Microsoft gets itself into a pickle with a privacy-popping new feature on its CoPilot+ PCs, the FTC warns of impersonated companies, and is your company hiring North Korean IT workers?
Join us as we chat with special guest author @geoffwhite247 in this latest episode of the "Smashing Security" podcast.
Secondo l'associazione italiana internet provider (@iip) sicurezza nazionale è a rischio spostando l’intelligenza delle reti italiane nei cloud pubblici di aziende non europee
The lock's maker Chirp Systems remains unresponsive, even though it was first notified about the critical weakness in March 2021. Meanwhile, Chirp's parent company, RealPage, Inc., is being sued by multiple U.S. states for allegedly colluding with landlords to illegally raise rents.
P.S. never give cybersecurity spooks clicks even after they go "freelance" or whatever
I see talks and workshops in radioclubs and conferences bridging these two fields, so I am trying to gather some ideas and toughts on to support these cooperations between these two communities.
If you're interested in following along in what is happening in the /c/cybersecurity community on infosec.pub (#Lemmy) than you can follow @cybersecurity!
I've been getting a bit lost on my career building. I knew what kind of job I want to do, but I don't know what practice and other preparations to prioritize. And I have to network with people too.
I just have no clear direction right now as I still mind-wander about the many software, protocols, or security practices I should study. But I've also been thinking about skills that involve the social aspects of security. Hmm..
I'm trying to get my head round HTTP Signatures as they're used extensively in the Fediverse. Conceptually, they're relatively straightforward. You send me a normal HTTP request. For example, you want to POST something to https://example.com/data You send me these headers: POST /data Host: example.com Date: Sa…
The Fediverse and @GossiTheDog has just helped me do my job better. Outsourced supplier has just asked me to install #ConnectWise. If it were not for the recent posts by #CyberSecurity people on here; I wouldn't be aware of the recent issues so wouldn't be checking with the supplier that their ConnectWise setup is up to date!
I've been thinking about getting a hardware security key and have heard of yubikey before; but I want to see what my options are and if they are worth it in your opinion.
My current setup is a local KeePassXC database (that I sync between my PC and phone and also acts as TOTP authenticator app), I know that KeePass supports hardware keys for unlocking the database.
I am personally still of the belief that passwords are the safest when done right; but 2FA/MFA can greatly increase security on top of that (again, if done right).
The key work work together with already existing passwords, not replace them.
As I use linux as my primary OS I do expect it to support it and anything that doesn't I will have to pass on.
PS: what are the things I need to know about these hardware keys that's not being talked about too much, I am very much delving into new territory and want to make sure I'm properly educated before I delve in.