Showing only posts tagged operational security. Show all posts.

Friday Squid Blogging: Influencer Accidentally Posts Restaurant Table QR Ordering Code

Source

Another rare security + squid story : The woman—who has only been identified by her surname, Wang—was having a meal with friends at a hotpot restaurant in Kunming, a city in southwest China. When everyone’s selections arrived at the table, she posted a photo of the spread on …

Using Hacked LastPass Keys to Steal Cryptocurrency

Source

Remember last November, when hackers broke into the network for LastPass—a password database—and stole password vaults with both encrypted and plaintext data for over 25 million users? Well, they’re now using that data break into crypto wallets and drain them: $35 million and counting, all going …

NSA on Supply Chain Security

Source

The NSA (together with CISA) has published a long report on supply-chain security: “ Securing the Software Supply Chain: Recommended Practices Guide for Suppliers. “: Prevention is often seen as the responsibility of the software developer, as they are required to securely develop and deliver code, verify third party components, and …

Security Vulnerabilities in Covert CIA Websites

Source

Back in 2018, we learned that covert system of websites that the CIA used for communications was compromised by —at least—China and Iran, and that the blunder caused a bunch of arrests, imprisonments, and executions. We’re now learning that the CIA is still “using an irresponsibly secured …