Google wants Android to use regular Linux kernel, potentially improving updates and security

Android is built on top of the Linux kernel, but it has always used a heavily-modified version with changes from OEMs, chip manufacturers like Qualcomm

androidpolice.com/2019/11/19/g

DuckDuckGo Will Automatically Encrypt More Sites You Visit

If a site offers HTTPS, DuckDuckGo's Smarter Encryption will take you there.

wired.com/story/duckduckgo-sma

A collection of various awesome lists for hackers, pentesters and security researchers - Hack-with-Github/Awesome-Hacking

github.com/Hack-with-Github/Aw

Automatically updated, moderated and optimized lists for blocking ads, trackers and other online garbage - notracking/hosts-blocklists

github.com/notracking/hosts-bl

GitHub launches 'Security Lab' to help secure open source ecosystem | ZDNet

Fourteen companies unite get together to search, find, and fix security flaws in GitHub-hosted open source projects.

zdnet.com/article/github-launc

I think I will stick with Mastodon. Free, intelligent and federated. I appreciate what Jimmy Wales is trying to do, but there are better alternatives now.

Would you pay to join a social network? Wikipedia co-founder Jimmy Wales thinks up to 500 million people could.

zdnet.com/article/wikipedias-j

PureLocker Ransomware Can Lock Files on Windows, Linux, and macOS

Cybercriminals have developed ransomware that can be ported to all major operating systems and is currently used in targeted attacks against production servers.

PureLocker Ransomware Can Lock Files on Windows, Linux, and macOS bleepingcomputer.com/news/secu

The Firmware Security Testing Methodology (FSTM) is composed of nine stages tailored to enable security researchers, software developers, consultants, hobbyists, and Information Security profession...

github.com/scriptingxss/owasp-

Ha. We still have mouth-breathers who believe the Earth is flat...good luck getting them to believe the Universe is round.

What Shape Is the Universe — Closed or Flat? | Quanta Magazine

quantamagazine.org/what-shape-

Looking forward to getting my fingers on one of these.

At Microsoft Ignite, Yubico previews the first-ever and long-awaited YubiKey Bio. It is the first YubiKey that will support fingerprint recognition for secure and seamless passwordless logins.

yubico.com/2019/11/yubico-reve

HTTP Security Headers - A Complete Guide

A description of each security header, why it is important, and how to configure your website in a secure way.

nullsweep.com/http-security-he

I Got Access to My Secret Consumer Score. Now You Can Get Yours, Too.

Little-known companies are amassing your data — like food orders and Airbnb messages — and selling the analysis to clients. Here’s how to get a copy of what they have on you.

nytimes.com/2019/11/04/busines

Just in time for Halloween and my re-watching of the '80s classic horror film, "Re-Animator".

Is Death Reversible?

An experiment that partially revived slaughterhouse pig brains raises questions about the precise end point of life

scientificamerican.com/article

Another Chinese browser keepin' it real.

Major Chinese browser ‘Maxthon’ has a bug that allows anyone admin access

One of China‘s most popular browsers, Maxthon, has a bug in its Windows version that can allow a hacker to take admin control and install malware.  A report by security firm SafeBreach notes it reported the vulnerability in September. The anomaly lets a hacker install a program into a service that is run by the “NT AUTHORITYSYSTEM,” …

thenextweb.com/security/2019/1

Chinese browser company is at it again.

The highly popular UC Browser and UC Browser Mini Android apps, with a total of over 600 million Play Store installs, exposed their users to MiTM attacks by downloading an Android Package Kit (APK) from a third party server over unprotected channels.

500+ Million UC Browser Android Users Exposed to MiTM Attacks. Again. bleepingcomputer.com/news/secu

This is likely the most comprehensive article on security keys available. Secure Authentication is the security domain that I am most interested in and this piece lights me up like a Christmas tree

How to stay safe online and prevent phishing with FIDO2, WebAuthn and security keys. A look into YubiKeys, TOTP authenticator apps, passwordless and more.

paulstamatiou.com/getting-star

You may have had a few extra Teams connecting to your TeamViewer. 👯‍♂️👯‍♂️

FireEye: "APT41 compromised company behind TeamViewer - which enabled them to access *any* system with TeamViewer installed" • InfoTech News

meterpreter.org/fireeye-apt41-

The constant deluge of media articles supportive of 5G network technology has been making me nervous for the past year (as if national and world politics wasn't bad enough) due to the fact that certain large companies stand to make trillions of $currency by rolling out potentially dangerous technology for human health.

We Have No Reason to Believe 5G Is Safe

The technology is coming, but contrary to what some people say , there could be health risks

blogs.scientificamerican.com/o

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.