Show more

Minimum Security Measures for Operators of Essentials Services — ENISA

The Mapping of Security Measures for OES Tool provides the mapping of security measures for OESs to international standards used by operators in the business sectors (namely energy, transport, banking, financial market infrastructures, health, drinking water supply & distribution and digital infrastructures).

enisa.europa.eu/topics/nis-dir

~Open Source Security Tool of the Day~

wolfSSL (formerly CyaSSL) is a small, fast, portable implementation of TLS/SSL for embedded devices to the cloud. wolfSSL supports up to TLS 1.3.

github.com/wolfSSL/wolfssl

Chrome's Changes Could Break Your App: Prepare for SameSite Cookie Updates

"Back in May 2019, Chrome announced its plan to develop a secure-by-default model for handling cookies. This initiative highlights Chrome’s promise of a more secure and faster browsing experience. Chrome's goal is to increase transparency, choice and control. Users should be aware of how they are tracked, who is tracking them."

blog.heroku.com/chrome-changes

I recently implemented #CSS dark mode to my website. If you want to know how to do it on your site, here's how:

kevq.uk/how-to-add-css-dark-mo

~Open Source Security Tool of the Day~

Tinfoil Chat (TFC) is a FOSS+FHD peer-to-peer messaging system that relies on high assurance hardware architecture to protect users from passive collection, MITM attacks and most importantly, remote key exfiltration

github.com/maqp/tfc

~Open Source Security Tool of the Day~

OpenCTI is an open source platform allowing organizations to manage their cyber threat intelligence knowledge and observables

opencti.io/

~Open Source Security Tool of the Day~

Snowflake is a graphical SSH client. It has a file browser, terminal emulator, resource/process manager, disk space analyzer, text editor, log viewer and lots of other helpful tools, which makes it easy to work with remote servers.

github.com/subhra74/snowflake/

~Open Source Security Tool of the Day~

Smart OSINT collection of common IOC types.

github.com/deadbits/mimir

**Grumpy SysAdmin Rant**

The entire "Serverless" and "Function as a Service" movement seems to be yet another way for cloud providers to capitalize on systems and buzzwords to lure developers into new monetization streams. There will always be a server of some kind, but it is a matter of diminishing returns who will actually control it and profit from it.

"Computer security is not too good in 2020. It’s really kind of a mess and crypto is one of the things that works. Taking away this tool would be a disaster for the entire connected world."

Experts Worry Crypto War Two May Go the Other Way

duo.com/decipher/experts-worry

I think this should have been their first clue.

"The bulk of the ban was levied on 129 add-ons developed by 2Ring, a provider of B2B software. "

zdnet.com/article/mozilla-has-

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.