#security #CVE #GitLab

The most critical security issue GitLab patched has the maximum severity score (10 out of 10) and is being tracked as CVE-2023-7028. Successful exploitation does not require any interaction.

https://www.bleepingcomputer.com/news/security/gitlab-warns-of-critical-zero-click-account-hijacking-vulnerability/

#programming #Pedro

A nice version of the #password #generator

https://passwordsgenerator.net/

The Microsoft security team detected a nation-state attack on our corporate systems on January 12, 2024, and immediately activated our response process to investigate, disrupt malicious activity, mitigate the attack, and deny the threat actor further access. Microsoft has identified the threat actor as Midnight Blizzard, the Russian state-sponsored actor also known as Nobelium. As part of our ongoing commitment to responsible transparency as recently affirmed in our Secure Future Initiative (SFI), we are sharing this update.  

https://msrc.microsoft.com/blog/2024/01/microsoft-actions-following-attack-by-nation-state-actor-midnight-blizzard/

#video

6 Software #Testing Trends in #2024

https://www.youtube.com/watch?v=pbQxLnJlQ3k

#video #vim

The CODS Model:

- Control
- Observability
- Decomposability
- Simplicity

#password #way

Oh, someone at one time said the right and obvious thing. But as usual, they were not heard (how annoying are these requirements for frequent changes, often also on services that limit the length, like, less than 12 characters, and do not allow special characters 🤬):

https://tidbits.com/2022/03/03/never-change-your-password/

#testing #job #money

https://www.youtube.com/watch?v=YBYWwjbk5M0

#security #study

This repository contains a 90-day cybersecurity study plan, along with resources and materials for learning various cybersecurity concepts and technologies. The plan is organized into daily tasks, covering topics such as Network+, Security+, Linux, Python, Traffic Analysis, Git, ELK, AWS, Azure, and Hacking. The repository also includes a `LEARN.md

https://github.com/farhanashrafdev/90DaysOfCyberSecurity

First, #Apple talks about how safe the App Store is and how alternatives should not be allowed because chaos and anarchy will ensue.

Then #LastPass warns that the official App Store has a fake password manager pretending to be LastPass. 🙃

https://blog.lastpass.com/2024/02/warning-fraudulent-app-impersonating-lastpass-currently-available-in-apple-app-store/

#video #programming local #Copilot

https://youtu.be/F1bXfnrzAxM

#security report from #Cloudflare

Many organizations have difficulty identifying and managing API cybersecurity. It is also noted that effective DDoS mitigation solutions can help protect APIs (everyone buy Cloudflare 👌).

https://www.cloudflare.com/press-releases/2024/press-releases/2024/new-cloudflare-report-shows-organizations-struggle-to-identify-and-manage/

#comix #password #programming #way

#programming

Maxim Orlovsky

I am working on a categorical programming language (i.e. matching category theory) named #Cation. It is a base for domain-specific languages like #Contractum for #RGB smart contracts. However, Cation can do much more than that and is designed as a generic programming language with termination analysis, GADT, monads, balanced ternary types in standard lib and many more exciting features. Basically, in Cation everything - data, functions, types etc - are natural transformation, and everything runs in parallel with lazy evaluation of race conditions (“quantum-style”).

I have already spent 2.5 years on it, so the things are starting taking a shape. Everyone interested in category theory and such challenges pls join https://t.me/cation_lang

#video #password

Oh, and my favorite VLDL joined the topic:

https://youtu.be/S_iyhcomfrc