Schneier on Security

JANUARY 23, 2019

For the client the time to delivery is significantly shorter than waiting for a letter or parcel shipped by traditional means - he has the product in his hands in a matter of hours instead of days.

Cryptocurrency 209

Cryptocurrency Marketing Surveillance Risk 209

Pen Test Partners

JANUARY 8, 2024

Loose lips sink ships, loose tweets sink fleets. Loose lips [might] sink ships ” was a phrase used in UK propaganda posters in WWII. The idea was to reduce the risk of valuable information such as troop movements, ship routes, or other plans falling into the wrong hands. There are positives and negatives of course.

Computers and Electronics 112

Computers and Electronics Risk Technology Manufacturing 112

Security Boulevard

JUNE 21, 2021

For many applications, 56-bits is the maximum, as they use the remaining 8-bits for tags. It took 20 years, from the initial release of MIPS R4000 in 1990 to Intel's average desktop processor shipped in 2010 for mainstream apps needing larger addresses. Databases used Intel's address extensions, almost nobody else did.

Mobile 68

Mobile Technology Marketing 68

Troy Hunt

MAY 1, 2018

But as of Edge 17 which just shipped with the April Windows 10 update , that's all changed : Naturally I wanted to see this in action so I created a little test page and gave Edge a go before updating my machine.

Government 123

Government 123

Malwarebytes

FEBRUARY 8, 2022

As such, macros are part of the active content options that Microsoft shipped as automation capabilities that enable users to run tasks in the background. In Windows, when files are downloaded from an untrusted location, like the Internet, they are tagged with a hidden NTFS Alternate Data Stream (ADS) named Zone.Identifier.

Internet 73

Internet Internet Malware Software 73

Errata Security

JUNE 21, 2021

For many applications, 56-bits is the maximum, as they use the remaining 8-bits for tags. It took 20 years, from the initial release of MIPS R4000 in 1990 to Intel's average desktop processor shipped in 2010 for mainstream apps needing larger addresses. Databases used Intel's address extensions, almost nobody else did.

Mobile 48

Mobile Technology Marketing 48

Security Boulevard

NOVEMBER 21, 2022

Navigates the HTML DOM to locate the shipping and item related information about the order. Exfiltrates the information using the pixtar() function which creates an image tag and sets the source to the exfiltration URL: artmodecssdev[.]art/secure/av/secure.php. Once both the above conditions are satisfied, the skimmer is activated.

Scams 52

Scams Banking Software 52

SiteLock

AUGUST 27, 2021

One of the most exciting things Jamie learned about Gutenberg is the use of / shorthand to autofill tags. Gutenberg will be shipping with WordPress v5.0 Zac Gordon – Setup & Introduction to Gutenberg: Tooling And Terminology. Josh Pollock – Building Custom Gutenberg Blocks: From Static to Dynamic.

Malware 98

Malware Education Security Awareness Engineering 98

Kali Linux

FEBRUARY 27, 2024

While here, the sponsor only provides the bandwidth, and it’s the FCIX Micro Mirror team that does everything else: buy the hardware, ship it to the data-center, and then manage it remotely via their public Ansible playbook. Your browser does not support the video tag. We have updated our documentation to reflect these changes.

Software 145

Software Firmware VPN Internet 145

SiteLock

AUGUST 27, 2021

Think of the Titanic, you want the most effective bulkheads possible to keep your ship afloat. Message @SiteLock and use the #AskSecPro tag! These barriers serve to limit the damage, much like the watertight bulkheads of a naval vessel that help limit flooding between compartments. Proper Permissions on Config File.

Backups 52

Backups Passwords Malware Risk 52

Security Boulevard

OCTOBER 31, 2022

Browsers are shipped with a built-in list of trusted roots, called a trust store. Why the “Not Secure” Tag in Chrome 68 Makes Sense. All other certificates within the path are referred to as intermediate CA certificates. Note that every certificate in the chain except for the last one is a CA certificate. . This post has been updated.

Encryption 52

Encryption Authentication Internet Internet 52

Kali Linux

MAY 29, 2023

Your browser does not support the video tag. Unfortunately the upstream project does not support newer versions of bluez that Kali has, so until that is fixed, we do not want to ship an image that does not work properly. Our primary focus is on enhancing the tools listed in the top 100 on the kali.org/tools page.

Firmware 52

Firmware Phishing Architecture Authentication 52

Troy Hunt

AUGUST 5, 2021

I ended up buying the MK3S+ and a few different spools of filament, purchased from the official website and shipped from Europe. Then, just as in the earlier video where she made my name tag, we sliced the file and defined a colour change point.

Education 70

Education Technology Software Retail 70

ForAllSecure

MARCH 29, 2023

An attacker can craft a malicious query that includes a script tag with JavaScript code that steals the user's session token, allowing the attacker to impersonate the user and perform actions on their behalf. API-based XSS attacks involve exploiting vulnerabilities in the APIs used by web applications to fetch and display data.

Authentication 40

Authentication Passwords Encryption Software 40

Security Boulevard

FEBRUARY 21, 2024

The Latest and Greatest From HYAS In just the first two months of 2024, we have shipped some eye-popping improvements to HYAS Protect and HYAS Insight. You can group by malware family, malware tags, and C2 ASNs. Tag Pivot You know all of those rich tags you see decorating intelligence in HYAS Insight?

DNS 49

DNS Malware Engineering Cybersecurity 49

Kali Linux

AUGUST 10, 2015

Continuously Updated Tools, Enhanced Workflow Another interesting development in our infrastructure has been the integration of an upstream version checking system , which alerts us when new upstream versions of tools are released (usually via git tagging). With this new system in place, core tool updates will happen more frequently.

Penetration Testing 52

Penetration Testing Wireless Mobile Information Security 52

Anton on Security

NOVEMBER 1, 2023

Ideally, it should be tagged to make the overall knowledge base easy to search, and tracked as an issue in a project management system to build a relevant backlog of threats to detect. These last requirements also make metrics and reporting on detection quality much easier.

Engineering 147

Engineering Architecture Cyber threats Threat Detection 147

Troy Hunt

JANUARY 10, 2018

HIBP also implements the includeSubdomains and preload keywords which ensures that HSTS is cascaded down to every subdomain of the site and is implemented in every browser when it ships from the manufacturer (more on both of those in my post on HSTS ). Ship now, consequences later” [link] — Mr. K Whestrivy (@mrkwhrvy) January 10, 2018.

Hacking 279

Hacking Government Risk Encryption 279

ForAllSecure

MARCH 1, 2022

I inherited the ship from the previous strep II Robinson. You see, no weapons rendered the Dread Pirate Westly sailed ashore toward an entirely new crew and he stayed aboard for wireless first mate for the time calling me Roberts once the crew believed he left the ship and I had been Roberts ever since. My name is Ryan.

Hacking 52

Hacking Mobile Cryptocurrency VPN 52

Cisco Security

AUGUST 28, 2023

The same script was then copied and amended to add tags to devices. So, to make this flexible, we use tags in Meraki Systems Manager speak. This means that if you tag a device, and tag a setting or application, that device gets that application, and so on. However, it didn’t work.

Wireless 60

Wireless DNS Mobile Technology 60

Troy Hunt

JUNE 15, 2023

We can't add a meta tag. Announcement 4: There are lots of little optimisation tweaks I didn't just want to ship a model from years ago and reproduce all the assumptions of the day, so I made a bunch of tweaks to further optimise things. We don't have any of those 4 aliases on our domain. We can't upload a file.

Accountability 232

Accountability Small Business InfoSec DNS 232

Security Boulevard

NOVEMBER 1, 2023

Ideally, it should be tagged to make the overall knowledge base easy to search, and tracked as an issue in a project management system to build a relevant backlog of threats to detect. These last requirements also make metrics and reporting on detection quality much easier.

Engineering 80

Engineering Architecture Cyber threats Threat Detection 80

Troy Hunt

JULY 23, 2018

As of today, Google begins shipping Chrome 68 which flags all sites served over the HTTP scheme as being "not secure" This is because the connection is, well, not secure so it seems like a fairly reasonable thing to say!

Government 166

Government VPN Banking 166

Security Boulevard

NOVEMBER 3, 2023

Ideally, it should be tagged to make the overall knowledge base easy to search, and tracked as an issue in a project management system to build a relevant backlog of threats to detect. These last requirements also make metrics and reporting on detection quality much easier.

Backups 64

Backups Engineering Architecture Cyber threats 64

eSecurity Planet

MARCH 17, 2022

Visual panels including graphs, geomaps, heatmaps, histograms, and more Create, consolidate, and manage alerts into a central console Manipulate queries and specific files for data transformations Ability to share insights and reports for company, team, and stakeholder use Add metadata and tags to specific data points with graphical annotations.

Penetration Testing 109

Penetration Testing Software Risk Firewall 109

Cisco Security

MAY 26, 2022

A serious challenge was to secure the needed hardware and ship it in time for the conference, given the global supply chain issues. For Black Hat Asia, Cisco Meraki shipped: 45 Meraki MR wireless access points. Special recognition to Jeffry Handal for locating the hardware and obtaining the approvals to donate to Black Hat Events.

Wireless 79

Wireless Mobile Engineering Firewall 79

Scary Beasts Security

MAY 5, 2017

In general, everyone ships an out of date WebKit and Linux distributions are no different. u.asInt64 & TagMask); } Where tag() returns the latter 4 bytes of the value, CellTag==0xfffffffb and TagMask==0xffff000000000002. So it wasn’t really a surprise to me to look at an old but still supported Linux distribution, Ubuntu 12.04

Hacking 126

Hacking Mobile Accountability 126

Security Boulevard

FEBRUARY 27, 2023

Typically, each bottle has a protective tag, which both prevents opening but also triggers alarms if removed from the store. The products that do come from a distribution hub are stored in bulk, to be split up into smaller volumes when shipped to store. If spirits were data, they would be the company’s critical datasets.

InfoSec 52

InfoSec Cybersecurity Risk Technology 52

ForAllSecure

MAY 13, 2022

There's a little security tag they put to see if someone is tampered with it but they are not locked. A lot of stuff shipped with a schematic. So I thought like, and the thing is, depending on your motivations, anyone can get smarmy, like if you go look at the side of a building or your house, they're not locked, right?

Engineering 52

Engineering Energy and Utilities Computers and Electronics Firmware 52

ForAllSecure

AUGUST 14, 2019

BGR says the price tag for Pegasus is in the range of millions of dollars. And so what we're starting to do is add in tools that help build in security checks as you build and ship software. Reports suggest that smishing is one possible attack vector for the spyware. Dave Bittner: [00:03:09] This isn't a commodity attack tool.

Energy and Utilities 52

Energy and Utilities Penetration Testing Government Education 52

ForAllSecure

AUGUST 14, 2019

BGR says the price tag for Pegasus is in the range of millions of dollars. And so what we're starting to do is add in tools that help build in security checks as you build and ship software. Reports suggest that smishing is one possible attack vector for the spyware. Dave Bittner: [00:03:09] This isn't a commodity attack tool.

Energy and Utilities 40

Energy and Utilities Penetration Testing Government Education 40

ForAllSecure

AUGUST 14, 2019

BGR says the price tag for Pegasus is in the range of millions of dollars. And so what we're starting to do is add in tools that help build in security checks as you build and ship software. Reports suggest that smishing is one possible attack vector for the spyware. Dave Bittner: [00:03:09] This isn't a commodity attack tool.

Energy and Utilities 40

Energy and Utilities Penetration Testing Government Education 40