social.sokoll.com

Search

Items tagged with: infosec

Hello, je cherche des comptes/tags à suivre, dans les domaines des #musiques actuelles, #jazz, #fusion, #progrock, #metal, mais aussi des #bassistes, #beatmakers, etc. Je m'intéresse aussi aux #computers, #database, #infosec, #libre, etc. Enfin adore la #moto sous toutes ses formes, la #montagne, la #glisse. Anyone pour me recommander des pages sur ces sujets, en anglais ou en français ? #Facebook #escape #help
 
#blog #infosec
Single Point of Failure
 
#blog #infosec
Single Point of Failure
 
Bild/Foto

INFOSEC: FUCK YOUR '"BLACK/WHITE NEUTRALITY"!

By Catalin Cimpanu for Zero Day | July 4, 2020

The information security (infosec) community has angrily reacted today to calls to abandon the use of the 'black hat' and 'white hat' terms, citing that the two, and especially 'black hat,' have nothing to do with racial stereotyping.



Discussions about the topic started late last night after David Kleidermacher, VP of Engineering at Google, and in charge of Android Security and the Google Play Store, withdrew from a scheduled talk he was set to give in August at the Black Hat USA 2020 security conference.

In his withdrawal announcement, Kleidermacher asked the infosec industry to consider replacing terms like black hat, white hat, and man-in-the-middle with neutral alternatives.

These changes remove harmful associations, promote inclusion, and help us break down walls of unconscious bias. Not everyone agrees which terms to change, but I feel strongly our language needs to (this one in particular).

— David Kleidermacher (@DaveKSecure) July 3, 2020

While Kleidermacher only asked the industry to consider changing these terms, several members mistook his statement as a direct request to the Black Hat conference to change its name.

With Black Hat being the biggest event in cyber-security, online discussions on the topic quickly became widespread among cyber-security experts, dominating the July 4th weekend.

While a part of the infosec community agreed with Kledermacher, the vast majority did not, and called it virtue signaling taken to the extreme.

Most security researchers pointed to the fact that the terms had nothing to do with racism or skin color, and had their origins in classic western movies, where the villain usually wore a black hat, while the good guy wore a white hat.

Others pointed to the dualism between black and white as representing evil and good, concepts that have been around since the dawn of civilizations, long before racial divides even existed between humans.

Right now, the infosec community doesn't seem to be willing to abandon the two terms, which they don't see as a problem when used in infosec-related writings.
MORE COMMENTS: https://www.zdnet.com/article/infosec-community-disagrees-with-changing-black-hat-term-due-to-racial-stereotyping/

#programming #computer #science #software #development #infosec #black hat #resistance #goggle #hackers #internet #censorship #freedom #sexism #social #web #human rights #sanctimony #activism #activist #correctness #meetoo #blacklivesmatter #racism #racist #USA #research #cyber-security #security #privacy
 
Bild/Foto

INFOSEC: FUCK YOUR '"BLACK/WHITE NEUTRALITY"!

By Catalin Cimpanu for Zero Day | July 4, 2020

The information security (infosec) community has angrily reacted today to calls to abandon the use of the 'black hat' and 'white hat' terms, citing that the two, and especially 'black hat,' have nothing to do with racial stereotyping.



Discussions about the topic started late last night after David Kleidermacher, VP of Engineering at Google, and in charge of Android Security and the Google Play Store, withdrew from a scheduled talk he was set to give in August at the Black Hat USA 2020 security conference.

In his withdrawal announcement, Kleidermacher asked the infosec industry to consider replacing terms like black hat, white hat, and man-in-the-middle with neutral alternatives.

These changes remove harmful associations, promote inclusion, and help us break down walls of unconscious bias. Not everyone agrees which terms to change, but I feel strongly our language needs to (this one in particular).

— David Kleidermacher (@DaveKSecure) July 3, 2020

While Kleidermacher only asked the industry to consider changing these terms, several members mistook his statement as a direct request to the Black Hat conference to change its name.

With Black Hat being the biggest event in cyber-security, online discussions on the topic quickly became widespread among cyber-security experts, dominating the July 4th weekend.

While a part of the infosec community agreed with Kledermacher, the vast majority did not, and called it virtue signaling taken to the extreme.

Most security researchers pointed to the fact that the terms had nothing to do with racism or skin color, and had their origins in classic western movies, where the villain usually wore a black hat, while the good guy wore a white hat.

Others pointed to the dualism between black and white as representing evil and good, concepts that have been around since the dawn of civilizations, long before racial divides even existed between humans.

Right now, the infosec community doesn't seem to be willing to abandon the two terms, which they don't see as a problem when used in infosec-related writings.
MORE COMMENTS: https://www.zdnet.com/article/infosec-community-disagrees-with-changing-black-hat-term-due-to-racial-stereotyping/

#programming #computer #science #software #development #infosec #black hat #resistance #goggle #hackers #internet #censorship #freedom #sexism #social #web #human rights #sanctimony #activism #activist #correctness #meetoo #blacklivesmatter #racism #racist #USA #research #cyber-security #security #privacy
 
[bookmark=https://twitter.com/TheHackersNews/status/1277549883856007168]e-Commerce site hackers are now hiding malicious web-skimming code inside image metadata to covertly steal credit card information entered by visitors.

Read details — thehackernews.com/2020/06/image-…

#infosec #cybersecurity #cyberattack

[/bookmark]
 
[bookmark=https://twitter.com/kim_crawley/status/1277588560321880066]If your Windows system isn't using RDP... Close it! Close it! Close it!

Ugh! I've analyzed way more cyber attacks that exploit RDP than those that exploit zero days.

CLOSE RDP UNLESS ABSOLUTELY NECESSARY!

This is your PSA from me.

#Windows #infosec[/bookmark]
 
Tweet von John Opdenakker (@j_opdenakker) um 16. Juni, 20:18 The CIA has 34 Terabytes (!) of data exfiltrated and they only learned it after it has been published on wikileaks. The CIA takes security seriously seriously. https://t.co/hwM1ZoMlBR

#Infosec #databreach

https://twitter.com/j_opdenakker/status/1272956782944665601
US Intelligence Agencies Are Failing on Basic Cybersecurity Measures, Warns Senator

Computer Business Review: US Intelligence Agencies Are Failing on Basic Cybersecurity Measures, Warns Senator (Ed Targett)

 
Tweet von John Opdenakker (@j_opdenakker) um 16. Juni, 20:18 The CIA has 34 Terabytes (!) of data exfiltrated and they only learned it after it has been published on wikileaks. The CIA takes security seriously seriously. https://t.co/hwM1ZoMlBR

#Infosec #databreach

https://twitter.com/j_opdenakker/status/1272956782944665601
US Intelligence Agencies Are Failing on Basic Cybersecurity Measures, Warns Senator

Computer Business Review: US Intelligence Agencies Are Failing on Basic Cybersecurity Measures, Warns Senator (Ed Targett)

 
Tweet von Manuel Atug (@HonkHase) um 8. Juni, 01:10 How to show that #SocialEngineering works everywhere + asking for balls of steel award in one tweet. Kudos!
#infosec #ethics https://t.co/HG6xzeJMNI

https://twitter.com/HonkHase/status/1269768752029151234
 
Tweet von Manuel Atug (@HonkHase) um 8. Juni, 01:10 How to show that #SocialEngineering works everywhere + asking for balls of steel award in one tweet. Kudos!
#infosec #ethics https://t.co/HG6xzeJMNI

https://twitter.com/HonkHase/status/1269768752029151234
 
OMG. Just… no.

#InternetOfShit #IoT #TroyHunt #Security #InfoSec #RemoteControlDetonator
 
OMG. Just… no.

#InternetOfShit #IoT #TroyHunt #Security #InfoSec #RemoteControlDetonator
 
 

I bet it's certified.

 
 
 

I asked myself that question for at least 30 years ;-)


reshare from @micha@pluspora.com

Tweet von Steffen Christensen (@Wikisteff) um 26. Aug., 04:48 Holy shit.
You can pronounce #hex numbers, people!

#hexadecimal #math
/c @hexadecim8 #Infosec #devops https://t.co/HtDmvXD9Pr

https://twitter.com/Wikisteff/status/1165818361097392128
 
Tweet von Steffen Christensen (@Wikisteff) um 26. Aug., 04:48 Holy shit.
You can pronounce #hex numbers, people!
#hexadecimal #math
/c @hexadecim8 #Infosec #devops https://t.co/HtDmvXD9Pr

https://twitter.com/Wikisteff/status/1165818361097392128

Twitter: Liz Henry on Twitter (Liz Henry)

 
Tweet von Steffen Christensen (@Wikisteff) um 26. Aug., 04:48 Holy shit.
You can pronounce #hex numbers, people!
#hexadecimal #math
/c @hexadecim8 #Infosec #devops https://t.co/HtDmvXD9Pr

https://twitter.com/Wikisteff/status/1165818361097392128

Twitter: Liz Henry on Twitter (Liz Henry)

 
Hey, quick #infosec shot:

There's no perimeter anymore, users still want to access internal ressources, from all over the place: web services, PIM, proprietary applications, from all over the place, and probably even w/o an installed VPN client or from completely unmanaged machines. What would you look at?

Bonus points for 2/MFA, SSO, and authorisation by who and from where the access originates.
 
Hey, quick #infosec shot:

There's no perimeter anymore, users still want to access internal ressources, from all over the place: web services, PIM, proprietary applications, from all over the place, and probably even w/o an installed VPN client or from completely unmanaged machines. What would you look at?

Bonus points for 2/MFA, SSO, and authorisation by who and from where the access originates.
 
Later posts Earlier posts