I AM NOT AGAINST "SIGNAL" MESSENGER

    I am just calling their demand of an phone number for registration to be the antithesis of an anonyous secure messenger

    In the second when Signal allows anonymous registrations without a phone nuber, im right to join there

    #SignalMessenger #Securiy #Anonymousity #BoostsWelcome

  13. Maybe i need to post this agaian that everyone does understand me

    I AM NOT AGAINST "SIGNAL" MESSENGER

    I am just calling their demand of an phone number for registration to be the antithesis of an anonyous secure messenger

    In the second when Signal allows anonymous registrations without a phone nuber, im right to join there

    #SignalMessenger #Securiy #Anonymousity #BoostsWelcome

  14. Maybe i need to post this agaian that everyone does understand me

    I AM NOT AGAINST "SIGNAL" MESSENGER

    I am just calling their demand of an phone number for registration to be the antithesis of an anonyous secure messenger

    In the second when Signal allows anonymous registrations without a phone nuber, im right to join there

    #SignalMessenger #Securiy #Anonymousity #BoostsWelcome

  15. Maybe i need to post this agaian that everyone does understand me

    I AM NOT AGAINST "SIGNAL" MESSENGER

    I am just calling their demand of an phone number for registration to be the antithesis of an anonyous secure messenger

    In the second when Signal allows anonymous registrations without a phone nuber, im right to join there

    #SignalMessenger #Securiy #Anonymousity #BoostsWelcome

  16. Another day, another attack to software dependencies:

    arstechnica.com/security/2024/

    This is different from the xz story, but the core idea is the same: take ownership of a popular project, and sneakily replace it with malicious code.

    #securiy #supplychain #polyfill

  17. Another day, another attack to software dependencies:

    arstechnica.com/security/2024/

    This is different from the xz story, but the core idea is the same: take ownership of a popular project, and sneakily replace it with malicious code.

  18. Another day, another attack to software dependencies:

    arstechnica.com/security/2024/

    This is different from the xz story, but the core idea is the same: take ownership of a popular project, and sneakily replace it with malicious code.

    #securiy #supplychain #polyfill

  19. Derzeit ist wieder ein #USB Wurm im Umlauf diesmal mit dem Namen #LitterDrifter. Ich finde es spannend das dies immer noch ein Ausbreitungsvector ist und Sinn macht der eigentlich nur noch für #OT Systeme wie Kraftwerke da diese hoffentlich meist gut von anderen Netzen getrennt sind. Vielleicht unterschätze ich aber auch die Nutzung von USB im privaten Bereich 🤷 - via Bruce Schneier - schneier.com/blog/archives/202 #securiy #trojaner #malware

  20. Derzeit ist wieder ein #USB Wurm im Umlauf diesmal mit dem Namen #LitterDrifter. Ich finde es spannend das dies immer noch ein Ausbreitungsvector ist und Sinn macht der eigentlich nur noch für #OT Systeme wie Kraftwerke da diese hoffentlich meist gut von anderen Netzen getrennt sind. Vielleicht unterschätze ich aber auch die Nutzung von USB im privaten Bereich 🤷 - via Bruce Schneier - schneier.com/blog/archives/202 #securiy #trojaner #malware

  21. Derzeit ist wieder ein #USB Wurm im Umlauf diesmal mit dem Namen #LitterDrifter. Ich finde es spannend das dies immer noch ein Ausbreitungsvector ist und Sinn macht der eigentlich nur noch für #OT Systeme wie Kraftwerke da diese hoffentlich meist gut von anderen Netzen getrennt sind. Vielleicht unterschätze ich aber auch die Nutzung von USB im privaten Bereich 🤷 - via Bruce Schneier - schneier.com/blog/archives/202 #securiy #trojaner #malware

  22. ‘Scam-in-a-box’: #MyGov suspends thousands of accounts linked to dark web fraud kits | Australia news | The Guardian

    theguardian.com/australia-news

    > Exclusive: #Scams utilise phishing attacks on #Centrelink, #ATO and #Medicare accounts using obtained login details

    #securiy #Australia #cyber

  23. ‘Scam-in-a-box’: #MyGov suspends thousands of accounts linked to dark web fraud kits | Australia news | The Guardian

    theguardian.com/australia-news

    > Exclusive: #Scams utilise phishing attacks on #Centrelink, #ATO and #Medicare accounts using obtained login details

    #securiy #Australia #cyber

  24. ‘Scam-in-a-box’: #MyGov suspends thousands of accounts linked to dark web fraud kits | Australia news | The Guardian

    theguardian.com/australia-news

    > Exclusive: #Scams utilise phishing attacks on #Centrelink, #ATO and #Medicare accounts using obtained login details

    #securiy #Australia #cyber

  25. ‘Scam-in-a-box’: #MyGov suspends thousands of accounts linked to dark web fraud kits | Australia news | The Guardian

    theguardian.com/australia-news

    > Exclusive: #Scams utilise phishing attacks on #Centrelink, #ATO and #Medicare accounts using obtained login details

    #securiy #Australia #cyber

  26. ‘Scam-in-a-box’: #MyGov suspends thousands of accounts linked to dark web fraud kits | Australia news | The Guardian

    theguardian.com/australia-news

    > Exclusive: #Scams utilise phishing attacks on #Centrelink, #ATO and #Medicare accounts using obtained login details

    #securiy #Australia #cyber

  27. So I’m replacing my Nest Secure with Abode iota. This is how sensitive the motion detection is. This is video recorded from a false alarm triggered by motion.

    I’m going to miss my Nest Secure :(

    #abode #securiy #nest

  28. So I’m replacing my Nest Secure with Abode iota. This is how sensitive the motion detection is. This is video recorded from a false alarm triggered by motion.

    I’m going to miss my Nest Secure :(

    #abode #securiy #nest

  29. So I’m replacing my Nest Secure with Abode iota. This is how sensitive the motion detection is. This is video recorded from a false alarm triggered by motion.

    I’m going to miss my Nest Secure :(

    #abode #securiy #nest

  30. So I’m replacing my Nest Secure with Abode iota. This is how sensitive the motion detection is. This is video recorded from a false alarm triggered by motion.

    I’m going to miss my Nest Secure :(

    #abode #securiy #nest

  31. "“At a high level, if nobody can point to a real-world example of it actually happening in public spaces, then it’s not something that is worth stressing about for the general public,” "

    Those scary warnings of juice jacking in airports and hotels? They’re mostly nonsense arstechnica.com/information-te
    >Juice jacking attacks on mobile phones are nonexistent. So why are we so afraid?

    #securiy #tech #cyber

  32. "“At a high level, if nobody can point to a real-world example of it actually happening in public spaces, then it’s not something that is worth stressing about for the general public,” "

    Those scary warnings of juice jacking in airports and hotels? They’re mostly nonsense arstechnica.com/information-te
    >Juice jacking attacks on mobile phones are nonexistent. So why are we so afraid?

    #securiy #tech #cyber

  33. "“At a high level, if nobody can point to a real-world example of it actually happening in public spaces, then it’s not something that is worth stressing about for the general public,” "

    Those scary warnings of juice jacking in airports and hotels? They’re mostly nonsense arstechnica.com/information-te
    >Juice jacking attacks on mobile phones are nonexistent. So why are we so afraid?

    #securiy #tech #cyber

  34. "“At a high level, if nobody can point to a real-world example of it actually happening in public spaces, then it’s not something that is worth stressing about for the general public,” "

    Those scary warnings of juice jacking in airports and hotels? They’re mostly nonsense arstechnica.com/information-te
    >Juice jacking attacks on mobile phones are nonexistent. So why are we so afraid?

    #securiy #tech #cyber

  35. "“At a high level, if nobody can point to a real-world example of it actually happening in public spaces, then it’s not something that is worth stressing about for the general public,” "

    Those scary warnings of juice jacking in airports and hotels? They’re mostly nonsense arstechnica.com/information-te
    >Juice jacking attacks on mobile phones are nonexistent. So why are we so afraid?

    #securiy #tech #cyber

  36. @heisec wie wäre es mit einer Einordnung? Oder auch mit der Erwähnung, das bereits endsprechende Tools seit langer Zeit aus dem opensource Bereich gibt?

    Stimmt, das klickt ja nicht... und jemanden fragen der sich damit auskennt, zum Beispiel aus dem QS-bereich ist wahrscheinlich auch zu viel.

    #securiy #TLS #Verschlüsselung #Test

  37. @heisec wie wäre es mit einer Einordnung? Oder auch mit der Erwähnung, das bereits endsprechende Tools seit langer Zeit aus dem opensource Bereich gibt?

    Stimmt, das klickt ja nicht... und jemanden fragen der sich damit auskennt, zum Beispiel aus dem QS-bereich ist wahrscheinlich auch zu viel.

    #securiy #TLS #Verschlüsselung #Test

  38. @heisec wie wäre es mit einer Einordnung? Oder auch mit der Erwähnung, das bereits endsprechende Tools seit langer Zeit aus dem opensource Bereich gibt?

    Stimmt, das klickt ja nicht... und jemanden fragen der sich damit auskennt, zum Beispiel aus dem QS-bereich ist wahrscheinlich auch zu viel.

    #securiy #TLS #Verschlüsselung #Test

  39. @heisec wie wäre es mit einer Einordnung? Oder auch mit der Erwähnung, das bereits endsprechende Tools seit langer Zeit aus dem opensource Bereich gibt?

    Stimmt, das klickt ja nicht... und jemanden fragen der sich damit auskennt, zum Beispiel aus dem QS-bereich ist wahrscheinlich auch zu viel.

    #securiy #TLS #Verschlüsselung #Test

  40. @heisec wie wäre es mit einer Einordnung? Oder auch mit der Erwähnung, das bereits endsprechende Tools seit langer Zeit aus dem opensource Bereich gibt?

    Stimmt, das klickt ja nicht... und jemanden fragen der sich damit auskennt, zum Beispiel aus dem QS-bereich ist wahrscheinlich auch zu viel.

    #securiy #TLS #Verschlüsselung #Test

  41. Morning on the first day of #DevOpsTalks #Sydney, and it's clear it should be renamed #DevSecOps talks :)

    The main focus of everyone seems to be on #securiy, which is a good surprise and a relief. Getting more people interested and pushing good security practices in #development is bound to make everyone's life easier.

  42. Morning on the first day of #DevOpsTalks #Sydney, and it's clear it should be renamed #DevSecOps talks :)

    The main focus of everyone seems to be on #securiy, which is a good surprise and a relief. Getting more people interested and pushing good security practices in #development is bound to make everyone's life easier.

  43. Morning on the first day of #DevOpsTalks #Sydney, and it's clear it should be renamed #DevSecOps talks :)

    The main focus of everyone seems to be on #securiy, which is a good surprise and a relief. Getting more people interested and pushing good security practices in #development is bound to make everyone's life easier.

  44. Morning on the first day of #DevOpsTalks #Sydney, and it's clear it should be renamed #DevSecOps talks :)

    The main focus of everyone seems to be on #securiy, which is a good surprise and a relief. Getting more people interested and pushing good security practices in #development is bound to make everyone's life easier.