Language Selection

English French German Italian Portuguese Spanish

Security FUD

Filed under
Security
  • New Python-based Ransomware Encrypts Virtual Machines Quickly [Ed: This make it sound like a Python issue, but it is a proprietary software issue completely irrelevant to the programming language]

    VMware ESXi datastores rarely have endpoint protection, the researchers noted, and they host virtual machines (VMs) that likely run critical services for the business, making them a very attractive target for hackers. In the threat landscape, it’s like winning the jackpot.

  • Missouri Governor Vows to Prosecute St. Louis Post-Dispatch for Reporting Security Vulnerability

    On Wednesday, the St. Louis Post-Dispatch ran a story about how its staff discovered and reported a security vulnerability in a Missouri state education website that exposed the Social Security numbers of 100,000 elementary and secondary teachers. In a press conference this morning, Missouri Gov. Mike Parson (R) said fixing the flaw could cost the state $50 million, and vowed his administration would seek to prosecute and investigate the “hackers” and anyone who aided the publication in its “attempt to embarrass the state and sell headlines for their news outlet.”

  • Missouri governor threatens criminal prosecution of reporter who found security flaw in state site

    Hancock reports, "The Post-Dispatch discovered the vulnerability in a web application that allowed the public to search teacher certifications and credentials. The Department removed the affected pages from its website Tuesday after being notified of the problem by the Post-Dispatch. Based on state pay records and other data, more than 100,000 Social Security numbers were vulnerable. The newspaper delayed publishing this report to give the Department time to take steps to protect teachers' private information, and to allow the state to ensure no other agencies' web applications contained similar vulnerabilities."

  • Missouri goes after man who looked at source code on state site

    A newspaper in St Louis, Missouri, which discovered that the social security numbers of school teachers, administrators and counsellors across the state were publicly exposed and informed the authorities, has been threatened with unspecified action by the state's governor.

  • Missouri Governor Is Extremely Confused About What Constitutes ‘Hacking’

    Reporter Josh Renaud was browsing a Department of Elementary and Secondary Education web application that lets users search for teachers’ certifications and credentials when he looked at the site’s HTML source code (something that usually requires zero hacking skills, only the use of a right-click). In the source code, he found sensitive data belonging to the state’s teachers, including Social Security numbers and other private information.

  • No it isn’t: Missouri governor says viewing HTML source code containing private data the state published on every page, is a crime

    Republican Gov. Mike Parson on Thursday condemned one of Missouri’s largest newspapers for exposing a flaw in a state database that allowed public access to thousands of teachers’ Social Security numbers, even though the paper held off from reporting about the flaw until after the state could fix it.

  • Gov. Parson threatens legal action against reporter who exposed flaw on state education department’s website

    The reporter found hundreds of thousands of Missouri educators' social security numbers were accessible to the public in the HTML code for the Missouri Department of Elementary and Secondary Education's website.

    Parson said the Cole County prosecutor and the Missouri State Highway Patrol Digital Investigations Unit are now investigating the incident and it could cost taxpayers up to $50 million.

  • Missouri Governor Says HTML Source Code ‘Decoded’ by ‘Hacker’ Reporter

    Gov. Mike Parson of Missouri announced that an individual stole Social Security numbers after they “decoded the HTML source code.” However, a local media publication is disputing this claim and saying the individual was their own reporter who warned Parson’s administration about the security flaw and let them fix it before reporting about it. The word “SSNs” began trending on Twitter after Parson’s announcement, as people pointed out that if the Social Security numbers were in the source code, that meant they were easily viewable by just hitting F12.

More in Tux Machines

Garuda Linux: All-Rounder Distro Based on Arch Linux

A review of the Arch Linux based Garuda Linux, which brings a collection of desktop environments, window managers, and tools for general users and gamers. Read more

Plex Desktop Player is Now Available for Linux

In fact, it is also one of the best media server software for Linux. Yes, the media server was already available for Linux, and we also had a tutorial covering the installation steps. Read more

3 Top Free and Open Source D Web Frameworks

A web framework offers the developer a choice about how to solve a specific problem. By using a framework, a developer lets the framework control portions of their application. While it’s perfectly possible to code a web application without using a framework, it’s more practical to use one. D is a general-purpose systems programming language with a C-like syntax that compiles to native code. It is statically typed and supports both automatic (garbage collected) and manual memory management. D programs are structured as modules that can be compiled separately and linked with external libraries to create native libraries or executables. Here’s our recommendations. We only feature open source software. Read more

10 Cheap Raspberry Pi Alternatives in 2022

The Raspberry Pi is the king of single-board computers because it offers decent performance packed into a convenient form factor for an attractive price. But its competition hasn’t been asleep while it’s been sitting on the throne. In 2022, there are several cheap Raspberry Pi alternatives that you should consider for your projects, each offering a unique set of features and capabilities. So, without further ado, here’s our list of the best cheap Raspberry Pi alternatives in 2022. Update notice: The first version of this article was published in 2020. Since then, several compelling Raspberry Pi alternatives have been released, and the best ones are included in this updated version. Read more