Google opens up Chrome and Chrome OS to enterprise security, control integrations
https://www.theverge.com/2022/5/26/23142956/google-chrome-os-enterprise-framework-security-endpoint
Do the crime,pay the fine and keep the profit. :(
Btw: where's my share?
RT @Reuters@twitter.com
Twitter has agreed to pay $150 million to settle allegations it misused private information, like phone numbers, to target advertising after telling users the information would be used for security reasons https://reut.rs/3Ny6L8s
「Xperia 1 IV」のOSアップデート予定をソニーに問い合わせてみた | Buzzap! - https://buzzap.jp/news/20220519-xperia-1-4-os-update-security-update/
>グローバルモデルは2回のOSアップデートと3年のセキュリティアップデートの予定。国内通信キャリアモデルは、各通信キャリア様にお問い合わせ
馬鹿っ高いんだから、もう1年延ばして
OnePlus 10 Pro's latest update brings the May security patch with bug fixes in tow https://www.androidpolice.com/oneplus-10-pros-update-brings-may-security-patch-bug-fixes/
スマホはアップデートが必要なので、旧式を使い続けられるようになるには「アップデートの開発/検証コストが低くなる」改善が必要になる。
開発については端末固有のコードとOSコアのコードを分離することである程度ラクに出来る。
一方で検証コストはあまり下がらない。
とはいえアップデート回数を意識するAndroid端末メーカーも増えてきた。
サムスンのハイエンド機種はアップデート4回を表明していて、これはGooleの3年サポート(≒アプデ3回)より多い。 https://mobilelaby.com/blog-entry-samsung-os-updates-up-to-4-generations.html
Xperiaは最大でOSアップデート2回、セキュリティアップデート3年と並程度だった。 https://buzzap.jp/news/20220519-xperia-1-4-os-update-security-update/
RT @igorsushko@twitter.com
Legendary Russian Rock Band DDT concert took place in #Perm, Russia on May 18th. Yuri Shevchuk was immediately detained by security services in the dressing room after the concert. Video of what he said at the end of the performance, with English subtitles.
#DDoS mitigation provider #Radware said it dealt with a #Мassive 1.1 Tbps DDoS attack that targeted "one of the world's largest service providers."
According to the company, the attack took place last week and lasted approximately 36 hours.
#DDoSAttack https://blog.radware.com/security/2022/05/radware-mitigates-1-1tbps-ddos-attack/
Pentagon reveals contents of new security assistance package for Ukraine
https://www.ukrinform.net/rubric-ato/3487429-pentagon-reveals-contents-of-new-security-assistance-package-for-ukraine.html
SonyのPSPでもなければAMDのPSPでもない。
Announcing PSP Security Protocol is now open source | Google Cloud Blog
https://cloud.google.com/blog/products/identity-security/announcing-psp-security-protocol-is-now-open-source
Red Hat Enterprise Linux 9 overview | security functionality and performance for IT environments
#linux #redhat #gnome #opensource
https://youtu.be/NwM0okgdi2A
How A Cheap Smart ID Card Reader Sold On #Amazon Became A National Security Risk
#DoD #cybersecurity #nationalsecurity
https://hothardware.com/news/how-cheap-smart-id-card-reader-sold-amazon-became-national-security-risk
'Protected by Android' is Google's new security branding - 9to5Google
https://9to5google.com/2022/05/17/protected-by-android-branding/
開発者のための GitHub Organization の安全な運用と 継続的なモニタリング - Speaker Deck
https://speakerdeck.com/flatt_security/kai-fa-zhe-falsetamefalse-github-organization-falsean-quan-nayun-yong-to-ji-sok-de-namonitaringu
GoogleやMicrosoft、OSSの安全強化プランに3000万ドルずつ提供 - ITmedia NEWS
https://www.itmedia.co.jp/news/articles/2205/16/news074.html
The Linux Foundation and Open Source Software Security Foundation (OpenSSF) Gather Industry and Government Leaders for Open Source Software Security Summit II - Linux Foundation
https://linuxfoundation.org/press-release/linux-foundation-openssf-gather-industry-government-leaders-open-source-software-security-summit/
Blinken conveys to Kuleba details of latest security assistance
https://www.ukrinform.net/rubric-polytics/3484009-blinken-conveys-to-kuleba-details-of-latest-security-assistance.html
AWS commits additional $10M to OpenSSF for open source security: https://aws.amazon.com/blogs/opensource/aws-investing-an-additional-10-million-in-open-source-supply-chain-security/ #linux #foss #openssf #security
🔐 ’Security List’ - “Curated lists of tools, tips and resources for protecting digital #Security and #Privacy.”
I don't think the EU Commission realises that its dangerous #CSAM proposal would make illegal the exact same chat apps that it wants its officials to use for #security reasons. CC @YlvaJohansson @ThierryBreton @Vestager @Vonderleyen @signalapp
https://www.theverge.com/2020/2/24/21150918/european-commission-signal-encrypted-messaging
EUの「協調的脆弱性開示」の実態、そこから見る先行事例としての日本の取り組み【海外セキュリティ】 - INTERNET Watch
https://internet.watch.impress.co.jp/docs/column/security/1408080.html
▶️ #ChatControl: The @EU_Commission plans to use chat control in communication services. Such misguided measures of #MassSurveillance are an intrusion into #privacy and not effective to increase #security. Read our article on #StateSurveillance: https://vioffice.de/blog/state-surveillance/ 📡
2/3
Heres some tools and resources to harden Windows security by alot:
https://cutechri.com/#security
https://github.com/beerisgood/Windows11_Hardening
https://github.com/AndyFul/Hard_Configurator
How to use Edge’s tools to protect your privacy while browsing
https://www.theverge.com/23057517/microsoft-edge-privacy-browser-security-browsing-how-to
It is undeniable that #security agencies need ways to carry out investigation.
But security experts and even the @UN special rapporteur call for carefully proportioned and effective methods of investigation instead of mass surveillance in the fight against crime.
2/4
Besides offering safety and security, the fencing is also used for decorative purposes in Brisbane. They are considered a great way to add aesthetics to your property. The rightly installed fencing does not only create a place for safety and security, but they increase the visual aspect of the property. Hence, make sure the fencing is durable as well. For the best decorative fencing in Brisbane, contact Signfab. https://bit.ly/3weCCEe
On the (In)security of Social Media Callouts - Dhole Moments
https://soatok.blog/2022/03/30/on-the-insecurity-of-social-media-callouts/
Your Phone May Soon Replace Many of Your Passwords – Krebs on Security #InternetSecurity #Cybersecurity https://krebsonsecurity.com/2022/05/your-phone-may-soon-replace-many-of-your-passwords/
Software security starts with the developer: Securing developer accounts with 2FA | The GitHub Blog
https://github.blog/2022-05-04-software-security-starts-with-the-developer-securing-developer-accounts-with-2fa/
GitHub、コード提供の全ユーザーに2要素認証(2FA)を義務付けへ 2023年末までに - ITmedia NEWS
https://www.itmedia.co.jp/news/articles/2205/05/news030.html
MacVoices #22090: NAB - Backblaze Offers Multiple Levels of Data Security
http://www.macvoices.com/macvoices-22090-nab-backblaze-offers-multiple-levels-of-data-security/
1Password 8 for Mac brings autofilling passwords to native apps
https://www.theverge.com/2022/5/3/23055212/1password-8-mac-password-manager-security
FOSSのサプライチェーン攻撃を検知する試みをOpen Source Security Foundation (OpenSSF) が公開した。ソースコードは https://github.com/ossf/package-analysis から確認できる。
Open source 'Package Analysis' tool finds malicious npm, PyPI packages
https://www.bleepingcomputer.com/news/security/open-source-package-analysis-tool-finds-malicious-npm-pypi-packages/
Pixel Update Bulletin—May 2022 | Android Open Source Project
https://source.android.com/security/bulletin/pixel/2022-05-01
【セキュリティ ニュース】大阪市の公開資料にコロナ患者管理システムのパスワード - 2段階認証の盲点も(2ページ目 / 全2ページ):Security NEXT
https://www.security-next.com/136220/2
>コールバックが正規のリクエストによるものか不明瞭なまま認証していた
認証が人力だった(合ってるか知らんけどとにかくヨシ!)ってこと?
F-Droid: how is it weakening the Android security model? | Wonder's Lab
https://wonderfall.dev/fdroid-issues/
The sanitized CAG report on UIDAI omits any reference to all these critical issues -
1. Fraud
2. Exclusion
3. National Security catastrophe via compromised Armed Forces biometrics
4. Contempt of SC judgment (no opt out for adults)
5. Rampant State abuse
https://mobile.twitter.com/BharatVarma3/status/1520609400410439680
1Password syncing went down for a few hours today during a database upgrade
https://www.theverge.com/2022/4/27/23045469/1password-outage-password-manager-security-cloud-storage
Google Play Store’s app privacy labels start appearing - The Verge
https://www.theverge.com/2022/4/26/23042343/google-play-store-safety-section-android-data-collection-security
大企業のセキュリティエンジニアなのに詐欺にだまされかけた話 - GIGAZINE - https://gigazine.net/news/20220425-security-engineer-scammed/
大切な教訓
Googleの調査で判明したスマホ「最強のセキュリティ対策」 | ライフハッカー[日本版] https://www.lifehacker.jp/article/192120-here-are-the-best-account-security-methods-according-to-google/
T-Mobile Source Code breached– Krebs on Security https://krebsonsecurity.com/2022/04/leaked-chats-show-lapsus-stole-t-mobile-source-code/
We offer top-of-the-line security camera systems in Miami. Our team consists of highly trained experts that are committed to providing excellent customer service and technical support to all of our customers.
https://installationsecuritycamera.com/ #security camera installation miami
今、誤ってSolution explorerの何かのメニューを選んでしまったら、csprojに<UserSecretsId>なるタグが挿入されて知らないjsonが開いた。どうやらこれの事らしい。
お前ら10年遅いわ!! って呟きながら、今後はこれを使おうかと思ったんだけど、肝心なパッケージの依存関係多すぎで、あんまり普通に使いたくない感... Azure KeyVaultに連携させたかったからかもしれんけど。
そういうわけで、これは新たなネタか?
https://docs.microsoft.com/ja-jp/aspnet/core/security/app-secrets?view=aspnetcore-3.1&tabs=windows
Chrome's taking steps to ensure your gaming habit doesn't make you a target for data miners https://www.androidpolice.com/chromes-gamepad-api-security/
Samsung Internet Beta v17 adds Web Authentication API with support for security keys https://www.androidpolice.com/samsung-internet-beta-v17-smart-anti-tracking-privacy-improvements/
Alarming 7-Zip #Security Flaw Exposes Your PC To #HackerShivaBalaji Giving Full Admin Rights
https://hothardware.com/news/7-zip-security-flaw-grants-full-admin-rights
Russian ransomware group, Conti, Toll on the Healthcare Industry – Krebs on Security https://krebsonsecurity.com/2022/04/contis-ransomware-toll-on-the-healthcare-industry/
Indulge in various businesses in Chicago? Control your every business without any hassle and remotely with the best usage of security cameras. Shop the Security Cameras Chicago at the best price from the best dealer and service provider Advanced Security Experts and watch over your businesses remotely from one device only. Visit https://advancedsecurityexpert.com/
US allocates $800M in additional security assistance to Ukraine - Biden
https://www.ukrinform.net/rubric-ato/3456839-us-allocates-800m-in-additional-security-assistance-to-ukraine-biden.html
Trump Allies Begged Homeland Security To Confiscate Voting Machines https://youtu.be/Geq1L8vB7Yk via @YouTube
Git security vulnerability announced | The GitHub Blog
https://github.blog/2022-04-12-git-security-vulnerability-announced/
Merge proposal https://salsa.debian.org/pkg-security-team/ettercap/-/merge_requests/1 (ettercap) merged by locutusofborg.
ドライブバイダウンロードとは?仕組みや被害事例、対策方法について徹底解説|サイバーセキュリティ.com https://cybersecurity-jp.com/security-measures/23408
"ドライブバイダウンロード攻撃では、利用者が特定のWebサイトを訪問した際に自動的に悪意のある不正プログラムをダウンロードするように仕組まれます。こういった手法は、別の記事で紹介した「水飲み場型攻撃」と似ていますが、水飲み場型攻撃では、もっとターゲットがよく閲覧するWebサイトを調査し、厳選するなど、より攻撃対象が狭まったものとなっています。"
Double-Your-Crypto Scams Share Crypto Scam Host – Krebs on Security - A look at hundreds of phony crypto investment schemes https://krebsonsecurity.com/2022/04/double-your-crypto-scams-share-crypto-scam-host/
🟢 Time to update: Tor Browser 11.0.10 (#Windows, #macOS, #Linux) is now available. This version includes important security updates to #Firefox.
#TorBrowser 🧅
#infosec
https://t.co/ruT8fPHypA
RT @asteris@twitter.com
That's the entire point: we should all have been climate activists years ago, before the 11th hour for climate and global security (while also keeping the wind turbine industry accountable.) It might not be too late, but we screwed up in so many ways. https://twitter.com/marceldirsus/status/1512379651708047363
Android Developers Blog: Expanding Play’s Target Level API Requirements to Strengthen User Security
https://android-developers.googleblog.com/2022/04/expanding-plays-target-level-api-requirements-to-strengthen-user-security.html?m=1
Android Developers Blog: Expanding Play’s Target Level API Requirements to Strengthen User Security
https://android-developers.googleblog.com/2022/04/expanding-plays-target-level-api-requirements-to-strengthen-user-security.html
He detailed atrocities to the U.N. Security Council, saying, “Women have been raped and killed in front of their children.”
https://www.youtube.com/watch?v=DwoNEi6TDaA
The Play Store will soon hide old apps in the name of security https://www.androidpolice.com/play-store-hide-old-apps-api-security/
Samsung’s March 2022 security update is reaching more Galaxy devices in the US https://www.androidpolice.com/samsung-march-2022-security-update-us-carriers/
Samsung's April 2022 security update is arriving for Galaxy owners in the US https://www.androidpolice.com/samsungs-april-2022-security-update-is-arriving-for-galaxy-owners-in-the-us/
Vevo to ‘review’ security after YouTube feeds for Lil Nas X, Justin Bieber, and others were hacked
https://www.theverge.com/2022/4/6/23012513/youtube-vevo-hack-lil-nas-x-taylor-swift-michael-jackson
Pixel Update Bulletin—April 2022 | Android Open Source Project
https://source.android.com/security/bulletin/pixel/2022-04-01
Ukraine could negotiate with Russia after it seals security guarantees from other states - Zelensky
https://www.ukrinform.net/rubric-polytics/3447758-ukraine-could-negotiate-with-russia-after-it-seals-security-guarantees-from-other-states-zelensky.html
"Nobody cares less about information security than the builders of cryptocurrency projects."
https://decrypt.co/96727/web3-is-supposed-to-be-secure-what-about-all-these-hacks
Google Workspace's new security feature scrambles your data before it's uploaded https://www.androidpolice.com/google-workspace-client-side-encryption/
Apple’s newest subscription service is an IT management package for small businesses
https://www.theverge.com/2022/3/31/23005413/apple-business-essentials-mdm-icloud-security
https://www.ipa.go.jp/security/announce/ie_eos.html
2022 年 6 月 16 日(日本時間)に Microsoft 社の Internet Explorer(以下、IE)のサポートが終了します。 サポート終了後、Microsoft 社が定める時点より、IE を起動しようとすると Microsoft Edge が起動するよう変更されます(※1)。
※1 Windows Update が適切に行われている必要があります。
サポート終了の対象ソフトウェア製品は以下の通りです。
2022 年 6 月 16 日(日本時間)
Internet Explorer 11 デスクトップアプリケーション(SAC)
Windows 10 デスクトップ SKU(20H2 以降)
Windows 10 IoT(20H2 以降)
Samsung's April 2022 security update is arriving for Galaxy phones internationally https://www.androidpolice.com/samsung-april-2022-security-patch-international/
Samsung’s March 2022 security update is reaching more Galaxy devices in the US https://www.androidpolice.com/samsung-march-2022-security-update-us-carriers/
Apple releases iOS 15.4.1 with bug fixes and security improvements - 9to5Mac
https://9to5mac.com/2022/03/31/apple-releases-ios-15-4-1-with-bug-fixes-and-security-improvements/
Security experts say new EU rules will damage WhatsApp encryption
https://www.theverge.com/2022/3/28/23000148/eu-dma-damage-whatsapp-encryption-privacy
How to use your phone as a two-factor authentication security key
https://www.theverge.com/22994705/two-factor-authentication-security-key-how-to
Let the sunshine in and let us create some positive thinking. Freedom has never been more important than now. #vollaPhone #security #privacy #smartphone
https://volla.online
インスタンス管理者様で検索対象に追加をご希望の方は、こちらのページより追加希望のご連絡をいただけますでしょうか。
(現在、インスタンス管理者ではない方からのインスタンス追加依頼はお受けしておりません。「自分の登録しているインスタンスが検索対象になったらいいなぁ」という方は、インスタンス管理者の方とご相談ください。)
ご自身のトゥートを検索対象に含めたくない場合、該当アカウントからマストドン検索ポータルアカウントまでご連絡をお願いいたします。
キャッシュからトゥートを削除し、以後検索に引っ掛からないように処理を行います。
@izwx
(※必ず、メールではなく該当アカウントからmastodon内でご連絡ください。これは、赤の他人を除外しようとするなりすまし行為を防ぐために必要となりますので、ご協力のほどよろしくお願いいたします。)
