Informations about SSL certificates and networks security
Auto Added by WPeMatico
Attack matrix for Kubernetes, using the MITRE ATT&CK framework. A good first step towards understand the security of this suddenly popular and very complex container orchestration system. Powered by WPeMatico
Last month, the NSA released Ghidra, a software reverse-engineering tool. Early reactions are uniformly positive. Three news articles. Powered by WPeMatico
This sounds like a good development: …a new $10 million contract the Defense Department’s Defense Advanced Research Projects Agency (DARPA) has launched to design and build a secure voting system that it hopes will be impervious to hacking. The first-of-its-kind system will be designed by an Oregon-based firm called Galois, a longtime government contractor with … Read More “DARPA Is Developing an Open-Source Voting System” »
The EU is offering “bug bounties on Free Software projects that the EU institutions rely on.” Slashdot thread. Powered by WPeMatico
The module “event-stream” was infected with malware by an anonymous someone who became an admin on the project. Cory Doctorow points out that this is a clever new attack vector: Many open source projects attain a level of “maturity” where no one really needs any new features and there aren’t a lot of new bugs … Read More “Distributing Malware By Becoming an Admin on an Open-Source Project” »
You can rent a 400,000-computer Murai botnet and DDoS anyone you like. BoingBoing post. Slashdot thread. Powered by WPeMatico
Whatapp is now offering end-to-end message encryption: Whatsapp will integrate the open-source software Textsecure, created by privacy-focused non-profit Open Whisper Systems, which scrambles messages with a cryptographic key that only the user can access and never leaves his or her device. I don’t know the details, but the article talks about perfect forward secrecy. Moxie … Read More “Whatsapp Is Now End-to-End Encrypted” »