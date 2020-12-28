Security Leftovers
-
Finnish Parliament targeted in hacking, e-mails of lawmakers possibly compromised
Muurman told Helsingin Sanomat that the identify of the attacker or attackers has yet been determined and that it remains premature to speculate whether or not they can be brought to justice.
-
How A Cybersecurity Firm Uncovered The Massive Computer [Attack]
Multiple U.S. agencies were successfully [cracked], including the departments of State, Treasury, Commerce, Energy and Homeland Security as well as the National Institutes of Health.
The [attackers] attached their malware to a software update from Austin, Texas-based company SolarWinds, which makes software used by many federal agencies and thousands of private companies to monitor their computer networks.
-
Microsoft: SolarWinds hackers' goal was the victims' cloud data [Ed: Damage limitation efforts by Microsoft, with their PR amplified by friendly sites]
As the Microsoft 365 Defender Team explains, after infiltrating a target's network with the help of the Sunburst backdoor, the attackers' goal is to gain access to the victims' cloud assets.
[...]
The threat actors behind the SolarWinds hack first had to compromise the SolarWinds Orion Platform build system and abuse it to deliver a backdoor injected as a legitimate DLL via the software update system.
Once the DLL is loaded after the application is started, the backdoor would reach out to its command-and-control server and allow the threat actors to infiltrate the network.
-
- Login or register to post comments
- Printer-friendly version
- 615 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
Security Leftovers
Arduino Projects: Standing Desk, Plotter and Trombone
Devices: Heterogeneous System Architecture (HSA) and Various Low-Cost Boards Including Raspberry Pi 400
Brave adds support for IPFS distributed P2P websites
The Brave browser recently added support for the InterPlanetary File System (IPFS) protocol in its beta release channel (desktop only). IPFS is a peer-to-peer (P2P) protocol that can be used in web browsers to visit websites that are hosted by the website’s visitors instead of a central web server. This is called the distributed web. For the last two decades, the open web has been on a steady course into the hands of a few behemoth multinational companies. The distributed web is a tool that can wrangle back control from the few and hand it back to the many. The distributed web still hasn’t gone mainstream, and Brave’s one percent market share won’t drastically change the web’s architecture overnight. Brave’s adoption of IPFS is notable because it’s the first time an externally developed P2P protocol makes it into a web browser. Previous attempts at a P2P web browser, such as BitTorrent Maelstrom, has always been lead by the developers of the protocol. No P2P protocol has convinced a web browser vendor to integrate their protocol before. Previously, you’ve only been able to use IPFS in web browsers by installing a separate program and a companion extension in your web browser. Brave now comes with native built-in IPFS support. Its support isn’t quite equivalent to HyperText Transfer Protocol (HTTP) yet, but it’s a huge leap forward for IPFS. When you open an IPFS link (ipfs://example/) in Brave, it will open it using a public web-gateway server by default. Gateways are public web servers that proxy content from the IPFS network via a traditional web server. Brave will also prompt you to enable native IPFS support, and warns you about IPFS privacy issues. More on the IPFS privacy issues later. Brave hasn’t developed a new implementation of IPFS. Instead, Brave ships the IPFS reference client and runs it as a helper process. I had wrongly assumed that js-ipfs, an almost fully-featured IPFS client written in JavaScript, would be the foundation of the first browser to ship with IPFS integration. Brave launches the IPFS daemon on demand when you access IPFS content. It doesn’t launch it with the browser when it’s not needed.
Recent comments
1 hour 59 min ago
2 hours 7 min ago
5 hours 42 min ago
8 hours 39 min ago
8 hours 41 min ago
8 hours 59 min ago
9 hours 1 min ago
9 hours 13 min ago
14 hours 6 min ago
14 hours 8 min ago