Mastodawn

[email protected]Sep 2, 2024

Sep 2, 2024

Ouch.

WazirX confirms 43% of customer funds unrecoverable following $230 million cyberattack, begins restructuring:

https://www.cnbctv18.com/technology/wazirx-confirms-customer-funds-unrecoverable-following-cyberattack-begins-restructuring-19469616.htm

#databreach #WazirX #cryptocurrency #LazarusGroup

WazirX confirms 43% of customer funds unrecoverable following $230 million cyberattack, begins restructuring - CNBC TV18

The restructuring will focus on creating new revenue streams, recovering stolen assets, and offering faster withdrawals for users who need quick access to their funds.

CNBCTV18

[email protected]Sep 2, 2024

Patrick C Miller

Sep 2, 2024

Attacks Target Recent Apache OFBiz Bug https://duo.com/decipher/attacks-target-recent-apache-ofbiz-bug

Attacks Target Recent Apache OFBiz Bug

CISA warns that the CVE-2024-38856 Apache OFBiz flaw disclosed earlier this month is being actively exploited.

Decipher

[email protected]Aug 6, 2024

Show thread

GrapheneOS Aug 6, 2024

GrapheneOS has demonstrated Google Play works well as regular sandboxed apps without any special integration into the OS via our sandboxed Google Play feature. Google should be forced to spin off Google Play into an independent company competing with other app stores / services.

[email protected]Jul 29, 2024

Metacurity Jul 29, 2024

https://www.microsoft.com/en-us/security/blog/2024/07/27/windows-security-best-practices-for-integrating-and-managing-security-tools/
Here’s Microsoft’s technical breakdown of the CrowdStrike incident.

Windows Security best practices for integrating and managing security tools | Microsoft Security Blog

We examine the recent CrowdStrike outage and provide a technical overview of the root cause.

Microsoft Security Blog

[email protected]Jul 27, 2024

Jerry 🦙💝🦙Jul 26, 2024

Happy Friday, my friends. Don’t forget to push to production on your way out the door this afternoon. 🎉

[email protected]Jul 27, 2024

Tarah Wheeler Jul 26, 2024

For a deeper read on the Crowdstrike incident and the market fragility and negative externalities that drove the poor processes therein, check out Bruce Schneier's essay in @lawfare https://www.lawfaremedia.org/article/the-crowdstrike-outage-and-market-driven-brittleness

The CrowdStrike Outage and Market-Driven Brittleness

The outage is another consequence of companies’ sacrifice of resilience for expediency.

Default

[email protected]Jul 27, 2024

Viss Jul 26, 2024

go to the cloud they said.
it'll be fine, they said.

[email protected]Jul 27, 2024

tie Jul 26, 2024

AWS in GovcCoud US-East _accidentally_ upgrading MySQL from 5.7.X to 8.X.

DevOpsBorat was right. Error is human, automatically upgrading a database fleet to a new major MySQL version is #devops .

#cloudfail #aws_rds

[email protected]Jul 27, 2024

Kevin Beaumont Jul 26, 2024

If anything good comes out of the CrowdStrike disaster it’s that, hopefully, everybody in the cybersecurity vendor industry learns to be a little more humble.

This era where many people have promoted themselves to be gods fighting terrorism etc is so stupid.

There’s people being paid more than doctors - who fix humans - who think they’re Cyber Batman. Selling solutions that often don’t work, aren’t secure, and negatively impact user experience and availability.

You’re Cyber Jabba The Hutt.

[email protected]Jul 27, 2024

Daniel Molkentin Jul 26, 2024

OH: "Und all die API-Keys, die da anfallen.."

"Nenns nicht API-Keys, nenns bitte Klartextpassworte!"