Gonçalo Valério @dethos@s.ovalerio.net
- Github
- https://github.com/dethos
- Website
- https://ovalerio.net
Admin
Full-stack developer, advocate of a free, secure and safe Internet. Nature lover and sports enthusiast.
[Header photo by Colin Watts, source Unsplash]
Joined Apr 2017
"Let's talk about supply chain attacks and backdoored dependencies"
https://kerkour.com/supply-chain-attacks-and-backdoored-dependencies
"I'm a security engineer and I still almost got scammed"
"De-AMP: Cutting Out Google and Enhancing Privacy"
https://brave.com/privacy-updates/18-de-amp/
Firefox should do the same
"UK Government Officials Infected with Pegasus"
https://citizenlab.ca/2022/04/uk-government-officials-targeted-pegasus/
"Extensive Mercenary Spyware Operation against Catalans Using Pegasus and Candiru"
Gonçalo Valério
boosted
On @LastWeekTonight, host @iamjohnoliver dug into the problems with data brokers, with a detailed explainer about how they work, how they collect and sell personal information, and how easy it was for him to potentially target and track politicians. https://www.youtube.com/watch?v=wqn3gR1WTcA
"Git security vulnerability announced"
https://github.blog/2022-04-12-git-security-vulnerability-announced/
"CVE-2022-25165:
Privilege Escalation to SYSTEM in AWS VPN Client"
https://rhinosecuritylabs.com/aws/cve-2022-25165-aws-vpn-client/
"AWS RDS Vulnerability Leads to AWS Internal Service Credentials"
https://blog.lightspin.io/aws-rds-critical-security-vulnerability
Gonçalo Valério
boosted
Did you know? 💡 LibreOffice has an alternative user interface, called the NotebookBar! Try it out – go to View > User Interface in the menu, and then choose Tabbed ✅ (And if you want to switch back, click the menu icon in the top-right of the NotebookBar.)
Gonçalo Valério
boosted
RT @jack@twitter.com
the days of usenet, irc, the web...even email (w PGP)...were amazing. centralizing discovery and identity into corporations really damaged the internet.
I realize I'm partially to blame, and regret it.
"CERT-EU Security Guidance 22-002 - Hardening Signal"
https://media.cert.europa.eu/static/WhitePapers/TLP-WHITE-CERT-EU_Security_Guidance-22-002_v1_0.pdf
"Longer term, it’s likely these weaponizations are like spitting into the wind: The downsides of vandalizing open source projects far outweigh any possible benefit, and the blowback will ultimately damage the projects and contributors responsible. By extension, all of open source is harmed."
https://opensource.org/blog/open-source-protestware-harms-open-source
"Alert: peacenotwar module sabotages npm developers in the node-ipc package to protest the invasion of Ukraine"
https://snyk.io/blog/peacenotwar-malicious-npm-node-ipc-package-vulnerability/
- Github
- https://github.com/dethos
- Website
- https://ovalerio.net
Admin
Full-stack developer, advocate of a free, secure and safe Internet. Nature lover and sports enthusiast.
[Header photo by Colin Watts, source Unsplash]
Joined Apr 2017
