A key compromised from a crash dump (and the many, many lessons that followed), more examples of mishandling secrets, URL parsing mismatches show path traversal works well in Rust, an old Linux kernel bug shows how brittle code can be (even when it's heavily audited), an example of keeping OSS projects alive, a quick note on BLASTPASS, and a look a...
The central crime of "Yours Truly, Johnny Dollar," a new crowdfunded comic series created by a cybersecurity professional, focuses on one of the most lucrative forms of crime in the real world today: ransomware.
Openfire, Firepower, Barracuda, CosmicBeetle, Lazarus, Encryption, Network Tourism, India's on the Moon, Aaran Leyland, and More on this edition of the Security Weekly News.
Meta has announced that Messenger will have default end-to-end encryption by year-end as it expanded the feature to millions more accounts earlier this week, reports The Hacker News.
The flaw affects OpenSSL versions 1.02, 1.1.1, and 3.0, all of which have been patched. OpenSSL is a core component of Unix and Linux-based systems, and is also bundled into software applications that run on Windows.
