RSS-Feeds
BSI Bund-Cert
- Version 1.0: SonicWall SonicOS – Proof-of-Concept Exploit für Schwachstelle im SSLVPN veröffentlicht 31. Januar 2025
- Version 1.0: SonicWall SMA 1000 Serie – Zero-Day Schwachstelle in Management Konsole geschlossen 23. Januar 2025
- Version 1.0: Microsoft Windows – Kritische Schwachstelle in Windows OLE 14. Januar 2025
- Version 1.0: Fortinet FortiOS & FortiProxy – Aktive Ausnutzung einer Zero-Day Schwachstelle 14. Januar 2025
Bruce Schneier
- Critical GitHub Attack 20. März 2025This is serious: A sophisticated cascading supply chain attack has compromised multiple GitHub Actions, exposing critical CI/CD secrets across tens of thousands of repositories. The attack, which originally targeted the widely used “tj-actions/changed-files” utility, is now believed to have originated from an earlier breach of the “reviewdog/action-setup@v1” GitHub Action, according to a report. […] CISA […]
- Is Security Human Factors Research Skewed Towards Western Ideas and Habits? 18. März 2025Really interesting research: “How WEIRD is Usable Privacy and Security Research?” by Ayako A. Hasegawa Daisuke Inoue, and Mitsuaki Akiyama: Abstract: In human factor fields such as human-computer interaction (HCI) and psychology, researchers have been concerned that participants mostly come from WEIRD (Western, Educated, Industrialized, Rich, and Democratic) countries. This WEIRD skew may hinder understanding […]
- Improvements in Brute Force Attacks 17. März 2025New paper: “GPU Assisted Brute Force Cryptanalysis of GPRS, GSM, RFID, and TETRA: Brute Force Cryptanalysis of KASUMI, SPECK, and TEA3.” Abstract: Key lengths in symmetric cryptography are determined with respect to the brute force attacks with current technology. While nowadays at least 128-bit keys are recommended, there are many standards and real-world applications that […]
- Friday Squid Blogging: SQUID Band 14. März 2025A bagpipe and drum band: SQUID transforms traditional Bagpipe and Drum Band entertainment into a multi-sensory rush of excitement, featuring high energy bagpipes, pop music influences and visually stunning percussion! As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Feeds
Die nachfolgenden Feeds sollen aktuelle Nachrichten wiedergeben, so dass hierauf gegebenfalls schnell reagiert werden kann.
