Tag security

Post details

"If your computer has a Thunderbolt port, an attacker who gets brief physical access to it can read and copy all your data, even if your drive is encrypted and your computer is locked or set to sleep." tl;dr: stop using computers. ¯\_(ツ)_/¯ thunderspy.io
Mattias Geniar (@mattiasgeniar)Mon, 11 May 2020 07:17 +0000

Mon, 11 May 2020 10:12 by Jamie Tanna . #security.

Repost

Reposted a post on Twitter

Post details

Ever got a text like this? It doesn't necessarily look dodgy. But if you know what to look for, you'll see it has all the hallmarks of a scam 👀 Let's break it down (thread) 👇
Monzo (@monzo)Thu, 07 May 2020 13:40 +0000

Thu, 07 May 2020 14:47 by Jamie Tanna . #security.

Liked a post on Twitter

Post details

Zoom just did this to an engineer at our company. Not cool. So not cool. Deceptive and shady AF. Count the security dark patterns here...
Post details
wyd @zoom_us
Ashur Cabrera 😷 (@ashur)Thu, 26 Mar 2020 16:32 GMT
Liz Fong-Jones (方禮真) (@lizthegrey)Fri, 17 Apr 2020 22:09 +0000

Fri, 17 Apr 2020 23:26 by Jamie Tanna . #security #zoom.

Bookmark

Bookmarked https://insomniasec.com/blog/auth0-jwt-validation-bypass .

Fri, 17 Apr 2020 00:50 by Jamie Tanna . #security #jwg.

Article

Tomcat May Log Cookies Out-of-the-Box (3 mins read).

Warning you about cookies being logged out-of-the-box, and how to resolve it.

Tue, 07 Apr 2020 21:44 by Jamie Tanna . #blogumentation #security #java #tomcat #spring-boot.

Bookmark

Bookmarked https://www.theregister.co.uk/2020/03/06/virgin_more_leak_details/ .

Sun, 22 Mar 2020 16:04 by Jamie Tanna . #security #privacy.

Liked https://www.camg.me/https-obsolescence/ .

Tue, 10 Mar 2020 18:07 by Jamie Tanna . #security.

Liked https://adactio.com/journal/16503 .

Wed, 04 Mar 2020 17:02 by Jamie Tanna . #security.

Liked https://shkspr.mobi/blog/2020/02/responsible-disclosure-john-lewis/ .

Mon, 10 Feb 2020 20:08 by Jamie Tanna . #security.

Bookmark

Bookmarked https://www.twilio.com/blog/html-attributes-two-factor-authentication-autocomplete .

Tue, 28 Jan 2020 08:29 by Jamie Tanna . #security #usability #web.

Bookmark

Bookmarked https://www.ctrl.blog/entry/systemd-service-hardening.html .

Sat, 18 Jan 2020 16:00 by Jamie Tanna . #security #systemd.

Bookmark

Bookmarked https://arstechnica.com/information-technology/2020/01/patch-windows-10-and-server-now-because-certificate-validation-is-broken/ .

Wed, 15 Jan 2020 08:26 by Jamie Tanna . #security #windows.

Bookmark

Bookmarked https://www.sweharris.org/post/2019-06-09-softtoken/ .

Sat, 04 Jan 2020 02:32 by Jamie Tanna . #security.

Bookmark

Bookmarked https://mjg59.dreamwidth.org/53968.html .

Thu, 02 Jan 2020 07:24 by Jamie Tanna . #security #networking.

Bookmark

Bookmarked https://www.grahamcluley.com/49-of-workers-when-forced-to-update-their-password-reuse-the-same-one-with-just-a-minor-change/ .

Sun, 15 Dec 2019 11:26 by Jamie Tanna . #security.

Bookmark

Bookmarked https://blog.npmjs.org/post/189618601100/binary-planting-with-the-npm-cli .

Fri, 13 Dec 2019 17:43 by Jamie Tanna . #npm #nodejs #javascript #security.

Bookmark

Bookmarked https://shkspr.mobi/blog/2019/12/thames-water-dont-get-password-security/ .

Fri, 06 Dec 2019 08:10 by Jamie Tanna . #security.

Bookmark

Bookmarked https://rushter.com/blog/public-ssh-keys/ .

An interesting look at how using one key for everything (SSH to servers, SSH for git hosting, etc) can be a Bad Thing™

Sun, 01 Dec 2019 01:05 by Jamie Tanna . #ssh #security.

Bookmark

Bookmarked https://medium.com/swlh/hacking-json-web-tokens-jwts-9122efe91e4a .

Mon, 25 Nov 2019 18:25 by Jamie Tanna . #jwt #security.

Bookmark

Bookmarked https://ejj.io/blog/capital-one .

Sun, 24 Nov 2019 23:13 by Jamie Tanna . #security #ssrf.

Bookmark

Bookmarked https://www.websiteplanet.com/blog/report-popular-hosting-hacked/ .

Sun, 24 Nov 2019 22:39 by Jamie Tanna . #security #web-applications #cors #csrf #xss.

Article

Piping Data When Not Running a Command with sudo (1 mins read).

How to (more) safely pipe stdin to an elevated command with sudo tee.

Sun, 24 Nov 2019 20:12 by Jamie Tanna . #blogumentation #command-line #nablopomo #security.

Liked https://www.troyhunt.com/when-bank-communication-is-indistinguishable-from-phishing-attacks/ .

Tue, 19 Nov 2019 11:54 by Jamie Tanna . #security.

Bookmark

Bookmarked https://github.com/goodwithtech/dockle .

Mon, 11 Nov 2019 16:11 by Jamie Tanna . #docker #security #containers.

Bookmark

Bookmarked https://monzo.com/blog/we-built-network-isolation-for-1-500-services/ .

Wed, 06 Nov 2019 20:06 by Jamie Tanna . #microservices #monzo #kubernetes #security #networking.

Bookmark

Bookmarked https://www.theregister.co.uk/2019/10/29/intel_disable_hyper_threading_linux_kernel_maintainer/ .

Fri, 01 Nov 2019 11:50 by Jamie Tanna . #intel #security #linux.

Bookmark

Bookmarked https://www.theguardian.com/commentisfree/2019/oct/15/encryption-lose-privacy-us-uk-australia-facebook .

Thu, 17 Oct 2019 10:21 by Jamie Tanna . #encryption #privacy #security.

Bookmark

Bookmarked https://www.engineerbetter.com/blog/yubikey-ssh/ .

Wed, 16 Oct 2019 13:05 by Jamie Tanna . #ssh #yubikey #security.

Bookmark

Bookmarked https://sneak.berlin/20191011/stupid-unix-tricks/ .

Wed, 16 Oct 2019 13:04 by Jamie Tanna . #command-line #shell #linux #unix #openssh #docker #security.

Article

DevOpsDays London 2019 (63 mins read).

A writeup of the DevOpsDays London conference, and the talks and Open Spaces I attended.

Sat, 12 Oct 2019 12:56 by Jamie Tanna . #devopsdays #devops #cloud #events #monolith #microservices #testing #security #git #sre #on-call #legacy-code #agile #ethics #aws #empathy.

Bookmark

Bookmarked https://monzo.com/blog/2019/10/11/how-our-security-team-handle-secrets/ .

This is a really interesting post to hear how some other folks in a similar environment to us manage their secrets.

It's always cool to see how other folks are doing similar things, anyway, and as usual, Monzo have a great blog post.

Fri, 11 Oct 2019 19:25 by Jamie Tanna . #monzo #secret-management #security.

Bookmark

Bookmarked https://zwischenzugs.com/2019/09/22/software-security-field-guide-for-the-bewildered/ .

Sun, 22 Sep 2019 14:54 by Jamie Tanna . #security.

Bookmark

Bookmarked https://latacora.micro.blog/2019/07/16/the-pgp-problem.html .

This is a really interesting article about the flaws in PGP - I don't have enough security backing and understanding to argue it, but it sounds legitimate. It's a surprise this isn't being talked about more if it is as bad as it is

Thu, 18 Jul 2019 11:50 by Jamie Tanna . #security #pgp.

Bookmark

Bookmarked https://github.com/thoughtbot/guides/blob/master/security/application.md .

I found this when listening to episode 194 of the Bike Shed podcast: My PGP Shame. I'd only added this episode to my playlist as it was an interesting title, but listening to it, it was even better than I thought.

There was some great stuff in there about Thoughtbot's application security guide, linked, which is a definite must-read.

My favourite quote of the episode, though, is the following exchange:

I've got to be honest, how does anything work at all? Oh computers don't work

Mon, 27 May 2019 22:58 by Jamie Tanna . #security #podcasts.

Article

Cyber Nottingham May (5 mins read).

A writeup of the Cyber Nottingham meetup in May.

Sun, 19 May 2019 16:35 by Jamie Tanna . #events #cyber-nottingham #security.

Bookmark

Bookmarked https://gist.github.com/lizthegrey/9c21673f33186a9cc775464afbdce820 .

This is a great writeup about how to harden your SSH setup using 2-factor authentication. Would really recommend it!

Thu, 16 May 2019 21:09 by Jamie Tanna . #security #ssh.

You're currently viewing page 5 of 5, of 236 posts.

Go to the previous page