admin - mastodon.bida.im @admin

Recent searches

Search options

Not available on mastodon.bida.im.

0 posts0 participants0 posts today

**Bart Louwers** @bart@floss.social · Sep 8, 2024

Sep 8, 2024

I’ll be in #London tomorrow with some time to kill. Feels like a waste to just work in my hotel. If you want to meet up or have tips, let me know!

Attending the #OpenJS Vizualization Summit at the Microsoft offices Tuesday and Wednesday. Mostly as an excuse to meet my #MapLibre colleagues.

**ADMIN magazine** @adminmagazine@hachyderm.io · Apr 18, 2024

Apr 18, 2024

ADMIN magazine @adminmagazine@hachyderm.io

Following the XZ Utils attack, @openssf and @openjsf urge open source project maintainers to be alert for social engineering takeover attempts https://www.admin-magazine.com/News/OpenSSF-Issues-Guidance-to-Help-Prevent-Social-Engineering-Attacks #security #OpenSource #SocialEngineering #XZattack #OpenSFF #OpenJS #LinuxFoundation #2FA #MFA #phishing

ADMIN MagazineOpenSSF Issues Guidance to Help Prevent Social... » ADMIN MagazineThe recent attempted XZ Utils attack may not be an isolated incident, and project maintainers are urged to watch for unusual activity, according to...

**Redhotcyber** @redhotcyber · Apr 17, 2024

Apr 17, 2024

Redhotcyber @redhotcyber

OpenJS nel mirino. Sventata una nuova backdoor simile a XZ Utils

Recentemente gli #esperti di sicurezza #informatica hanno sventato con successo un tentativo di #hackeraggio di un #progetto sulla piattaforma #OpenJS, che in termini generali è molto simile al recente incidente di backdoor nell’utilità di #compressione #XZUtils.

#redhotcyber #online #it #web #ai #hacking #privacy #cybersecurity #cybercrime #intelligence #intelligenzaartificiale #informationsecurity #ethicalhacking #dataprotection #cybersecurityawareness #cybersecuritytraining #cybersecuritynews #infosecurity

https://www.redhotcyber.com/post/sventato-un-attacco-backdoor-ad-openjs-rischio-simile-a-xz-utils/

il blog della sicurezza informaticaOpenJS nel mirino. Sventata una nuova backdoor simile a XZ UtilsEsperti di sicurezza informatica hanno respinto un tentativo di hackeraggio su OpenJS, simile al recente incidente con XZ Utils. Scopri i dettagli dell'attacco e le strategie di difesa contro aggressivi tentativi di acquisizione di progetti open source.

**Jan Schaumann** @jschauma@mstdn.social · Apr 16, 2024

Apr 16, 2024

Jan Schaumann @jschauma@mstdn.social

Excellent summary by Solar Designer on oss-security of what's happened in the last two weeks in response to the #xz #backdoor:

https://www.openwall.com/lists/oss-security/2024/04/16/5

Noteworthy:
- #OpenSSH implemented systemd notification
- #systemd moves to dlopen(3) for some dependencies
- another detailed timeline at https://research.swtch.com/xz-timeline
- similar social engineering takeover attempts suspected in #OpenJS and #OpenSSF

www.openwall.comoss-security - Re: backdoor in upstream xz/liblzma leading to ssh server compromise

**Sam Stepanyan** @securestep9@infosec.exchange · Apr 16, 2024 *

Apr 16, 2024 *

Sam Stepanyan @securestep9@infosec.exchange

#OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt in a manner similar to the recent XZ incident:
#SoftwareSupplyChainSecurity

https://thehackernews.com/2024/04/openjs-foundation-targeted-in-potential.html

The Hacker NewsOpenJS Foundation Targeted in Potential JavaScript Project Takeover AttemptSecurity researchers uncover a "credible" takeover attempt on the OpenJS Foundation, mirroring a recent incident with XZ Utils.

Replied to Matt "msw" Wilson

**Matt "msw" Wilson** @msw@mstdn.social · Apr 15, 2024

Apr 15, 2024

Matt "msw" Wilson @msw@mstdn.social

Free and Open Source software communities are anything *but* “fragile” in light of recent failed attacks.

They are smart. They are vigilant. They are resilient.

But they also need support from institutions given the resources attackers may have.

#OpenSource #FreeSoftware #FOSS

**Matt "msw" Wilson** @msw@mstdn.social · Apr 15, 2024

Apr 15, 2024

Matt "msw" Wilson @msw@mstdn.social

Open Source Security (OpenSSF) and OpenJS Foundations Issue Alert for Social Engineering Takeovers of Open Source Projects

XZ Utils cyberattack likely not an isolated incident

#OpenSource #FreeSoftware #FOSS #OSS #InfoSec #XZ #OpenJS #OpenSSF #Linux

https://openjsf.org/blog/openssf-openjs-alert-social-engineering-takeovers

OpenJS FoundationOpen Source Security (OpenSSF) and OpenJS Foundations Issue Alert for Social Engineering Takeovers of Open Source Projects | OpenJS FoundationXZ Utils cyberattack likely not an isolated incident

**Timo Tijhof** @krinkle@fosstodon.org · Oct 20, 2023 *

Oct 20, 2023 *

Timo Tijhof @krinkle@fosstodon.org

How does Wikimedia approach security and performance?

We're quite selective in our dependencies and often audit the sources ourselves. Progressive enhancement makes for a blazing fast and accessible site, and, I argue, it's also the cheaper choice in the long run!

https://timotijhof.net/posts/2023/wikimedia-balances-security-and-openness/

timotijhof.net · Oct 19, 2023How we balance security and openness at WikimediaHow does an open philosophy jive with best practices in performance and security? In short, we're selective in our dependencies and audit our own upstream sources. Progressive enhancement not only makes for a fast and accessible site, I argue it's also the cheaper choice in the long run!

#mediawiki #Wikipedia #OpenJS

Drag & drop to upload

Recent searches

Search options

Administered by:

Server stats:

#openjs

Recent searches

Search options

Administered by:

Server stats:

OpenJSBack

#openjs