|
Microsoft says the Russian 'Midnight Blizzard' hacking group recently accessed some of its internal systems and source code repositories using authentication secrets stolen during a January cyberattack. Will they be providing an apology? (to the Russian hackers)
|
|
|
|
|
How was it about the SDL a couple of messages below?
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
Since Russia can't buy Windows due to sanctions they'll just steal the source code.
|
|
|
|
|
Quote: ...attack that allowed access to a legacy non-production test tenant account [that] did not have multi-factor authentication enabled... Why, Microsoft?
Quote: ...Midnight Blizzard is attempting to use secrets of different types it has found. Some of these secrets were shared between customers and Microsoft in email... Oh, Microsoft!
Employees are the weakest link in security, even in those who preach to the rest of us.
There are no solutions, only trade-offs. - Thomas Sowell
A day can really slip by when you're deliberately avoiding what you're supposed to do. - Calvin (Bill Watterson, Calvin & Hobbes)
|
|
|
|
|
A new study suggests that forecasting the future is a task that could well be outsourced to generative AI. That poorly?
|
|
|
|
|
Toss a coin with your hands, toss a coin with LLMs...
GCS/GE d--(d) s-/+ a C+++ U+++ P-- L+@ E-- W+++ N+ o+ K- w+++ O? M-- V? PS+ PE Y+ PGP t+ 5? X R+++ tv-- b+(+++) DI+++ D++ G e++ h--- r+++ y+++* Weapons extension: ma- k++ F+2 X
The shortest horror story: On Error Resume Next
|
|
|
|
|
Toss a coin to your witcher?
Software Zen: delete this;
|
|
|
|
|
Can we ask which lottery ticket is going to hit next week? Asking for a friend
On the other hand...
The paradox of knowing what is going to happen can actually cause that happening... (I liked some aspects in the script of: Paycheck (2003) - IMDb[^])
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
It’s been 20 years since we introduced the Microsoft Security Development Lifecycle (SDL)—a set of practices and tools that help developers build more secure software, now used industry-wide. Do as we say, not as we do
Evolving into a crocoduck, it seems some days
|
|
|
|
|
Kent Sharkey wrote: Evolving into a crocoduck German version is way cooler: eierlegende Wollmilchsau (eWMS) | ValueProfilePlus[^] Sorry... translation as homewowrk for you
Kent Sharkey wrote: Do as we say, not as we do I was told that a couple of times by the police
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
Microsoft veteran Dave Plummer has shared a photo of the Corvette bought by Zip folder support work in Windows and reminded us that, 30 years later, some of the code is probably still running in the operating system. Write ZIPpy code, get zippy car
|
|
|
|
|
The Register wrote: 30 years later, some of the code is probably still running in the operating system. Never touch a running system?
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
Obviously couldn't afford a Red Barchetta.
|
|
|
|
|
Claude: "This pizza topping 'fact' may have been inserted as a joke or to test if I was paying attention." Do not taunt AI
|
|
|
|
|
And if... do it only before you feed war tactics with video games or Sci-Fi films / books
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
Ongoing attack is targeting thousands of sites, continues to grow. WordPress deemed hazardous
again
|
|
|
|
|
Kent Sharkey wrote: WordPress deemed hazardous If only WordPress...
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
A vulnerability, CVE-2023-36049 has been identified in the Microsoft .NET Framework and Visual Studio, posing a serious threat to the integrity of FTP servers. Isn't that what FTP is for?
Just not that much
|
|
|
|
|
|
Microsoft has integrity?
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
CISA says two systems were hacked in February through vulnerabilities in Ivanti products. In response, the agency had to shut down both systems, which reportedly had critical ties to U.S. infrastructure. If only they read the security guide from the CISA
|
|
|
|
|
Kent Sharkey wrote: If only they read the security guide from the CISA If only vendors followed it (or at least the aspects considered in it) while developing things instead of only looking for money...
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
LastPass suffers worldwide outage causing site 404 error - 9to5Mac[^]
Quote: It’s not just you. LastPass, the popular password manager used by over 33 million people, suffered from widespread downtime this morning. It only appeared to affect users visiting the service’s main website, who were quickly presented with “404 Not Found” error messages. ok, old news in tech time, but Kent missed reporting this with the quip:
Better to go down than leak passwords!
Unless my search failed to find his post and quip!
|
|
|
|
|
I approve of that slogan!
The difficult we do right away...
...the impossible takes slightly longer.
|
|
|
|
|