Password-stealing “vulnerability” reported in KeePass – bug or feature?
Is it a vulnerability if someone with control over your account can mess with files that your account is allowed to access anyway?
Cryptography
Serious Security: The Samba logon bug caused by outdated crypto
Enjoy our Serious Security deep dive into this real-world example of why cryptographic agility is important!
GoTo admits: Customer cloud backups stolen together with decryption key
We were going to write, “Once more unto the breach, dear friends, once more”… but it seems to go without saying these days.
[CLIP] George Gilder on ‘Emergency Socialism’ and Accommodating Surprise #EpochCinema #EpochTV #TheEpochTimes #MaryPatriotNews [Video]
🔴 PREMIERE at 7:30pm ET on EpochTV: https://ept.ms/Y0102GeorgeGilder🔵 THE FINAL WAR is a documentary that uncovers the Chinese Communist Party’s 100-year plot to defeat America.👉👉 https://ept.ms/3UMSDfC🔵 Sign up for the American Thought Leaders newsletter to stay up-to-date on new episodes, releases, and events 👉 https://ept.ms/ATLnewsletter “There has never been such a completely silly proposal as to go zero CO2 by 2035, or whatever these imbecilic governors are proposing. The mistakes we’re making are so egregious that they could bring down the whole society. They could bring down the power grid, which is what sustains our lives. It’s a real threat.” – George Gilder#GeorgeGilder #InformationTheory #PandemicPolicy- – -Credits:shutterstock Images: https://shutr.bz/2u8Zdp8Music: Audioblocks.com, epidemicsound.comStock Video: Videoblocks.com————————————————-© All Rights Reserved.
Serious Security: Unravelling the LifeLock “hacked passwords” story
Four straight-talking tips to improve your online security, whether you’re a LifeLock customer or not.
S3 Ep117: The crypto crisis that wasn’t (and farewell forever to Win 7) [Audio + Text]
Tell us in the comments… What’s the REAL reason there was no Windows 9? (No theory too far-fetched!)
Keeping the wolves out of wolfSSL
By Max Ammann Trail of Bits is publicly disclosing four vulnerabilities that affect wolfSSL: CVE-2022-38152, CVE-2022-38153, CVE-2022-39173, and CVE-2022-42905. The four issues, which have CVSS scores ranging from medium to critical, can all result in a denial of service (DoS). These vulnerabilities have been discovered automatically using the novel protocol fuzzer tlspuffin. This blog post […]
Popular JWT cloud security library patches “remote” code execution hole
It’s remotely triggerable, but attackers would already have pretty deep network access if they could “prime” your server for compromise.
RSA crypto cracked? Or perhaps not!
Stand down from blue alert, it seems… but why not plan your cryptographic agility anyway?
S3 Ep116: Last straw for LastPass? Is crypto doomed? [Audio + Text]
Lots of big issues this week: breaches, encryption, supply chains and patching problems. Listen now! (Full transcript inside.)