How on earth can you both not accept the password I copied from my password safe and tell me that I cannot use the same pasaword again?

And ivanti released CVE-2025-0282, just one week into the new year.

Edit: Source for the stats is cvedetails.com

Looking at you, Volkswagen. Don't store billions of records in an AWS bucket that can be breached.

Volkswagen Breach Exposes Data of 800K EV Customers

Some of these vulnerabilities look more like backdoors

Fortinet, Palo, Checkpoint, Cisco, Sonicwall ... is there any big firewall vendor that didn't have any critical vulnerabilities last year?

cross-posted from: https://lemmy.world/post/23134973

> And black gloves of course

cross-posted from: https://sopuli.xyz/post/17042938

Still waiting for end to end encryption...

Someone in Poland chose an interesting name for his company.

I have both done pentests and received pentest reports. My observation is that the perceived severity often varies between the tester and the customer.

Nothing tells me more that you care about my privacy than sharing my data with hundreds or thousands of companies.

Sadly, the support for passkeys is still lacking.

Anybody else working on the 2025 budget?

As AI image recognition advances, CAPTCHAs need to get more creative.

What are your best experiences with CAPTCHAs?

What is your favourite password rule?

Interestingly, the firewall got overload by the number of UDP packets and not by the bandwidth of traffic. See UDP Flooding on Wikipedia.

Please don't act like the german conservative party:

> The CDU [german conservative party] lodged a criminal complaint against Wittmann after she told the party about a security vulnerability in the CDU-Connect election campaign app. (source)

To be clear, not all companies are like this.

Who could have guessed that having tested, well protected and current backups help when dealing with cyber security incidents?

We found out that 10% of our users entered their password.

cross-posted from: https://slrpnk.net/post/12477525

Last week, I tried to register for a service and was really surprised by a password limit of 16 characters. Why on earth yould you impose such strict limits? Never heard of correct horse battery staple?

Quote taken from a 24 year old article by Bruce Schneier that is still relevant in today's world.

If a single click on a phishing email can ruin the entire company, the blame doesn't lie with that individual.

Look at the thumbnail

i am interested in getting a job in cybersecurity