https://palant.de/2017/03/23/lastpass-security-done-wrong Altogether it looks like LastPass is a lot better at PR than they are at security. Yes, that’s harsh but this is what I’ve seen so far. In particular, security vulnerabilities have been addressed punctually, only the exact scenario reported has been tested by the developers. This time LastPass has driven it to an […]
Some good tips here that I’ll be implementing in my own .vimrc: https://dougblack.io/words/a-good-vimrc.html
TL;DR Belan’s observed offensive traits were as follows: He identified peripheral web servers via Google and Linkedin searches Used known WordPress flaws and custom bugs to compromise PHP sites Linux authentication mechanisms were altered to capture credentials Nmap was used to identify exposed network services internally Corporate Wikis revealed administrative workflows and VPN details Ticketing, […]
Funfact: Microsoft doesn’t call it “advertising,” they call it “Show sync provider notifications.”
“Our final conclusion? Don’t fart naked near food. All right, it’s not rocket science. But then again, maybe it is?”
The New York Times writes: If the tech industry is drawing one lesson from the latest WikiLeaks disclosures, it’s that data-scrambling encryption works, and the industry should use more of it.