Resumo da Semana - 57

Postado em Em Disqus: Tempo de leitura ≈ 2 mins.

Firefox chega a versão 100, governo indiano querendo que serviços de VPN forneçam dados de usuários, inscrições abertas para o Microsoft Build, GitHub irá obrigar autenticação em 2 fatores, vulnerabilidades no Avast e AVG, Microsoft, Apple e Google se juntando para avançar na autenticação sem senha (passwordless), mais desdobramentos da guerra na Ucrânia, Governo chinês prestes a deixar de usar equipamentos estrangeiros, vulnerabilidade descoberta nos processadores da Apple, possível vazamento de dados da Netflix e um artigo sobre estudo do impacto do trabalho remoto na produtividade (spoiler: não foi encontrando nenhum impacto negativo).

Artigos

  • The Google Incentive Mismatch: Problems with Promotion-Oriented Cultures
  • It’s time we fix unethical design of cookie consent windows
  • This World Password Day consider ditching passwords altogether
  • NIST Releases Updated Guidance for Managing Software Supply Chain Risks
  • How to Set Up SSH Passwordless Login (Step-by-Step Tutorial)
  • It’s official. Remote work has zero negative impact on your productivity

Notícias

  • Telegram Premium plan is in the works: What do you get by subscribing?
  • Firefox 100 Is Now Available for Download, Enables GTK Overlay Scrollbars on Linux
  • Amazon Prime vai ficar mais caro no Brasil
  • China Orders Government, State Firms to Dump Foreign PCs
  • Microsoft abre código-fonte do 3D Movie Maker só porque alguém pediu

Segurança

  • Here’s a New Tool That Scans Open-Source Repositories for Malicious Packages
  • Ransomware LV vaza dados que atribui ao CPqD e Banco Central
  • New Regulations in India Require Orgs to Report Cyber Incidents Within 6 Hours
  • Defacement atinge site do governo do Estado de Goiás
  • New Hacker Group Pursuing Corporate Employees Focused on Mergers and Acquisitions
  • Lockbit ransomware attack cripples parts of German library service
  • India Orders VPN Companies to Collect and Hand Over User Data
  • Unpatched DNS-Poisoning Bug Affects Millions of Devices, Stumps Researchers
  • Pesquisadores tornam público bug de IoT não corrigido
  • State-Backed Chinese Hackers Target Russia
  • Attackers Use Event Logs to Hide Fileless Malware
  • GitHub will require all users who contribute code to enable two-factor authentication by the end of 2023
  • Researchers Disclose 10-Year-Old Vulnerabilities in Avast and AVG Antivirus
  • Heroku: Cyberattacker Used Stolen OAuth Tokens to Steal Customer Account Credentials
  • Apple, Google and Microsoft Commit to Expanded Support for FIDO Standard to Accelerate Availability of Passwordless Sign-Ins
  • Microsoft, Apple, and Google Promise to Expand Passwordless Features
  • Expansion of FIDO standard and new updates for Microsoft passwordless solutions
  • Russia hammered by pro-Ukrainian hackers following invasion
  • DDoS Attacks by Hacktivists Disrupted Russian Alcohol Supply Chain
  • Apple Silicon Exclusively Hit With World-First “Augury” DMP Vulnerability
  • BPFDoor — an active Chinese global surveillance tool
  • Credenciais vazadas podem ser de clientes da Netflix

Eventos

  • Microsoft Build – Join us May 24-26 2022

Compartilhe: Twitter - Facebook - LinkedIn