"AWS RDS Vulnerability Leads to AWS Internal Service Credentials"
https://blog.lightspin.io/aws-rds-critical-security-vulnerability
RT @jack@twitter.com
the days of usenet, irc, the web...even email (w PGP)...were amazing. centralizing discovery and identity into corporations really damaged the internet.
I realize I'm partially to blame, and regret it.
"CERT-EU Security Guidance 22-002 - Hardening Signal"
https://media.cert.europa.eu/static/WhitePapers/TLP-WHITE-CERT-EU_Security_Guidance-22-002_v1_0.pdf
"Longer term, it’s likely these weaponizations are like spitting into the wind: The downsides of vandalizing open source projects far outweigh any possible benefit, and the blowback will ultimately damage the projects and contributors responsible. By extension, all of open source is harmed."
https://opensource.org/blog/open-source-protestware-harms-open-source
So... "protestware" is now a thing. 🤨
https://krebsonsecurity.com/2022/03/pro-ukraine-protestware-pushes-antiwar-ads-geo-targeted-malware/
"Alert: peacenotwar module sabotages npm developers in the node-ipc package to protest the invasion of Ukraine"
https://snyk.io/blog/peacenotwar-malicious-npm-node-ipc-package-vulnerability/
When we fight for encryption, we fight for human rights. It enables us to stay safe online and communicate freely.
Yet governments keep pushing to undermine it. Here is why encryption matters! ⬇️
https://tutanota.com/crypto-wars/
"Some discouraging anecdotes on how services handle account deletions"
https://www.ctrl.blog/entry/account-deletions-2021.html
wow, this is really sad!
"Microsoft is testing ads in the Windows 11 File Explorer"
Why use such an OS? One that you no longer own or control. There has to be a very strong reason. 🤯
"An unexpected Redis sandbox escape affecting only Debian, Ubuntu, and other derivatives"
https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce
"The perils of the “real” client IP"
https://adam-p.ca/blog/2022/03/x-forwarded-for/
Long but a good read
"Unveiling the Anonymous Author: Stylometry Techniques"
https://serhack.me/articles/unveiling-anonymous-author-stylometry-techniques/
Full-stack developer, advocate of a free, secure and safe Internet. Nature lover and sports enthusiast.
[Header photo by Colin Watts, source Unsplash]