"6 Beginner Privacy Tips for Lockdown"
725 malicious Ruby libraries in the RubyGems repository were found:
– The malware tries to replace cryptocurrency addresses in the local clipboard.
– These libraries were already removed; however, "thousands of users" downloaded them.
– Full list: https://blog.reversinglabs.com/hubfs/Blog/ruby_malicious_gems.txt
"Terminal Escape Injection"
To server admins:
One upcoming but already widespread format is the security.txt file at https://your-server/.well-known/security.txt.
Nice post with some tips on how to run a bug bounty program
"Securing your home network in preparation for Working From Home"
"How we abused Slack's TURN servers to gain access to internal services"
Safari allowed unauthorized
websites to access your camera on iOS and macOS
"How to SSH Properly"
Build secrets in Docker Compose, the secure way https://pythonspeed.com/articles/build-secrets-docker-compose/
"CVE-2020-8816 – Pi-hole Remote Code Execution"
"While connections made after connecting to a VPN on your iOS device are not affected by this bug, all previously established connections will remain outside the VPN's secure tunnel..."