Resumo da Semana - 57
Firefox chega a versão 100, governo indiano querendo que serviços de VPN forneçam dados de usuários, inscrições abertas para o Microsoft Build, GitHub irá obrigar autenticação em 2 fatores, vulnerabilidades no Avast e AVG, Microsoft, Apple e Google se juntando para avançar na autenticação sem senha (passwordless), mais desdobramentos da guerra na Ucrânia, Governo chinês prestes a deixar de usar equipamentos estrangeiros, vulnerabilidade descoberta nos processadores da Apple, possível vazamento de dados da Netflix e um artigo sobre estudo do impacto do trabalho remoto na produtividade (spoiler: não foi encontrando nenhum impacto negativo).
Artigos
- The Google Incentive Mismatch: Problems with Promotion-Oriented Cultures
- It’s time we fix unethical design of cookie consent windows
- This World Password Day consider ditching passwords altogether
- NIST Releases Updated Guidance for Managing Software Supply Chain Risks
- How to Set Up SSH Passwordless Login (Step-by-Step Tutorial)
- It’s official. Remote work has zero negative impact on your productivity
Notícias
- Telegram Premium plan is in the works: What do you get by subscribing?
- Firefox 100 Is Now Available for Download, Enables GTK Overlay Scrollbars on Linux
- Amazon Prime vai ficar mais caro no Brasil
- China Orders Government, State Firms to Dump Foreign PCs
- Microsoft abre código-fonte do 3D Movie Maker só porque alguém pediu
Segurança
- Here’s a New Tool That Scans Open-Source Repositories for Malicious Packages
- Ransomware LV vaza dados que atribui ao CPqD e Banco Central
- New Regulations in India Require Orgs to Report Cyber Incidents Within 6 Hours
- Defacement atinge site do governo do Estado de Goiás
- New Hacker Group Pursuing Corporate Employees Focused on Mergers and Acquisitions
- Lockbit ransomware attack cripples parts of German library service
- India Orders VPN Companies to Collect and Hand Over User Data
- Unpatched DNS-Poisoning Bug Affects Millions of Devices, Stumps Researchers
- Pesquisadores tornam público bug de IoT não corrigido
- State-Backed Chinese Hackers Target Russia
- Attackers Use Event Logs to Hide Fileless Malware
- GitHub will require all users who contribute code to enable two-factor authentication by the end of 2023
- Researchers Disclose 10-Year-Old Vulnerabilities in Avast and AVG Antivirus
- Heroku: Cyberattacker Used Stolen OAuth Tokens to Steal Customer Account Credentials
- Apple, Google and Microsoft Commit to Expanded Support for FIDO Standard to Accelerate Availability of Passwordless Sign-Ins
- Microsoft, Apple, and Google Promise to Expand Passwordless Features
- Expansion of FIDO standard and new updates for Microsoft passwordless solutions
- Russia hammered by pro-Ukrainian hackers following invasion
- DDoS Attacks by Hacktivists Disrupted Russian Alcohol Supply Chain
- Apple Silicon Exclusively Hit With World-First “Augury” DMP Vulnerability
- BPFDoor — an active Chinese global surveillance tool
- Credenciais vazadas podem ser de clientes da Netflix
Eventos
- Microsoft Build – Join us May 24-26 2022
Compartilhe: Twitter - Facebook - LinkedIn