The next SecuriTEA & Crumpets is out! Check out my chat with @Primed_Mover where we talk about Egress Filtering in AWS, his academic work, and #supplychain security #infosec#appsec https://t.co/uViIHMrPOj
Join us online or in person on January 27th with @Primed_Mover presenting:
"Egress Filtering in AWS; And other Sisyphean tasks"
Register now or check out our amazing schedule @ https://t.co/pvnwLQb1P7!
#cybersecurityconference#infosec#cc11
I've seen a lot of people asking "why does everyone think Twitter is doomed?"
As an SRE and sysadmin with 10+ years of industry experience, I wanted to write up a few scenarios that are real threats to the integrity of the bird site over the coming weeks.
THE FTX FIRST DAY DECLARATION
New CEO John Ray is scathing about Sam Bankman-Fried's management.
"Never in my career have I seen such a complete failure of corporate controls and such a complete absence of trustworthy financial information."
https://t.co/iTGlCA9olr
New Blog Post! Software Engineer Dean Liu takes us through how the Security team achieved egress network traffic filtering for all services at Lyft:
https://t.co/wuDPwJo8m7
“It’s almost like [Chinese company Bytedance] recognize[s] that technology’s influencing kids’ development, and they make their domestic version a spinach TikTok, while they ship the opium version to the rest of the world,” says Tristan Harris. https://t.co/Jro1FTGjKB
Dang y'all, we had so many incredible -- and some *spicy* -- submissions this year it has been so tough to narrow it down.
We should have confirmations sent to speakers by some time this weekend. Thanks to ALL OF YOU who submitted, it was tough competition this year!
#cc11
Oh, now this is a great step forward - the @FTC just released an order imposing security requirements on Drizly that not only require MFA be used internally, but that the MFA be phishing resistant:
https://t.co/6mrXvk3kXo
"Of course it's expensive to rent your computers from someone else. But it's never presented in those terms. The cloud is sold as computing on demand, which sounds futuristic and cool, and very much not like something as mundane as 'renting computers'." https://t.co/I7xDQEjPBa
Advertisers have been tracking how you browse, watch and shop online and IRL for years.
Now Uber will let brands target you based on where, exactly, you’re going at the moment — and where you’ve been.
https://t.co/UwQYT9EkJt
🛑 [NEWS] US video game publisher 2K has warned players of its titles not to click on links sent out by its help desk recently, as they are likely to be malicious > @philmuncaster reports https://t.co/xV8FWJ3LrQ #malware#passwordsecurity
It's great to see a company talk about the migration and some of the gotchas of migrating to FIDO2 enforcement. "Buy yubikeys" is NOT the work involved in these efforts. I'm baffled that neither Yubico nor Okta offer meaningful assistance in these migrations.
@1njection @MikeGizara4624 I uhhhh don't know what to tell you if you've never been to a conference with any payment for speakers, even if it's just a badge, dinner, and a gift card.
🎩 Confidential Computing Is for the Tinfoil Hat Brigade
@QuinnyPig's 🌶️ take: the threat model for confidential computing doesn't make sense
e.g. Preventing data access from cloud operators, malicious admins, privileged software like hypervisors
https://t.co/8nzzJbcrbf