Romain LORENZINI

486 Flips | 1 Magazine | 10 Following | 11 Followers | @RomainLORENZINI | Keep up with Romain LORENZINI on Flipboard, a place to see the stories, photos, and updates that matter to you. Flipboard creates a personalized magazine full of everything, from world news to life’s great moments. Download Flipboard for free and search for “Romain LORENZINI”

Following the Clues With DcyFS: A File System for Forensics

<i>This article concludes our three-part series on Decoy File System (DcyFS) with a concrete example of how a cyber deception platform can also be a</i> …

Swiss Army Knives

United Nations Accidentally Exposed Passwords and Sensitive Information to the Whole Internet

The United Nations accidentally published passwords, internal documents, and technical details about websites when it misconfigured popular project …

Technology

Microsoft is expanding its war on weak passwords and beefing up Office 365 security

(Credit: Saksorn Kumjit/Shutterstock)<p>In the midst of businesses beefing up their digital security in the wake of rising cyber threats, Microsoft has announced new additions for its authenticator app (Android, iOS) and Office 365 to help customers make sure that the right personnel are getting …

Windows 10

French cyber-security agency open-sources CLIP OS, a security hardened OS

CLIP OS 4 and CLIP OS 5 now available to everyone on GitHub, not just French cyber-spies.<p>The National Cybersecurity Agency of France, also known as …

Cybersecurity

CI/CD in a serverless Google Cloud world

A lot of the projects that we work on are focussed on data ingestion and analytics on Google Cloud Platform (GCP). Being lazy (or smart?), I always …

Cloud Computing

MongoDB server leaks 11 million user records from e-marketing service

Database has now been secured. Server was also ransomed by a criminal group back in June.<p>On Monday, a security researcher specialized in finding …

Google Search

The 7 Habits of Highly Effective Security Teams

Security requires smart people, processes, and technology. Too often, the "people" portion of the PPT equation is neglected.<p>Worldwide spending on …

Information Security

Why Serverless vs. Kubernetes Isn't a Real Debate

InfluxData sponsored this post.<p>Kubernetes and serverless have more than deserved their status as exciting and powerful platforms that offer …

DevOps

The largest benchmark of Serverless providers.

We have Serverless around for almost four years now, since Amazon introduced it on the re:Invent in the end of 2014. In 2016 Google, Microsoft and …

Cloud Computing

How a Cyber Attack Could Cause the Next Financial Crisis

Ever since the forced bankruptcy of the investment bank Lehman Brothers triggered the financial crisis 10 years ago, regulators, risk managers, and central bankers around the globe have focused on shoring up banks’ ability to withstand financial shocks.<p>But the next crisis might not come from a …

Financial Services

New CSS Attack Restarts an iPhone or Freezes a Mac

A new attack has been discovered that will cause iOS to restart or respring and macOS to freeze simply by visiting a web page that contains certain …

iOS

Introduction to HAProxy ACLs

When IT pros add load balancers into their infrastructure, of course they’re looking for the ability to scale out their websites and services, get …

Querystring

IRespondCon

Mining CloudTrail logs to uncover and respond to breaches in AWS Scott Piper @0xdabbad00 SummitRoute.com scott@summitroute.com

AWS Lambda Security

A free library providing AWS Lambda security for developers. Secure serverless applications. Serverless runtime protection. Serverless application …

Libraries

Managing MySQL at Serverless Scale

<i>“What? You can’t use MySQL with serverless functions, you’ll just exhaust all the connections as soon as it starts to scale! And what about zombie</i> …

MySQL

Advanced Nmap: Top 5 Intrusive Nmap Scripts Hackers & Pentesters Should Know

Nmap is more powerful than you know. With a few scripts, we can extend its functionality beyond a simple port scanner and start to identify details …

Web Servers

Security flaw in ‘nearly all’ modern PCs and Macs exposes encrypted data

Most modern computers, even devices with disk encryption, are vulnerable to a new attack that can steal sensitive data in a matter of minutes, new research says.<p>In new findings published Wednesday, F-Secure said that none of the existing firmware security measures in every laptop it tested “does a …

Encryption

Get control of your Linux Servers. Simple. Effective. Awesome.

★ Monitor everything<p>Analyze thousands of metrics per server.<br>Everything about the system (CPU, RAM, disks, network, firewall, QoS, NFS, ZFS, …

Build packet capture syntax online

<b>Table of Contents</b><p>tcpdump101.com has been designed to help people capture packets on different devices to assist with network troubleshooting, service …

Linux

Veeam left 200GB sales database wide open

Cloud data management company Veeam is the latest to fumble security for internet-connected databases, having left hundreds of millions of marketing …

Online Privacy

CD minutes for open source

With the introduction of Azure DevOps today, we’re offering developers a new CI/CD service called Azure Pipelines that enables you to continuously …

British Airways hacking: how not to respond to a cyber attack

Chaos appears to reign at British Airways, where hackers stole the details of around 380,000 customer bookings. There have been some poor responses …

British Airways

No. 1 paid utility in Mac App Store steals browser history, sends it to Chinese server

[<i>Update 8:54 am PT: Apple has pulled Adware Doctor from the Mac App Store. See below for more.</i>]<p>Adware Doctor, the number one paid utility in the Mac App Store, is secretly logging the browser history of users, and sending it to a server in China.<p>Security researcher Patrick Wardle says that he …

App Store

Introducing Azure DevOps

Today we are announcing Azure DevOps. Working with our customers and developers around the world, it’s clear DevOps has become increasingly critical …

Microsoft Visual Studio

Worries arise about security of new WebAuthn protocol

Cryptography experts point out that new WebAuthn protocol recommends or requires the implementation of old and weak algorithms known to be vulnerable …

Information Security

US government releases post-mortem report on Equifax hack

GAO report takes us inside Equifax from March 2017 onward, showing how a few slip-ups led to one of the biggest breaches in US history.<p>MUST READ<p>The …

Equifax

Announcing HashiCorp Consul + Kubernetes

We're excited to announce multiple features that deeply integrate HashiCorp Consul with Kubernetes. This post will share the initial set of features …

DevOps

WireGuard VPN review: A new type of VPN offers serious advantages

Fewer lines of code, simpler setup, and better algorithms make a strong case.<p>WireGuard is a new type of VPN that aims to be simpler to set up and …

256-Bit

Serverless LAPS powered by Microsoft Intune, Azure Functions and Azure Key Vault! – Modern Workplace

I’m excited to introduce a <b>Serverless Local Administrator Password Solution</b> (SLAPS 😉) for <b>Windows 10 Intune Managed</b> devices, powered by <b>Microsoft</b> …

Cloud Computing

Make BGP great again, er, no, for the first time: NIST backs internet route security brainwave

A proposal for securing BGP – the protocol that lays out the traffic pathways of the internet – has a another backer: NIST, aka America's National …

The Brain