Security Leftovers Scanning Docker for Secrets - Infosecurity Magazine Owing to their structure and usage, docker images are likely to contain hidden secrets

Top IT Asset Management Tools for Security

Sensitive information of 30k Florida healthcare workers exposed in unprotected database

Security, Privacy Risks of Artificial Intelligence in Healthcare “There are multitudes of ways in which AI is particularly useful in the healthcare context. But there are a whole host of concerns in terms of how we regulate AI, particularly because AI is so dependent on gathering large blocks of data in order to learn,” Malek explained. “When you consider that, you see that there are data privacy and cybersecurity issues, ethical issues, and safety issues.” The volume of data that AI models can maintain is staggering. Without the proper safeguards and regulatory assurances, AI could pose risks to patient data security and privacy. When it comes to protected health information (PHI), covered entities have a duty under HIPAA to protect patient data. Engaging with any third-party vendor comes with risks that should be carefully assessed.

Still paying for antivirus software? Experts say you probably don't need it [Ed: The advice here it poor; operating systems with back doors are not secure and the solution isn't in them but outside them, and not AV snake oil]

American diplomats' iPhones reportedly compromised by NSO Group intrusion software The Apple iPhones of at least nine US State Department officials were compromised by an unidentified entity using NSO Group's Pegasus spyware, according to a report published Friday by Reuters. NSO Group in an email to The Register said it has blocked an unnamed customers' access to its system upon receiving an inquiry about the incident but has yet to confirm whether its software was involved. "Once the inquiry was received, and before any investigation under our compliance policy, we have decided to immediately terminate relevant customers’ access to the system, due to the severity of the allegations," an NSO spokesperson told The Register in an email. "To this point, we haven’t received any information nor the phone numbers, nor any indication that NSO’s tools were used in this case."

Free Software: WordPress, Strapi, Mentors, and Firmware Conference 2021 Add CAPTCHA protection that’s not reCAPTCHA to a WordPress site – LinuxBSDos.com Want to add CAPTCHA protection that is not Google’s reCAPTCHA to the login page of your WordPress website? There is a WordPress plugin for that! And that’s how I ended up using CAPTCHA to protect the login page of this website. It was not planned, though. You see, it just so happened that I was trying to replace Google reCAPTCHA on a newsletter subscription plugin I wanted to use for this website. So I installed the CAPTCHA plugin, but I couldn’t get it to work as well as the default reCAPTCHA on the newsletter subscription form.

Strapi v4: Big changes in latest release of this open-source 'headless' CMS | ZDNet Strapi, the company behind the most popular open-source headless content management system (CMS) of the same name, has launched the next stable release of Strapi v4. This includes a new design system, user interface, plug-in Application Programming Interface (API), database query engine, and improved REST and GraphQL API performance.

7 tips for virtual mentorship in open source | Opensource.com In open source, contributors collaborate across various projects, regions, and time zones. There are often untapped opportunities to create mentorship relationships through this distributed engagement. A mentorship is mutually beneficial to both the mentor and mentee when both parties are committed to the relationship's success. Both the mentor and mentee grow professionally in the process. For example, the mentor develops their leadership skills, evolves, and prepares for career advancement. Here are a few ways to effectively build a positive mentorship relationship.

Open-Source Firmware Conference 2021 Videos Now Available - Phoronix Taking place this week was the annual Open-Source Firmware Conference "OSFC" devoted to open-source firmware from Coreboot to open-source BMC solutions and other low-level booting/initialization efforts. OSFC 2021 was once again a virtual affair due to the ongoing COVID-19 pandemic. Organizing the event was Meta (Facebook), 9elements Cyber Security, and Google. Talks this year covered U-BMC, the Linux Vendor Firmware Service (LVFS), Oreboot, Arm SystemReady effort for the Raspberry Pi, Arm LBBR, Coreboot, Slim Bootloader, and more.