https://www.extremetech.com/computing/265582-everything-surrounding-new-amd-security-allegations-reeks-hit-job CTS-Labs, has accused AMD of 13 serious security flaws within its products. Standard operating procedure in security disclosures; vendors are typically given at least a 90-day window to implement solutions. But in this case, AMD was notified a day ahead of the disclosure. →
https://www.smashingmagazine.com/2018/02/gdpr-for-web-developers/ Europe’s imminent privacy overhaul means that we all have to become more diligent about what data we collect, how we collect it, and what we do with it. In our turbulent times, these privacy obligations are about ethics as well as law. Web developers have a major role to play here. After all, healthy →
This posting is here to collect security alert news in March 2018. I post links to security vulnerability news to comments of this article. →
http://theinstitute.ieee.org/ieee-roundup/blogs/blog/2018-winter-olympics-a-prime-target-for-hackers Malware has already made its way into the 2018 Winter Olympics, but hopefully the organization is capable of keeping everything working well without serious problems. This article claims that hackers are deploying malware capable of disrupting this year’s Winter Olympic Games, in Pyeongchang, South Korea. The malware is claimed to have the potential to →
This posting is here to collect security alert news in February 2018. I post links to security vulnerability news to comments of this article. →
EDN magazine published today that a 15-year-old Richard Skrenta on winter break from high school wrote what is considered to be the first large-scale, self-spreading personal computer virus on January 30, 1982. The Elk Cloner virus attached itself to the Apple DOS 3.3 operating system on Apple II computer and spread by floppy disk. Elk →
https://opensource.com/article/18/1/securing-linux-filesystem-tripwire?sc_cid=7016000000127ECAAY Linux integrity checker notifies you if malware or other events make changes to your filesystem. Tripwire works on almost all Linux distributions; you can download an open source version from Sourceforge and install it. →
https://www.cyberciti.biz/tips/linux-unix-bsd-openssh-server-best-practices.html This page shows how to secure your OpenSSH server running on a Linux or Unix-like system to improve sshd security. Read also how to only allow ssh login using SSH keys https://www.cyberciti.biz/faq/how-to-disable-ssh-password-login-on-linux/ →
https://enterprisersproject.com/article/2017/12/5-blockchain-trends-watch-2018?sc_cid=7016000000127ECAAY Few new technologies have raised as much discussion as blockchain. One reason is the controversy, concern, and perceived opportunity around blockchain-based cryptocurrencies (such as bitcoin and ether) and crowdfunding via initial coin offerings (ICOs). But what is blockchain’s role in the enterprise? This article gives some ideas to think about. Take those trends with grain of →
https://media.ccc.de/v/34c3-9058-everything_you_want_to_know_about_x86_microcode_but_might_have_been_afraid_to_ask#t=2250 This is a quite interesting presentation on Intel CPU secrets: Microcode is an abstraction layer on top of the physical components of a CPU and present in most general-purpose CPUs today. While it is well-known that CPUs feature a microcode update mechanism, very little is known about its inner workings given that microcode and →