Collaborate Disseminate
The origin of this whole mess is the news article Beware of Lazarus LinkedIn Recruiting Scam Targeting Org’s To Deliver Malware.
Someone may have breached my system – as in had access to my personal Linux machine for multiple days.
The att… Continue reading How can I ensure that my Git projects have not been tampered with?
Vulnerabilities in Git’s credential retrieval protocol could have allowed attackers to compromise user credentials.
The post Git Vulnerabilities Led to Credentials Exposure appeared first on SecurityWeek.
Continue reading Git Vulnerabilities Led to Credentials Exposure
Microsoft’s monthly patches cover Hyper-V NT Kernel Integration VSPs, Git in Visual Studio, and more. Continue reading Patch Tuesday: January 2025 Security Update Patches Exploited Elevation of Privilege Attacks
I have a vague feeling that there is a wide spread security problem which goes unnoticed. I’m trying to find out how to check the level of relevance and awareness out there or how to maybe raise it.
Situation:
When using GitLab CI with the… Continue reading Does it matter (and go widely unnoticed) that GitLab CI+docker-executor produces world-writable files, or do "we" need to raise awareness for that?
Etckeeper is great, but it’s not clear from the docs, how to check out a commit or a branch directly in /etc in a secure way. The issue is when you do a check out, git doesn’t care about metadata and permissions, and you have to restore th… Continue reading etckeeper: check out in a safe way?
The essential database course bundle for professionals looking to advance their skills has over 22 hours of instruction and is on sale for just $24.99. Continue reading Excel in Your Job with Database Expertise
While version control used to be reserved for big corporate projects, it is very mainstream these days. You can attribute much of that to Git, the software that has nearly …read more Continue reading Get Thee to Git
I’m trying to meet a requirement where devs can log in to a server, launch, and test code without having the ability to pull (or access any ssh keys)code from the repository.
I don’t want to grant them access to push or pull from Git.
Curr… Continue reading How can I keep git ssh keys from developers in server
Is there any tools to scan and/or sanitize .stl files?
I maintain a security-critical GitHub repo. A contributor recently created a PR that includes changes to .md, .scad, and .stl files.
The changes to the markdown and OpenSCAD files can … Continue reading How to scan and sanitize STL files?
I’ve recently downloaded and installed Git Bash for Windows https://git-scm.com/downloads, my primary goal is to use it for pushing code to GitHub. I already connect Gitbash with Github in browser login, and it worked pretty fine to push a… Continue reading Safely use Git Bash on Windows [closed]