Best Practices for NFT Security
NFTs are not a cheap investment; when you put money into anything, you want to…
The post Best Practices for NFT Security appeared first on Binary Blogger.
IT Security
Cybersecurity Industry News Review: February 7, 2023
By Joe Fay Derivatives traders, trainer trainers, and finger lickers all hit by ransomware. Russian hackers lash out after Ukraine tanks deal announced. Apple patches decade old devices. ION Markets Hit by “Cyber Security Event” Dublin-based data and software firm ION Markets has been hit by a “cyber event” which has had a knock-on effect on financial futures and derivatives markets worldwide. The attack is thought to have been ransomware related. ION Markets said the attack on its ION Cleared Derivatives division was “contained to a specific environment”, all the affected servers are disconnected, and remediation of services is ongoing….
Latest Cyberthreats and Advisories – January 6, 2023
The LockBit ransomware gang apologizes, Google settles privacy lawsuits and cybercriminals impersonate brands and the U.K. government. Here are the latest threats and advisories for the week of January 6, 2023. Threat Advisories and Alerts Cybercriminals Impersonate Brands with Search Ads And Fake Sites The U.S. Federal Bureau of Investigation (FBI) has issued a warning that cybercriminals are directing internet browsers to malicious sites via search ads. How does the scam work? Bad actors build a fake website that impersonates a legitimate brand and then advertises it to appear at the top of search results. Once browsers click the ad,…
The Last Straw For LastPass, Why I Dumped It
Originally posted on SecurityInFive.com – https://securityinfive.com/the-last-straw-for-lastpass-why-i-dumped-it/ I will begin that a password vault for personal…
The post The Last Straw For LastPass, Why I Dumped It appeared first on Binary Bl…
modsecurity rule to filter CVE-2021-44228/LogJam/Log4Shell [update]
As a fast workaround, a friend of mine made a modsecurity rule to filter CVE-2021-44228/LogJam/Log4Shell, which he allowed me to share with you. SecRule \ ARGS|REQUEST_HEADERS|REQUEST_URI|REQUEST_BODY|REQUEST_COOKIES|REQUEST_LINE|QUERY_STRING “jndi:ldap:” \ “phase:1, \ id:751001, \ t:none, \ deny, \ status:403, \ log, \ auditlog, \ msg:’Block: CVE-2021-44228 – deny pattern \”jndi:ldap:\”‘, \ severity:’5’, \ rev:1, \ tag:’no_ar'” New […]
The post modsecurity rule to filter CVE-2021-44228/LogJam/Log4Shell [update] first appeared on Robert Penz Blog.
Jitsi Workaround for CVE-2021-44228/LogJam/Log4Shell
You surely heard of the LogJam / Log4Shell / CVE-2021-44228 – if not, take a look at this blog post. If you’re running Jitsi is most likely vulnerable and as there is no fix currently, you need a workaround which I provide here for you. You need to add -Dlog4j2.formatMsgNoLookups=True at the correct places in […]
The post Jitsi Workaround for CVE-2021-44228/LogJam/Log4Shell first appeared on Robert Penz Blog.
Addressing the Cloud Security Readiness Gap
Cloud security is about much more than security functionality. The top cloud providers all seem to have a capable suite of security features and most surveyed organizations report that they see all the top cloud platforms as generally secure. So, why d…
Howto install Wireguard in an unprivileged container (Proxmox)
Wireguard is the new star on the block concerning VPNs – and yes it has some benefits to the old VPN technologies but I won’t talk about them as there is much information about that on the Internet. This blog post just explains how to set it up in an unprivileged container. In my case […]
The post Howto install Wireguard in an unprivileged container (Proxmox) first appeared on Robert Penz Blog.
Howto install Bitwarden in a LXC container (e.g. Proxmox)
As many of you know me, I’m quite serious about security and therefore a believer in the theory that a service which is not reachable (e.g. from the Internet) cannot be attacked as easily as one that it. Looking at password managers this makes choosing not that easy. Sure there is Keepass and the descendants, […]
The post Howto install Bitwarden in a LXC container (e.g. Proxmox) first appeared on Robert Penz Blog.
Improve Security by Thinking Beyond the Security Realm
It used to be that dairy farmers relied on whatever was growing in the area to feed their cattle. They filled the trough with vegetation grown right on the farm. They probably relied heavily on whatever grasses grew naturally and perhaps added some hig…