Lmst

FYI ...Linux kernel bug handling process ...By Greg Kroah-Hartman

http://kroah.com/log/blog/2026/01/02/linux-kernel-security-work/

FYI ...Linux kernel bug handling process ...By Greg Kroah-Hartman

http://kroah.com/log/blog/2026/01/02/linux-kernel-security-work/

Kontinuierliches Pentesting wird zum Game-Changer bei der Kalkulation von Cyberversicherungsprämien: 28 % der Unternehmen erzielten bereits Prämienrabatte von bis zu 20 %. Wer technische Sicherheit regelmäßig nachweist, kann seine Cyberkosten signifikant senken – ein klarer Trend, der Versicherer und IT-Teams gleichermaßen bewegt.
#Aktuell #Anwendung #Securit...
https://www.it-finanzmagazin.de/kontinuierliches-pentesting-wird-zum-zentralen-faktor-der-cyberrisiko-bepreisung-237498/?fsp_sid=16259

The concept of "Cognitive Warfare" remains alarmingly undefined in the West, hampering our ability to develop effective countermeasures. In our latest episode, we examine how the battlefield is shifting from physical terrain to the human mind itself.

We analyze Dr. James Giordano's work on the weaponization of neuroscience and what it means for international security. Listen to "The Invisible Battlefield" https://youtu.be/vWnHA_mBmJA

#CognitiveWarfare #InfoWar #Securit #Policy #Neuroethics

A complex, layered Technical Conceptual Illustration. In the foreground, a disassembled drone, its geometric components cleanly laid out. In the mid-ground, a transparent globe where trade lines connecting continents are visibly breaking or being re-routed. In the background, a faint, large, glowing brain silhouette. The composition is structured and geometric, using leading lines to draw the eye from the drone, through the globe, to the brain. The lighting is soft and diffuse, with a single point source creating subtle glows on each element, representing the interconnected yet fragile nature of modern security. The mood is thoughtful and analytic.

Hmmm, da ich mir noch keine ansible playbook für das Generieren und das Rollout von Zertifikaten für Shibboleth geschrieben habe, verstehe ich auch nicht.

Am Schluss müsste ich ja noch den Inhalt in der DNF-AAI eintragen und die metadata.xml deployen.

Die müssen dann wieder auf die IDPs und dann den IDP neu starten.

Wenn die DFN-AAI eine API dafür hätte, wäre das noch besser.

Gut, alle drei Jahre per Hand ist auch nicht schlimm. Habe ja alles in der Historie

#adminlife #securit

Beveiligingsadvies NCSC-2024-0259 [1.00] [M/H] Kwetsbaarheden verholpen in Adobe Experience Manager

Adobe heeft een groot aantal kwetsbaarheden verholpen in Experience Manager. Een kwaadwillende kan de kwetsbaarheden misbruiken om beveiligingsmaatregelen te omzeilen en op diverse manieren een C...

Lees verder op: https://koelman.it/project/beveiligingsadvies-ncsc-2024-0259-1-00-m-h-kwetsbaarheden-verholpen-in-adobe-experience-manager/?feed_id=241&_unique_id=666bee6a70e39

#IT #securit...

Beveiligingsadvies NCSC-2024-0241 [1.00] [M/H] Kwetsbaarheden verholpen in FortiNet FortiWebManager

FortiNet heeft kwetsbaarheden verholpen in FortiWebManager. Een kwaadwillende kan de kwetsbaarheden misbruiken om een beveiligingsmaatregel te omzeilen en mogelijk handelingen uit te voeren waart...

Lees verder op: https://koelman.it/project/beveiligingsadvies-ncsc-2024-0241-1-00-m-h-kwetsbaarheden-verholpen-in-fortinet-fortiwebmanager/?feed_id=172&_unique_id=6662bc11a7f65

#IT #securit...

Beveiligingsadvies NCSC-2024-0238 [1.00] [M/H] Kwetsbaarheid verholpen in Check Point VPN producten

Check Point heeft een kwetsbaarheid verholpen in Quantum Gateway VPN systemen. Check Point meldt actieve pogingen tot misbruik waar te nemen. Door een path-traversal-bug kan een kwaadwillende toe...

Lees verder: https://koelman.it/project/beveiligingsadvies-ncsc-2024-0238-1-00-m-h-kwetsbaarheid-verholpen-in-check-point-vpn-producten/?feed_id=6&_unique_id=66598803a4632

#koelman #securit...

"As people turned to VPN services to avoid the blocks, Proton struggled to keep up. Over a weekend in March, engineers scrambled to buy more than 20 new servers to avert a crash of its entire network.

The battle took on a “Spy vs. Spy” dynamic in Proton’s headquarters. Mr. Yen said a network of people within the government, telecommunications firms and civil society groups had helped Proton operate in Russia

#VPN #cybersecurity #securit #privacy #war #russia #proton

https://www.nytimes.com/2022/12/06/technology/russia-internet-proton-vpn.html

Home Depot Is Selling Power Tools That Require Activation In-Store

Shoplifting is a major problem for many brick-and-mortar retail stores, and it seems that stealing and then selling power tools is a lucrative enterprise for some criminals. To combat this, Home Depot is starting to sell power tools that will not work unless they are activated at the checkout counter.

According to a 2020 survey in the US, "organized retail crime" cost retailers $719,548 per $1 billion dollars in revenue. One thief was recently arrested after stealing more than $17,000 worth of power tools from Home Depot. While many stores put high value items in locked display cases, Home Depot felt that this tactic would negatively affect sales, so they partnered with suppliers to add an internal kill switch. Although persistent criminals might find a way to deactivate this feature, it sounds like Home Depot is hoping that will be just enough trouble to convince most criminals to look for easier targets somewhere else.

We would be really interested in getting our hands on one of these power tools to see what this kill switch looks like and how it works. Something like a Bluetooth activated relay is one option, or maybe even something that is integrated directly in the motor controller. If it were up to use, we would probably pick something that receives power wirelessly using a coil and requires a unique code. For their sake, we hope it's not something that can be deactivated with just a large magnet.

Thanks for the tip [Garth Bock]!

#toolhacks #homedepot #powertools #securit

#Securit

Client Info