fosstodon.org is one of the many independent Mastodon servers you can use to participate in the fediverse.
Fosstodon is an invite only Mastodon instance that is open to those who are interested in technology; particularly free & open source software. If you wish to join, contact us for an invite.

Administered by:

Server stats:

10K
active users

The #Python Package Index was drowning in malicious code again, so they had to shut down registration for cleanup.

More software supply-chain security shenanigans: #PyPI came under attack earlier, with more than 500 fake packages with similar names to popular ones. Scrotes unknown have been trying to steal cryptocurrency credentials and other secrets.

Yes, it’s happened yet again. In #SBBlogwatch, we ask if it’s time for a #CodeReuse rethink. At #TechstrongGroup’s #SecurityBlvd: securityboulevard.com/2024/03/

Security Boulevard · PyPI Goes Quiet After Huge Malware Attack: 500+ Typosquat Fakes FoundEmergency stop button: The Python Package Index was drowning in malicious code again, so they had to shut down registration for cleanup.

#Whistleblower in hacker contractor firm for Chinese government blows lid off tactics, techniques and procedures.

An enormous cache of documents and data from a #Chinese hacking outfit got leaked by an insider. The state sponsored company, #ISoon, seems to have a disgruntled mole who made all its secrets public.

Analysts will be poring over the data for months. In #SBBlogwatch, we lap it up, like a Pooh laps hunny. At #TechstrongGroup’s #SecurityBlvd: securityboulevard.com/2024/02/

Security Boulevard · PRC State Hacking: ‘Chinese Edward Snowden’ Spills I‑Soon Secrets in Huge Dump of TTPsUnderpaid, overworked and angry: Whistleblower in hacker contractor firm for Chinese government blows lid off tactics, techniques and procedures.

Researchers reconstruct your #fingerprint by listening to you swipe.

Can scrotes steal your fingerprints just by eavesdropping? An academic paper claims they can. Although accuracy isn’t perfect—yet.

As more and more sensitive stuff is secured behind #biometrics, it’s a bit of a worry. In #SBBlogwatch, we deregister our swiping fingers. At #TechstrongGroup’s #SecurityBlvd: securityboulevard.com/2024/02/

Security Boulevard · ‘PrintListener’ Attack on Fingerprint Readers — Can You Trust Biometrics?🤞Mic Check: Researchers reconstruct your fingerprint by listening to you swipe.

11-nation army led by UK eliminates ransomware-for-hire scrotes’ servers.

The UK’s National Crime Agency has broken the #LockBit gang. With help from the U.S., Canada, Australia, Finland, France, Germany, Japan, Netherlands, Sweden and Switzerland, the Russian ransomware-as-a-service infrastructure is no more.

Those plucky Brits got the scrotes’ data, too. In #SBBlogwatch, we break out the warm beer with some delicious fish and chips. At #TechstrongGroup’s #'SecurityBlvd: securityboulevard.com/2024/02/

Security Boulevard · LockBit Takedown by Brits — Time for ‘Operation Cronos’RaaS nicked: 11-nation army led by UK eliminates ransomware-for-hire scrotes’ servers.

#Trains all over #Poland are mysteriously slamming on the brakes, with #Putin’s voice heard on the drivers’ radios—backed with the Russian national anthem. So, of course, the mainstream media is all up in a lather about #Russian hackers.

Or was it just a modern-day #BlueBox prank? In today’s #SBBlogwatch, we grab some delicious Cap’n Crunch. At #TechstrongGroup’s #SecurityBlvd: securityboulevard.com/2023/08/

Security BoulevardDid Russia Hack Poland’s Trains? MSM Says Yes, but … Well, You DecideTrain Phreaking: It depends what you mean by “hack” (and by “Russia”).