Lmst

cryptrz :opensource:

#EthicalHacker and #sysadmin from #Luxembourg

Pulsar Edit, le successeur commnautaire d’Atom encore (trop) méconnu. Là où Atom était "hackable", Pulsar est "hyper-hackable" donc voilà !

https://cryptrz.org/wordpress/2025/05/09/pulsar-edit-le-successeur-commnautaire-datom-encore-meconnu/

#Windows #RDP lets you log in using revoked passwords. #Microsoft is OK with that.

Researchers say the behavior amounts to a persistent #backdoor.

In response, Microsoft said the behavior is a “a design decision (...) As such, Microsoft said the behavior doesn’t meet the definition of a #security #vulnerability, and company engineers have no plans to change it.

https://arstechnica.com/security/2025/04/windows-rdp-lets-you-log-in-using-revoked-passwords-microsoft-is-ok-with-that/

CHALLENGES KIDS: Le site pour #apprendre le #hacking avec les petits et les grands :)

https://www.challenges-kids.fr/

Cacher le #hostname sous #Linux

https://cryptrz.org/wordpress/2025/03/26/cacher-le-hostname-sous-linux/

#Firefox parent #Mozilla appeals for #donations after losing #USAID funding

https://www.consumeraffairs.com/news/firefox-parent-mozilla-appeals-for-donations-after-losing-usaid-funding-032525.html

Block #X formerly #Twitter

https://gist.github.com/cryptrz/ec65e4aade678751121a775ba24b6399

Digital hygiene

https://karpathy.bearblog.dev/digital-hygiene/

cryptrz :opensource: boosted:

PSA: 🚨 Update Tor Browsers now!

On March 14, 2025, a Mozilla root certificate used for add-ons verification will expire, potentially disabling extensions like NoScript or breaking features such as the Security Slider on Tor Browser versions older than 13.5.11 legacy.

To avoid issues and security risks, update now to 14.0.7 stable or 13.5.13 legacy. https://blog.torproject.org/old-tor-browsers-breakage/

Tour d’horizon de #ClamAV et #Rkhunter sous #Linux

https://cryptrz.org/wordpress/2025/03/07/tour-dhorizon-de-clamav-et-rkhunter-sous-linux/

https://cryptrz.org/wordpress/2025/03/02/quelques-outils-gratuits-pour-de-losint/

Quelques outils gratuit pour de l'OSINT

#OSINT #investigation

@Ljoz Sur le principe je ne suis même pas fan de Wine tout court, mais il y a des personnes que ça aide/rassure quand elles débarquent avec quelques années sous Windows :)

Ouvrir un fichier .exe avec un double-clic sous #Linux

https://cryptrz.org/wordpress/2025/02/28/ouvrir-un-fichier-exe-avec-un-double-clic-sous-linux/

A decentralized finance ( #DeFi ) protocol called zkLend suffered a $9.57 million loss due to a mathematical error in their lending system

https://rekt.news/zklend-rekt/

Developer creates endless #Wikipedia feed to fight algorithm addiction

https://arstechnica.com/gadgets/2025/02/new-wikitok-web-app-allows-infinite-tiktok-style-scroll-of-wikipedia/?utm_source=firefox-newtab-en-us

Fouillons un peu sur #Shodan

https://cryptrz.org/wordpress/2025/02/10/fouillons-un-peu-sur-shodan/

I drop there here

https://github.com/ytmdesktop/ytmdesktop

https://ytmdesktop.app

cryptrz :opensource: boosted:

DeepSeek iOS app sends data unencrypted to ByteDance-controlled servers
Apple's defenses that protect data from being sent in the clear are globally disabled.
https://arstechnica.com/security/2025/02/deepseek-ios-app-sends-data-unencrypted-to-bytedance-controlled-servers/?utm_brand=arstechnica&utm_social-type=owned&utm_source=mastodon&utm_medium=social

cryptrz :opensource: boosted:

Mozilla Firefox 135.0 est sorti ; notes de version https://www.mozilla.org/en-US/firefox/135.0/releasenotes/ bulletin de sécurité (impact élevé) https://www.mozilla.org/en-US/security/advisories/mfsa2025-07/ et page des nouveautés https://www.mozilla.org/fr/firefox/135.0/whatsnew/?oldversion=134.0.2

135.0 Firefox Release
February 4, 2025
Version 135.0, first offered to Release channel users on February 4, 2025
New
— Firefox Translations now supports more languages than ever! Pages in Simplified Chinese, Japanese, and Korean can now be translated and Russian is now available as a target language for translating into.
— The credit card autofill feature is now being gradually rolled out to all users globally. | This feature is part of a progressive roll out. What is a progressive roll out?
— AI Chatbot access is now being gradually rolled out to all users. To use this optional feature, choose AI Chatbot from the sidebar or from Firefox Labs. Then, complete the provider selection to see the chat interface become available on the sidebar. | This feature is part of a progressive roll out. What is a progressive roll out?
— Firefox now enforces certificate transparency, requiring web servers to provide sufficient proof that their certificates were publicly disclosed before they will be trusted. This only affects servers using certificates issued by a certificate authority in Mozilla's Root CA Program.
— Additionally, the CRLite certificate revocation checking mechanism is also being gradually rolled out, substantially improving the performance of these checks. | This feature is part of a progressive roll out. What is a progressive roll out?

$— The “Do Not Track” checkbox has been removed from preferences. If you wish to ask websites to respect your privacy, you can use the “Tell websites not to sell or share my data” setting instead. This option is built on top of the Global Privacy Control (GPC). — The "Copy Without Site Tracking" menu item was renamed to "Copy Clean Link" to help clarify expectations around what the feature does. "Copy Clean Link" is a list based approach to remove known tracking parameters from links. This option can also now be used on plain text links. — Linux binaries are now provided in XZ format, replacing the previous BZ2 format, offering faster unpacking and smaller file sizes. Developer | Developer Information — A warning is now displayed when content-visibility is used on elements where size containment does not apply. — Introduced a new console command $$$ that allows searching the page, including within shadow roots. — Enhancements to WebExtension debugging: Workers are now available in the Console panel’s context selector and breakpoints function correctly in content scripts. Web Platform — Added support for a post-quantum key exchange mechanism (mlkem768x25519) for HTTP/3. — The attribute values which indicate the coordinates of PointerEvent may now be fractional values rather than only integers. This allows web apps to handle the events with higher-precision coordinates when the target element is transitioned by CSS and/or the viewport is zoomed.$