Category: Cybercrime

Rust vs Go – Open Source is about enabling users – Rust lang will complement C around the GNU Linux Kernel (for better safety) “Amazon, Microsoft, Google” and the White House, want to make Open Source more secure
16.05.2022

Open Source is about enabling users “Amazon, Microsoft, Google” and the White House, want to help make Open Source more secure… https://www.golem.de/news/openssf-150-millionen-us-dollar-sollen-open-source-absichern-2205-165382.html https://www.golem.de/news/openssf-linux-foundation-will-security-praxis-vereinheitlichen-2008-150036.html src of src: “White House OSS Mobilization Plan” 2022: https://openssf.org/blog/2022/05/11/testimony-to-the-us-house-committee-on-science-and-technology/ 2020: “The OpenSSF is a cross-industry collaboration […]

FreeBSD based Citrix VPN hacked in massive hostpital healthcare hack in Germany CVE 2019 19781 – hits healthcare hospital in Germany, causing death of (at least) 1 person
27.04.2022

https://cve.circl.lu/cve/CVE-2019-19781 https://www.healthcare-computing.de/bsi-warnt-vor-schwachstelle-bei-vpn-produkten-von-citrix-a-964940/ https://www.cnblogs.com/lsgxeva/p/12116150.html hits healthcare hospital in Germany, causing death of (at least) 1 person https://www.businessinsider.de/politik/deutschland/hacker-legen-uniklinik-duesseldorf-lahm-staatsanwaltschaft-ermittelt-wegen-todesfall-einer-patientin/

2021-11 Russian IT Security Updates – why it is impossible to turn off the Internet in Russia – what is the “Mitnick attack”? – are the odds against the defenders? Browser Sidechannel Attacks “We confirm that none of these approaches completely defend against our attacks” – 2010: AI amok: how AIs almost crashed wallstreet and why it can have real world consequences (1929)
04.11.2021

warning: no guarantee of completeness! contains ads! (but owner of blog get’s nothing, maybe source of source does) Are the odds against the (itsec) defenders? It certainly feels that way, because no human can ever find all bugs, so Fuzzing […]

What is Right – What is Wrong – with great powers comes great responsibility (aka the “Peter-Parker-principle” (Spiderman 2002)) – Big Tech with better and betters Tools and without better Ethics Morals unkowing what is Right or Wrong
17.07.2021

in short: humans per default, without an education might just be “better” apes. Some parts of mankind behave very primitive and clearly show no signs of higher intelligence or education. The troubles start, when the tools become more and more […]

Zehntausende Mail-Server wegen Exchange-Lücke gehackt – Cloud oder Klaut – com-magazin.de Security Newsletter
12.03.2021

scroll down to ENGLISH “Zehntausende Mail-Server wegen Exchange-Lücke gehackt.  Wegen einer vor wenigen Tagen bekanntgewordenen Sicherheitslücke sind laut US-Medienberichten Zehntausende E-Mail-Server von Unternehmen, Behörden und Bildungseinrichtungen Opfer von Hacker-Attacken geworden. “Deutsche Unternehmen sind im internationalen Vergleich besonders stark von dieser […]

Die Vermessung des Patienten: Wem gehören meine Gesundheitsdaten? – Warum es immer weniger Ärzte und Arztpraxen in Deutschland geben wird und das Gesundheitssystem immer schlechter wird – Measuring the patient: who owns my health data? Why there will be fewer and fewer doctors and medical practices in Germany and the health system will get worse and worse
12.02.2021

Update: 2021-05: https://www.golem.de/news/irland-erste-patientendaten-im-netz-aufgetaucht-2105-156599.html Drei Krankheiten: erfolgreich kaputt gespart: schlechte Bezahlung: im Vergleich mit anderen EU-Ländern und auch USA steht Deutschland schlecht da was die Entlohnung von Ärzte an geht auch schlechter als Japan und gar Italien (!) das ist vermutlich […]

SonicWall hardware VPNs hit by worst-case 0-zero-day-exploit attacks
23.01.2021

accroding to BleepingComputer: “zero-day vulnerability in their VPN products” (so not FallOut of SolarWinds-orion-auto-update-software-supply-chain) “…have information about hacking of a well-known firewall vendor and other security products by this they are silent and do not release press releases for their […]

2020-05-18 Russian IT Security Updates
18.05.2020

SecurityLab, [21.04.20 15:35] Bitdefender experts have reported a malicious campaign against oil and gas companies. Attackers use targeted phishing and send emails to victims on behalf of logistics companies and engineering contractors. The goal of the campaign is to infect […]