After evaluating our position and NVIDIA's, we decided to add one more requirement. We request that NVIDIA commits to COMPLETELY OPEN-SOURCE (and distribute under a foss license) their GPU drivers for Windows, macOS and Linux, from now on and forever. If…
Microsoft News
DEV-0537 criminal actor targeting organizations for data exfiltration and destruction
The activity we have observed has been attributed to a threat group that Microsoft tracks as DEV-0537, also known as LAPSUS$. DEV-0537 is known for using a pure extortion and destruction model without deploying ransomware payloads.
After evaluating our position and NVIDIA's, we decided to add one more requirement. We request that NVIDIA commits to COMPLETELY OPEN-SOURCE (and distribute under a foss license) their GPU drivers for Windows, macOS and Linux, from now on and forever. If…
BBC News
Lapsus$: Oxford teen accused of being multi-millionaire cyber-criminal
Police say they've arrested seven teenagers as part of their investigation into a hacking group.
Forwarded from Solidot
GitHub 将要求所有代码贡献者使用 2FA
2022-05-05 13:32
最大代码托管平台 GitHub 宣布到 2023 年底所有上传代码的用户都必须使用双因素认证(2FA)。GitHub 首席安全官(CSO)Mike Hanley 在官方博客上 宣布了这一政策,此举旨在预防开发者的账号被劫持,防止攻击者劫持账号后上传恶意代码对下游项目发动供应链攻击。Hanley 称,软件的供应链始于开发者,开发者的账号经常成为社交工程和劫持的目标,保护开发者免受此类攻击是保护供应链安全的第一步也是最重要的一步。GitHub 的内部数据显示,只有 16.5% 的活跃用户启用了增强保护措施,它希望通过引导开发者采取更安全的账号保护标准,提高软件开发社区的整体安全性。
2022-05-05 13:32
最大代码托管平台 GitHub 宣布到 2023 年底所有上传代码的用户都必须使用双因素认证(2FA)。GitHub 首席安全官(CSO)Mike Hanley 在官方博客上 宣布了这一政策,此举旨在预防开发者的账号被劫持,防止攻击者劫持账号后上传恶意代码对下游项目发动供应链攻击。Hanley 称,软件的供应链始于开发者,开发者的账号经常成为社交工程和劫持的目标,保护开发者免受此类攻击是保护供应链安全的第一步也是最重要的一步。GitHub 的内部数据显示,只有 16.5% 的活跃用户启用了增强保护措施,它希望通过引导开发者采取更安全的账号保护标准,提高软件开发社区的整体安全性。
After evaluating our position and NVIDIA's, we decided to add one more requirement. We request that NVIDIA commits to COMPLETELY OPEN-SOURCE (and distribute under a foss license) their GPU drivers for Windows, macOS and Linux, from now on and forever. If…
NVIDIA Technical Blog
NVIDIA Releases Open-Source GPU Kernel Modules
The first open-source release of GPU kernel modules for the Linux community helps improve NVIDIA GPU driver quality and security.
Forwarded from Rust 视界
Rust 的流行与挑战
使用 Rust 编程语言的开发人员数量在 24 个月内增加了两倍,达到 220 万。 Rust 也进入了 白宫开源软件安全计划中 (https://thestack.technology/10-point-open-source-software-security-mobilization-plan/ Stream 4——逐步淘汰非内存安全的语言) ,也逐渐受到很多企业的支持。但人气大,责任大,Rust 还面临很多挑战。
使用 Rust 编程语言的开发人员数量在 24 个月内增加了两倍,达到 220 万。 Rust 也进入了 白宫开源软件安全计划中 (https://thestack.technology/10-point-open-source-software-security-mobilization-plan/ Stream 4——逐步淘汰非内存安全的语言) ,也逐渐受到很多企业的支持。但人气大,责任大,Rust 还面临很多挑战。
The Stack
Global CISOs, White House agree 10 point OSS Security Mobilisation Plan
All hands on deck, as Linux Foundation, Open SSF convene meeting