Miscellaneous Tech News
-
HTTPS for all: Let’s Encrypt reaches one billion certificates issued
The ISRG's Let's Encrypt is putting the S in HTTPS on a massive scale.
Let's Encrypt, the Internet Security Research Group's free certificate signing authority, issued its first certificate a little over four years ago. Today, it issued its billionth. The ISRG's goal for Let's Encrypt is to bring the Web up to a 100% encryption rate. When Let's Encrypt launched in 2015, the idea was pretty outré—at that time, a bit more than a third of all Web traffic was encrypted, with the rest being plain text HTTP. There were significant barriers to HTTPS adoption—for one thing, it cost money. But more importantly, it cost a significant amount of time and human effort, both of which are in limited supply. -
-
-
Criminals on CCTV: Scammers caught red-handed
Hundreds of thousands of people fall victim to scams in the UK every year.
Many are run from criminal call centres abroad, where teams of fraudsters operate around the clock.One man in the UK, who goes by the name "Jim Browning", decided to do something about it. He hacked into a call centre in India from where scammers target their victims.
-
-
Rail station wi-fi provider exposed traveller data
The email addresses and travel details of about 10,000 people who used free wi-fi at UK railway stations have been exposed online.
Network Rail and the service provider C3UK confirmed the incident three days after being contacted by BBC News about the matter. The database, found online by a security researcher, contained 146 million records, including personal contact details and dates of birth. It was not password protected. -
Tesco is issuing new cards to 600,000 Clubcard account holders after unearthing a security issue.
The supermarket giant said it believed a database of stolen usernames and passwords from other platforms had been tried out on its websites, and may have worked in some cases.
-
Coronavirus: Twitter tells staff to work from home
Twitter has told its employees to work from home to help stop the spread of the coronavirus.
In a blog post, the social media giant said it was mandatory for staff in Hong Kong, Japan and South Korea to work remotely. The company also said it was "strongly encouraging" all of its 5,000 employees around the world to not come into work. It comes a day after the firm banned all non-essential business travel and events for its workers. The company had already announced that it was pulling out of this month's South by Southwest media conference in Austin, Texas. Twitter's head of human resources Jennifer Christie said: "Our goal is to lower the probability of the spread of the Covid-19 coronavirus for us - and the world around us." -
LE says you must force renew your certificates TODAY.
On Leap Day, Let's Encrypt announced that it had discovered a bug in its CAA (Certification Authority Authorization) code.
The bug opens up a window of time in which a certificate might be issued even if a CAA record in that domain's DNS should prohibit it. As a result, Let's Encrypt is erring on the side of security and safety rather than convenience and revoking any currently issued certificates it can't be certain are legitimate, saying:
-
@DustinB3403 said in Miscellaneous Tech News:
LE says you must force renew your certificates TODAY.
On Leap Day, Let's Encrypt announced that it had discovered a bug in its CAA (Certification Authority Authorization) code.
The bug opens up a window of time in which a certificate might be issued even if a CAA record in that domain's DNS should prohibit it. As a result, Let's Encrypt is erring on the side of security and safety rather than convenience and revoking any currently issued certificates it can't be certain are legitimate, saying:
Check whether a host's certificate needs replacement
https://checkhost.unboundtest.com/ -
@DustinB3403 said in Miscellaneous Tech News:
@mlnews said in Miscellaneous Tech News:
Pets 'go hungry' after smart feeder goes offline
/s Whatever happened to just leaving a 40lb bag of food open on the floor?
That's how you turn a dog into a pot bellied pig... ask me how I know, lol.
-
Why Exchange admins should be very worried
If you haven’t already done so, this week you should be applying patches to your Exchange Servers. A reasonably easy to exploit vulnerability has been disclosed by Microsoft as CVE-2020-0688.
-
@JasGot said in Miscellaneous Tech News:
Why Exchange admins should be very worried
If you haven’t already done so, this week you should be applying patches to your Exchange Servers. A reasonably easy to exploit vulnerability has been disclosed by Microsoft as CVE-2020-0688.
Did my only on prem server last weekend.
-
@JaredBusch said in Miscellaneous Tech News:
@JasGot said in Miscellaneous Tech News:
Why Exchange admins should be very worried
If you haven’t already done so, this week you should be applying patches to your Exchange Servers. A reasonably easy to exploit vulnerability has been disclosed by Microsoft as CVE-2020-0688.
Did my only on prem server last weekend.
My server was missing the Feb Servicing Stack Update and was failing to install - fixed the SSU and poof - finally installed.
-
Is it KB4494175???
-
PowerShell 7 Now Commercially Released
Microsoft announced on Wednesday that PowerShell 7 has reached "general availability" (GA) commercial release.
PowerShell 7 is notable for being a cross-platform (Linux, macOS and Windows) scripting tool that attempts to bridge the gap between Windows PowerShell 5.1 and the PowerShell Core 6.x releases. In addition, while Microsoft based PowerShell 7 on the open source .NET Core 3.1, a near-term goal is to base it on a coming open source and cross-platform .NET 5 release, which is expected to roll out in November.
-
@Obsolesce said in Miscellaneous Tech News:
PowerShell 7 Now Commercially Released
Microsoft announced on Wednesday that PowerShell 7 has reached "general availability" (GA) commercial release.
PowerShell 7 is notable for being a cross-platform (Linux, macOS and Windows) scripting tool that attempts to bridge the gap between Windows PowerShell 5.1 and the PowerShell Core 6.x releases. In addition, while Microsoft based PowerShell 7 on the open source .NET Core 3.1, a near-term goal is to base it on a coming open source and cross-platform .NET 5 release, which is expected to roll out in November.
Until they force it down to existing Windows systems as part of a normal update, it is basically not relevant. It does not matter how good it is.
-
@JaredBusch said in Miscellaneous Tech News:
@Obsolesce said in Miscellaneous Tech News:
PowerShell 7 Now Commercially Released
Microsoft announced on Wednesday that PowerShell 7 has reached "general availability" (GA) commercial release.
PowerShell 7 is notable for being a cross-platform (Linux, macOS and Windows) scripting tool that attempts to bridge the gap between Windows PowerShell 5.1 and the PowerShell Core 6.x releases. In addition, while Microsoft based PowerShell 7 on the open source .NET Core 3.1, a near-term goal is to base it on a coming open source and cross-platform .NET 5 release, which is expected to roll out in November.
Until they force it down to existing Windows systems as part of a normal update, it is basically not relevant. It does not matter how good it is.
Right, because the only way to get or use someing on a computer is if it's included in the OS or as an OS update... lol
-
@Obsolesce said in Miscellaneous Tech News:
@JaredBusch said in Miscellaneous Tech News:
@Obsolesce said in Miscellaneous Tech News:
PowerShell 7 Now Commercially Released
Microsoft announced on Wednesday that PowerShell 7 has reached "general availability" (GA) commercial release.
PowerShell 7 is notable for being a cross-platform (Linux, macOS and Windows) scripting tool that attempts to bridge the gap between Windows PowerShell 5.1 and the PowerShell Core 6.x releases. In addition, while Microsoft based PowerShell 7 on the open source .NET Core 3.1, a near-term goal is to base it on a coming open source and cross-platform .NET 5 release, which is expected to roll out in November.
Until they force it down to existing Windows systems as part of a normal update, it is basically not relevant. It does not matter how good it is.
Right, because the only way to get or use someing on a computer is if it's included in the OS or as an OS update... lol
We have whole threads on the concept of if it is best practice to use the OS native tooling. The answer has consistently been yes.
Pull your lips off of Microsoft's ass and think for yourself. Just because I say something that your precious MS did is not useful....
-
This post is deleted!