!security@lemmy.ml
Confidentiality Integrity Availability
!security
@lemmy.mlhttp://www.flux.utah.edu/paper/singh-nsdi24
https://research.swtch.com/nih
https://www.devever.net/~hl/bootstrapping-exam
https://9to5linux.com/gparted-live-is-now-patched-against-the-xz-backdoor-powered-by-linux-kernel-6-7
GParted Live 1.6.0-3 live system based on the GParted free partition manager is now available for download to address the XZ backdoor.
https://gendignoux.com/blog/2024/04/08/xz-backdoor.html
Many discussions about open source dependencies and maintenance happened in the last month.Two posts caught my eye in the Rust ecosystem: Sudo-rs dependencie...
https://blog.rust-lang.org/2024/04/09/cve-2024-24576.html
Empowering everyone to build reliable and efficient software.
https://www.bleepingcomputer.com/news/security/critical-rust-flaw-enables-windows-command-injection-attacks/
Threat actors can exploit a security vulnerability in the Rust standard library to target Windows systems in command injection attacks.
https://medium.com/@ottok/heartbleed-and-xz-backdoor-learnings-open-source-infrastructure-can-be-improved-efficiently-with-9ee254d62578