Victor Loux Bookmarks Tag: security

84 bookmarks tagged “security

Home | endoflife.date

endoflife.date/
Check End of Life, Support Schedule, and release timelines for AlmaLinux OS, Alpine Linux, Amazon Linux, Android OS, Angular, Ansible-core, Ansible, antiX Linux, Apache Airflow, Apache Camel, Apache Cassandra, Apache Groovy, Apache HTTP Server, Apache Maven, API Platform, Azure DevOps Server, Azure Kubernetes Service, Elastic Beats, Blender, Bootstrap, CakePHP, CentOS, CFEngine, Citrix Virtual Apps and Desktops, ClamAV, Adobe ColdFusion, Composer, Confluence, Hashicorp Consul, Conta...

A Museum Security Expert on How to Protect Great Art - The Atlantic

theatlantic.com/ideas/archive/2022/10/van-gogh-tomato-soup-national-gallery-london/671764/
A museum-security expert admits that “it’s pretty darn hard to protect a painting from somebody throwing a can of soup at it.”

Wake up and smell the fraud : Planet Money

npr.org/transcripts/1119606931
Sometimes online shopping can feel a little unsavory. There are the listings that make you question if you'll really be getting exactly what's advertised. And there's no worse feeling than paying for something and then not getting it. But when Nina Kollars ordered coffee pods and got WAY more than she asked for, it made her feel just as uneasy. Her quest for answers and what it teaches us about a new generation of online fraud. | Subscribe to Planet Money+ in Apple Podcasts or at plus.npr.org/planetmoney.

Incident Management Guide

incident.io/guide/
The practical guide to incident management, by incident.io.

I figured out how DMARC works, and it almost broke me | Simon Andrews

simonandrews.ca/articles/how-to-set-up-spf-dkim-dmarc
How to use SPF, DKIM, and DMARC to improve your domain's email security and limit spoofing - but written for humans.

Try This One Weird Trick Russian Hackers Hate – Krebs on Security

krebsonsecurity.com/2021/05/try-this-one-weird-trick-russian-hackers-hate/
DarkSide, like a great many other malware strains, has a hard-coded do-not-install list of countries which are the principal members of the Commonwealth of Independent States (CIS) — former Soviet satellites that mostly have favorable relations with the Kremlin. The full exclusion list in DarkSide (published by Cybereason) is below:

They Told Their Therapists Everything. Hackers Leaked It All | WIRED

wired.com/story/vastaamo-psychotherapy-patients-hack-data-breach/
A mental health startup built its business on easy-to-use technology. Patients joined in droves. Then came a catastrophic data breach.

Semgrep

semgrep.dev/
Semgrep is an open-source tool for lightweight static analysis using a familiar syntax

A fresh new avenue for Google to kill your SaaS startup | Gonzalo Sainz-Trápaga | Medium

gomox.medium.com/google-safe-browsing-can-kill-your-startup-7d73c474b98d
Google Safe Browsing is a Google program that can blacklist any website or SaaS application in Google Chrome and other browsers and platforms.

Best practices for managing & storing secrets like API keys and other credentials [2020]

blog.gitguardian.com/secrets-api-management/
It is extremely important to understand that code reviews will not always detect secrets, especially if they are hidden in previous versions of code. The reason code reviews are not adequate protection is because reviewers are only concerned with the difference between current and proposed states of the code, they do not consider the entire history of the project.

Latacora - Stop Using Encrypted Email

latacora.micro.blog/2020/02/19/stop-using-encrypted.html
Email is unsafe and cannot be made safe. The tools we have today to encrypt email are badly flawed. Even if those flaws were fixed, email would remain unsafe. Its problems cannot plausibly be mitigated. Avoid encrypted email. Technologists hate this argument. Few of them specialize in cryptography or privacy, but all of them are interested in it, and many of them tinker with encrypted email tools. Most email encryption on the Internet is performative, done as a status signal or show ...