Collaborate Disseminate
Over the weekend, Liz Fong-Jones, a Developer Advocate at honeycomb.io posted her experience with the security hardening of honeycomb.io’s infrastructure. In her post, on GitHub, Liz explains how SSH keys, which provide authentication between hos… Continue reading Liz Fong-Jones on how to secure SSH with Two Factor Authentication (2FA)
On Saturday, Microsoft confirmed to TechCrunch that their email services were hacked from January 1, 2019, till March 28, 2019. Microsoft told TechCrunch, “Certain ‘limited’ number of people who use web email services managed by Micro… Continue reading Microsoft reveals certain Outlook.com user accounts were hacked for months
Yesterday, FireEye said that they have uncovered the hacking group behind the Triton malware which was recently used to impact an unnamed “critical infrastructure” facility. This malware is designed to penetrate into the target’s netw… Continue reading FireEye reports infrastructure-crippling Triton malware linked to Russian government tech institute
The Federal Trade Commission announced yesterday that they have issued orders to seven U.S. Internet broadband providers to analyze how these broadband companies carry out the data collection and distribution process. Seven broadband companies includin… Continue reading The FTC issues orders to 7 broadband companies to analyze ISP privacy practices given they are also ad-support content platforms
Motherboard, today, reported of a backdoor malware attack on ASUS’ servers, which took place last year between June and November 2018. The attack was discovered by Kaspersky Lab in January 2019 and was named ‘ShadowHammer’ thereafter…. Continue reading ASUS servers hijacked; pushed backdoor malware via software updates potentially affecting over a million users
One of the largest producers of aluminum in the world, Norsk Hydro, was hit by a cyber attack in the company’s IT system on Monday evening affecting major parts of its smelting operations. The attack which escalated overnight and which is still o… Continue reading Hydro cyber attack shuts down several metal extrusion plants
Two fatal air crashes in Boeing’s 737 MAX 8 model in less than six months have aroused a lot of questions on the U.S. Federal Aviation Administration’s (FAA) safety analysis procedure. Per CNBC, the State’s Department of Transportatio… Continue reading Two ‘Boeing 737 MAX’ air crashes within six months – the authority(FAA) or software(MCAS) at fault?
A security researcher Bob Diachenko shared his discovery of an unprotected 150GB-sized MongoDB instance. He said that there were a huge number of emails that were publicly accessible for anyone with an internet connection. “Some of the data was m… Continue reading A security researcher reveals his discovery on 800+ Million leaked Emails available online
On Wednesday, March 6, the OpenSSL team revealed a low severity vulnerability in the ChaCha20-Poly1305, an AEAD cipher that incorrectly allows a nonce to be set of up to 16 bytes. OpenSSL team states that ChaCha20-Poly1305 requires a unique nonce input… Continue reading ChaCha20-Poly1305 vulnerability issue affects OpenSSL 1.1.1 and 1.1.0
The National Security Agency released the Ghidra toolkit, today at the RSA security conference in San Francisco. Ghidra is a free, software reverse engineering (SRE) framework developed by NSA’s Research Directorate for NSA’s cybersecurity … Continue reading NSA releases Ghidra, a free software reverse engineering (SRE) framework, at the RSA security conference