Richi Jennings<p><a href="https://vmst.io/tags/Zuckerberg" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Zuckerberg</span></a>’s privacy pledge revealed as ineffectual</p><p>Millions of websites are leaking your private information to <a href="https://vmst.io/tags/Meta" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Meta</span></a>, the parent company of <a href="https://vmst.io/tags/Facebook" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Facebook</span></a>, <a href="https://vmst.io/tags/Instagram" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Instagram</span></a>, etc. By hacking <a href="https://vmst.io/tags/Android" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Android</span></a> browser features in ways that were never intended, Meta is tracking you all the way around the web—with no disclosure nor oversight.</p><p>Incognito mode doesn’t stop it; neither does blocking 3rd-party cookies. Russian social giant <a href="https://vmst.io/tags/Yandex" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Yandex</span></a> is doing it too.</p><p>As soon as researchers disclosed the <a href="https://vmst.io/tags/LocalMess" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LocalMess</span></a> problem, Meta stopped it—for now. In <a href="https://vmst.io/tags/SBBlogwatch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SBBlogwatch</span></a>, we go live in a cave.</p><p><a href="https://securityboulevard.com/2025/06/meta-local-mess-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">securityboulevard.com/2025/06/</span><span class="invisible">meta-local-mess-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
eupolicy.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
This Mastodon server is a friendly and respectful discussion space for people working in areas related to EU policy. When you request to create an account, please tell us something about you.
Administered by:
Server stats:
217active users
eupolicy.social: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.8
#sbblogwatch
1 post · 1 participant · 0 posts today
Richi Jennings<p><a href="https://vmst.io/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Security</span></a> fixes and other updates will be “orchestrated” by Redmond’s own <a href="https://vmst.io/tags/update" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>update</span></a> tool.</p><p><a href="https://vmst.io/tags/WindowsUpdate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WindowsUpdate</span></a> keeps <a href="https://vmst.io/tags/Windows" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Windows</span></a> updated (well, duh). It can also update some “other <a href="https://vmst.io/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Microsoft</span></a> products,” if you let it. Soon, it’ll be able to do the same for other companies’ apps.</p><p>But WHY must <a href="https://vmst.io/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Microsoft</span></a> misuse the concept of <a href="https://vmst.io/tags/orchestration" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>orchestration</span></a> to describe it? Messy musical metaphors aside, this seems like a good idea. In <a href="https://vmst.io/tags/SBBlogwatch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SBBlogwatch</span></a>, we wave a baton.</p><p>@TheFuturumGroup @TechstrongGroup @SecurityBlvd: <a href="https://securityboulevard.com/2025/05/windows-update-open-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">securityboulevard.com/2025/05/</span><span class="invisible">windows-update-open-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc</span></a> $MSFT</p>
Richi Jennings<p>Researchers find we’ll need 20 times fewer qubits to break conventional encryption than previously believed.</p><p>A new paper puts a fire under DevOps, IT teams and anyone else using modern RSA—or similar public-key cryptosystems. Factoring big primes now seems much, much easier for <a href="https://vmst.io/tags/QuantumComputers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>QuantumComputers</span></a> than we thought even a few years ago.</p><p>Of course, the Devil is in the details. In <a href="https://vmst.io/tags/SBBlogwatch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SBBlogwatch</span></a>, we never shy away from detail.</p><p>@TheFuturumGroup @TechstrongGroup @SecurityBlvd: <a href="https://securityboulevard.com/2025/05/quantum-rsa-20x-gidney-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">securityboulevard.com/2025/05/</span><span class="invisible">quantum-rsa-20x-gidney-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc</span></a></p>
Richi Jennings<p>Privacy-first messenger blocks <a href="https://vmst.io/tags/MicrosoftRecall" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MicrosoftRecall</span></a></p><p><a href="https://vmst.io/tags/Recall" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Recall</span></a>, <a href="https://vmst.io/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Microsoft</span></a>’s “magical” AI tool that watches everything you do, is back. But the team behind private messaging app <a href="https://vmst.io/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Signal</span></a> aren’t happy about it—they’ve added a feature to stop Recall taking screenshots of your chats.</p><p>As you might recall, Recall was initially dubbed a “<a href="https://vmst.io/tags/privacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>privacy</span></a> disaster,” before being “delayed indefinitely.” But Microsoft tweaked and relaunched it. And in <a href="https://vmst.io/tags/SBBlogwatch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SBBlogwatch</span></a>, people aren’t entirely happy about that.</p><p>@TheFuturumGroup @TechstrongGroup @SecurityBlvd: <a href="https://securityboulevard.com/2025/05/signal-recall-drm-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">securityboulevard.com/2025/05/</span><span class="invisible">signal-recall-drm-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc</span></a></p>
Richi Jennings<p>Three major British retailers recently attacked, resulting in huge damage. Now we see the self-same scum spotlighting stores in the States.</p><p>Google’s Mandiant threat intelligence team issued this dire warning yesterday. The scrotes appear to be <a href="https://vmst.io/tags/UNC3944" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UNC3944</span></a>, a/k/a <a href="https://vmst.io/tags/ScatteredSpider" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ScatteredSpider</span></a>, a casual confederacy of criminals wielding <a href="https://vmst.io/tags/DragonForce" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DragonForce</span></a> <a href="https://vmst.io/tags/ransomware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ransomware</span></a>.</p><p>“Shields up, U.S. retailers,” quipped Mandiant’s chief analyst. In <a href="https://vmst.io/tags/SBBlogwatch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SBBlogwatch</span></a>, we hail the Kobayashi Maru.</p><p>@TheFuturumGroup @TechstrongGroup @SecurityBlvd: <a href="https://securityboulevard.com/2025/05/scattered-spider-us-retail-google-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">securityboulevard.com/2025/05/</span><span class="invisible">scattered-spider-us-retail-google-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc</span></a></p>
Richi Jennings<p>EU Vulnerability Database (<a href="https://vmst.io/tags/EUVD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>EUVD</span></a>) launches this week. And not a moment too soon.</p><p>The EU Agency for Cybersecurity (<a href="https://vmst.io/tags/ENISA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ENISA</span></a>) has brought EUVD out of beta. Born from a 2022 EU law, EUVD will work alongside MITRE’s Common Vulnerabilities and Exposures database (<a href="https://vmst.io/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE</span></a>)—the future of which is still hazy after last month’s last-minute funding reprieve.</p><p>ENISA executive director Juhan Lepassaar (pictured) is keen to get on with the job. In <a href="https://vmst.io/tags/SBBlogwatch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SBBlogwatch</span></a>, we take this kiss throughout the world.</p><p>@TheFuturumGroup @TechstrongGroup @SecurityBlvd: <a href="https://securityboulevard.com/2025/05/euvd-launch-cve-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">securityboulevard.com/2025/05/</span><span class="invisible">euvd-launch-cve-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc</span></a></p>
Richi Jennings<p>21 million screenshots in one open bucket.</p><p>Workplace surveillance system <a href="https://vmst.io/tags/WorkComposer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WorkComposer</span></a> is under fire this week, for storing sensitive data with ZERO <a href="https://vmst.io/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a>. The hapless firm saved more than 21 million screenshots from 200,000 users’ work PC screens—and popped them in an open <a href="https://vmst.io/tags/AmazonWebServices" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AmazonWebServices</span></a> <a href="https://vmst.io/tags/S3" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>S3</span></a> bucket.</p><p>Hackers could have easily stolen company secrets—and personal ones, too. In <a href="https://vmst.io/tags/SBBlogwatch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SBBlogwatch</span></a>, we can’t quite believe it.</p><p>@TheFuturumGroup @TechstrongGroup @SecurityBlvd: <a href="https://securityboulevard.com/2025/04/21m-screenshots-open-s3-bucket-workcomposer-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">securityboulevard.com/2025/04/</span><span class="invisible">21m-screenshots-open-s3-bucket-workcomposer-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc</span></a></p>
Richi Jennings<p><a href="https://vmst.io/tags/PigButchering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PigButchering</span></a> and other serious scams still thriving, despite crackdowns in Dubai and Myanmar</p><p>Organized crime groups use hundreds of thousands of slaves to scam tens of billions of dollars from victims. That’s the stark warning from the <a href="https://vmst.io/tags/UnitedNations" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UnitedNations</span></a> this week, pointing to massive fraud factories moving into “vulnerable” parts of Asia.</p><p>The UN researchers say we’ve reached a tipping point in the scale of such serious scams. In <a href="https://vmst.io/tags/SBBlogwatch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SBBlogwatch</span></a>, we wallow in glorious mud.</p><p>@TheFuturumGroup @TechstrongGroup @SecurityBlvd: <a href="https://securityboulevard.com/2025/04/un-scam-warning-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">securityboulevard.com/2025/04/</span><span class="invisible">un-scam-warning-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc</span></a></p>
Richi Jennings<p>U.S. government funding for the Common Vulnerabilities and Exposures program expires April 16.</p><p>The security industry is panicking over the potential loss of the <a href="https://vmst.io/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE</span></a> program. Run by the <a href="https://vmst.io/tags/MITRE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MITRE</span></a> non-profit, the CVE database is a critical tool for tracking the status of vulnerabilities.</p><p><a href="https://vmst.io/tags/CISA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CISA</span></a> just announced a temporary reprieve, but the dangers are obvious. In <a href="https://vmst.io/tags/SBBlogwatch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SBBlogwatch</span></a>, we look for the opportunities.</p><p>@TheFuturumGroup @TechstrongGroup @SecurityBlvd: <a href="https://securityboulevard.com/2025/04/mitre-cve-funding-crisis-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">securityboulevard.com/2025/04/</span><span class="invisible">mitre-cve-funding-crisis-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc</span></a></p>
Richi Jennings<p>Larry’s PR angels desperately dance on the head of a pin.</p><p><a href="https://vmst.io/tags/Oracle" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Oracle</span></a> is now admitting that, yes, an <a href="https://vmst.io/tags/OracleCloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OracleCloud</span></a> service was breached—or so we’re told by deep throat sources. This is, of course, despite last week’s vehement denials.</p><p>Yet it’s still not official. And Oracle seems to be justifying its previous denial with a semantic sleight-of-hand worthy of Bill Clinton. In <a href="https://vmst.io/tags/SBBlogwatch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SBBlogwatch</span></a>, we see men tic.</p><p>@TheFuturumGroup @TechstrongGroup @SecurityBlvd: <a href="https://securityboulevard.com/2025/04/oracle-cloud-breach-redux-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">securityboulevard.com/2025/04/</span><span class="invisible">oracle-cloud-breach-redux-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc</span></a></p>
Richi Jennings<p>Chinese firm banned by U.S. is shady entity behind a clutch of free VPN apps—with over 1M downloads.</p><p>Apple and Google are under fire for failing to vet the ownership of at least 20 <a href="https://vmst.io/tags/VPN" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VPN</span></a> apps. Researchers have fingered <a href="https://vmst.io/tags/Qihoo360" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Qihoo360</span></a> as the entity behind at least five of them—the company is banned from the U.S. for its links to the Chinese military. The other 15 are also China owned, but keep it a secret.</p><p><a href="https://vmst.io/tags/Apple" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Apple</span></a> is getting the worst of the criticism, thanks to its infamous privacy promise. In <a href="https://vmst.io/tags/SBBlogwatch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SBBlogwatch</span></a>, we don’t think it’s worth the paper it’s printed on. @TheFuturumGroup @TechstrongGroup @SecurityBlvd: <a href="https://securityboulevard.com/2025/04/app-stores-oked-vpns-run-by-china-pla/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">securityboulevard.com/2025/04/</span><span class="invisible">app-stores-oked-vpns-run-by-china-pla/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc</span></a></p>
Richi Jennings<p>Larry Ellison’s PR pukes desperately follow the script.</p><p>A hacker claims to have breached <a href="https://vmst.io/tags/OracleCloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OracleCloud</span></a> Infrastructure (OCI), stealing 6,000,000 records. But <a href="https://vmst.io/tags/Oracle" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Oracle</span></a> Corp. says that’s not true.</p><p>However, many customers confirmed the data is genuine. Several researchers point to a four-year-old critical vulnerability as the hacker’s entry point. But still Oracle keeps up the pretense.</p><p>“There has been no breach,” the PR flaks cry. In <a href="https://vmst.io/tags/SBBlogwatch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SBBlogwatch</span></a>, we cry too. @TheFuturumGroup @TechstrongGroup @SecurityBlvd: <a href="https://securityboulevard.com/2025/03/oracle-cloud-breach-deny-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">securityboulevard.com/2025/03/</span><span class="invisible">oracle-cloud-breach-deny-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc</span></a></p>
Richi Jennings<p>Personal genomics firm tells customers your data is safe—but few will trust the loss-making biotech pioneer.</p><p>CEO Anne Wojcicki has quit <a href="https://vmst.io/tags/23andMe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>23andMe</span></a>. The board wouldn’t let her take it private. And now the company is heading into <a href="https://vmst.io/tags/bankruptcy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bankruptcy</span></a> protection, raising concerns about privacy, potential government access to the data and the company’s future business practices under new owners.</p><p>Should you be worried about your genetics ending up in the wrong hands? In <a href="https://vmst.io/tags/SBBlogwatch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SBBlogwatch</span></a>, we are. @TheFuturumGroup @TechstrongGroup @SecurityBlvd: <a href="https://securityboulevard.com/2025/03/23andme-bankrupt-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">securityboulevard.com/2025/03/</span><span class="invisible">23andme-bankrupt-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc</span></a></p>
Richi Jennings<p>Redmond blames <a href="https://vmst.io/tags/Windows" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Windows</span></a> users, rather than solve 30-year-old bug—exploited since 2017.</p><p>Researchers found a nasty Windows vulnerability, but <a href="https://vmst.io/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Microsoft</span></a> sat on it for six months. It’s easy to exploit and it allows full control over the victim’s PC. At least 11 threat groups have been exploiting it for years.</p><p>And yet, Microsoft still refuses to fix it. In <a href="https://vmst.io/tags/SBBlogwatch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SBBlogwatch</span></a>, we ask, “When is a bug not a bug?” </p><p>@TheFuturumGroup @TechstrongGroup @SecurityBlvd: <a href="https://securityboulevard.com/2025/03/windows-shortcut-lnk-zdi-can-25373-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">securityboulevard.com/2025/03/</span><span class="invisible">windows-shortcut-lnk-zdi-can-25373-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc</span></a></p>
Richi Jennings<p>No, Elon — X DDoS was NOT by Ukraine</p><p><a href="https://vmst.io/tags/X" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>X</span></a> marks the botnet: <a href="https://vmst.io/tags/Outage" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Outage</span></a> outrage was a Ukrainian cyberattack, implies our favorite African billionaire comedy villain.</p><p>The social media platform formerly known as <a href="https://vmst.io/tags/Twitter" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Twitter</span></a> went offline earlier this week. It was swamped by wave after wave of distributed denial of service attacks (DDoS). Now-owner <a href="https://vmst.io/tags/ElonMusk" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ElonMusk</span></a> (pictured) has been telling everyone the <a href="https://vmst.io/tags/DDoS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DDoS</span></a> traffic came from Ukraine.</p><p>O RLY? That’s “garbage,” say experts. In <a href="https://vmst.io/tags/SBBlogwatch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SBBlogwatch</span></a>, we never stopped calling it Twitter. </p><p>@TheFuturumGroup @TechstrongGroup @SecurityBlvd: <a href="https://securityboulevard.com/2025/03/elon-musk-x-ddos-ukraine-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">securityboulevard.com/2025/03/</span><span class="invisible">elon-musk-x-ddos-ukraine-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc</span></a></p>
Richi Jennings<p>‘Ban These Chinese Routers NOW,’ Cries House Committee<br>TP-Link in crosshairs, along with other brands.</p><p><a href="https://vmst.io/tags/Chinese" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Chinese</span></a> consumer-grade networking gear is a dangerous <a href="https://vmst.io/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> threat, argue these fine gentlemen. Rep. Raja Krishnamoorthi (D-Illinois), Rob Joyce (former NSA director of cybersecurity) and Rep. John Moolenaar (R-Michigan) have hatched a plan to eradicate TP-Link routers and other plastic pigs from our homes.</p><p><a href="https://vmst.io/tags/TPLINK" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TPLINK</span></a> on the other hand, is spitting feathers, arguing it’s not been a “Chinese” company for years. In <a href="https://vmst.io/tags/SBBlogwatch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SBBlogwatch</span></a>, we get familiar with <a href="https://vmst.io/tags/OpenWRT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenWRT</span></a>. </p><p><a href="https://securityboulevard.com/2025/03/krishnamoorthi-joyce-moolenaar-tp-link-china-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">securityboulevard.com/2025/03/</span><span class="invisible">krishnamoorthi-joyce-moolenaar-tp-link-china-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc</span></a></p>
Richi Jennings<p>End-to-end <a href="https://vmst.io/tags/encryption" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>encryption</span></a> battle continues.</p><p><a href="https://vmst.io/tags/Apple" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Apple</span></a> appeals a United Kingdom government order to create a back door in the <a href="https://vmst.io/tags/iCloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>iCloud</span></a> storage service. As we learned last month, those pesky Brits are demanding Apple break its end-to-end encryption, also known as Advanced Data Protection (<a href="https://vmst.io/tags/ADP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ADP</span></a>).</p><p>(We only know this because secret sources spoke to Tim Bradshaw and Lucy Fisher. Said secret sources revealed the secret complaint to the UK’s Investigatory Powers Tribunal, appealing the secret order—in secret.)</p><p>As always with attempts to break <a href="https://vmst.io/tags/E2EE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>E2EE</span></a>, the math ain’t mathing. In <a href="https://vmst.io/tags/SBBlogwatch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SBBlogwatch</span></a>, we worry about dumb pols: <a href="https://securityboulevard.com/2025/03/apple-appeals-uk-adp-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">securityboulevard.com/2025/03/</span><span class="invisible">apple-appeals-uk-adp-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc</span></a></p>
Richi Jennings<p>It’s been SEVEN MONTHS, but Tim’s crew is yet to fix the bugs.</p><p>Academic researchers discovered a vuln chain in Apple’s <a href="https://vmst.io/tags/FindMy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FindMy</span></a>’ network. Dubbed <a href="https://vmst.io/tags/nRootTag" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nRootTag</span></a>, it allows hackers to track any Bluetooth device without the owner’s knowledge.</p><p>Breaking news: <a href="https://vmst.io/tags/Apple" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Apple</span></a> has finally begun to partially patch the flaws, but only in *some* OS versions. Researchers warn a full fix “will take years,” in part because you can’t update the <a href="https://vmst.io/tags/AirTag" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AirTag</span></a>s themselves. In <a href="https://vmst.io/tags/SBBlogwatch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SBBlogwatch</span></a>, we disable dental protocols. @TheFuturumGroup @TechstrongGroup @SecurityBlvd: <a href="https://securityboulevard.com/2025/02/nroottag-apple-find-my-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">securityboulevard.com/2025/02/</span><span class="invisible">nroottag-apple-find-my-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc</span></a> <a href="https://vmst.io/tags/AAPL" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AAPL</span></a></p>
Richi Jennings<p>Memory safety: GOOD. Cheese motion: BAD.</p><p>The big debate over using <a href="https://vmst.io/tags/Rust" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Rust</span></a> in the <a href="https://vmst.io/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Linux</span></a> kernel continues. After one of Linus Torvalds’ ALL CAPS interventions last week, kernel 2IC Greg Kroah-Hartman wades in with a please-and-thank-you follow-up.</p><p>In case we were in any doubt, it’s now clear the memory-safe language is really happening in the <a href="https://vmst.io/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Linux</span></a> kernel. In <a href="https://vmst.io/tags/SBBlogwatch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SBBlogwatch</span></a>, we walk off sideways. @TheFuturumGroup @TechstrongGroup @SecurityBlvd: <a href="https://securityboulevard.com/2025/02/rust-linux-war-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">securityboulevard.com/2025/02/</span><span class="invisible">rust-linux-war-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc</span></a></p>
Richi Jennings<p>Scrotes chain three flaws to take full control—seems pretty easy.</p><p>Hackers are actively exploiting a Palo Alto Networks firewall bug. The vulnerability allows root-level access to firewalls running PAN-OS. IT drones are urged to patch immediately.</p><p>People are pointing the finger towards Palo Alto. In <a href="https://vmst.io/tags/SBBlogwatch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SBBlogwatch</span></a>, we watch the blame-game play out. @TheFuturumGroup @TechstrongGroup @SecurityBlvd: <a href="https://securityboulevard.com/2025/02/palo-alto-networks-pan-os-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">securityboulevard.com/2025/02/</span><span class="invisible">palo-alto-networks-pan-os-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc</span></a></p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload