Dec
15
2021
- When was the last time the security team gave you personalized advice?
- When was the last time the security team or even IT team asked for your permission before they made a change to your laptop?
- When was the last time the security team asked you for your thoughts on security risks you see in your daily workflow?
- Can you recall that time where they asked you how upcoming security changes to your device would impact your daily workflow?
Good questions, read more at:
Sou
Source: Honest Security
no comments | posted in security
Dec
15
2021
Ja so ist Java (JNDI/RMI/….):
Man muss sich das wie einen Dreijährigen vorstellen, der sich jede Klasse in den Mund steckt, um herauszufinden, wie sie schmeckt und ob sie sich ausführen lässt.
Leider war:
Code. Ist. Nicht. Dein. Freund.
Ganz besonders nicht dynamisch aus dem Internet nachgeladener Code.
Quelle: Kommentar zu Log4j: Es funktioniert wie spezifiziert | heise online
no comments | posted in security
Jan
16
2019
This security checklist should be mandatory for anyone who is using a computer or mobile device. It is an open source checklist of resources designed to improve your online privacy and security. Check things off to keep track as you go.
Quelle: Security Checklist
no comments | tags: security | posted in security