Tootfinder

heise security Tour 2026: Das Programm steht – jetzt Frühbucherpreis sichern!
Die heise security Tour 2026 fokussiert auf Lieferketten-Sicherheit, Identitäts-Management und KI. Sichern Sie sich jetzt Frühbucher-Tickets!
…

💸 County pays $600,000 to pentesters it arrested for assessing courthouse security
https://arstechnica.com/security/2026/01/county-pays-600000-to-pentesters-it-arrested-for-assessing-courthouse-security/

County pays $600,000 to pentesters it arrested for assessing courthouse security
Settlement comes more than 6 years after Gary DeMercurio and Justin Wynn's ordeal began.

»China bans U.S. and Israeli cybersecurity software over security concerns:
China has told domestic firms to stop using U.S. and Israeli cybersecurity software, citing national security concerns amid rising tech tensions.«
Not that China is wrong, but this is also part of their maintenance of power, just like the USA or Europe and Co.
🇨🇳

China bans U.S. and Israeli cybersecurity software over security concerns
China told domestic firms to stop using US and Israeli cybersecurity software, citing national security concerns amid rising tech tensions

Meta confirms a critical security incident after an internal rogue AI agent's actions led to the exposure of sensitive data to employees without authorization (Jyoti Mann/The Information)
https://www.theinformation.com/articles/inside-meta-rogue…

Inside Meta, a Rogue AI Agent Triggers Security Alert
A rogue AI agent recently triggered a major security alert at Meta Platforms, by taking action without approval that led to the exposure of sensitive company and user data to Meta employees who didn’t have authorization to access the data. A Meta spokesperson confirmed the incident, while adding ...

from my link log —
ACME, a brief history of a protocol which has changed Internet security.
https://blog.brocas.org/2025/12/01/ACME-a-brief-history-of-one-of-the-protocols-which-has-changed-the-Internet-Security/

How Sandia Labs’ Chrisma Jackson protects nuclear secrets from hackers around the clock
https://www.abqjournal.com/business/how-sandia-labs-chrisma-jackson-protects-nuclear-secrets-from-hackers-around-the-clock…

How Sandia Labs’ Chrisma Jackson protects nuclear secrets from hackers around the clock
Chrisma Jackson, Sandia National Laboratories’ top cybersecurity director, discusses protecting nuclear weapons data from constant threats and how her team defends against sophisticated attacks around the clock.

Sicherheitslücke bei Saugrobotern: Tüftler erhält Zugriff auf tausende Geräte
Ein Tüftler wollte Veränderungen an seinem Staubsaugerroboter vornehmen. Dabei deckte er eine Sicherheitslücke auf und erlangte Zugriff auf tausende Geräte.

EU-App zur Altersverifikation: „Sorglos-Paket“ mit Sicherheitslücken
Die EU-Kommission will den Jugendschutz im Netz per App revolutionieren. Doch rasch entpuppt sich das Versprechen von Anonymität und Sicherheit als sehr fragil.

«YubiKey Manager — Sicherheitslücke ermöglicht Ausführung untergeschobenen Codes:
Yubico warnt vor einer Suchpfad-Schwachstelle im YubiKey Manager, libfido2 und python-fido2. Updates korrigieren die Fehler.»
Eine IT-Security Meldung die wirklich sicher ist und Updates nun wirklich sofort vor dem Wochenende gemacht werden müssen.
🔐

YubiKey Manager: Sicherheitslücke ermöglicht Ausführung untergeschobenen Codes
Yubico warnt vor einer Suchpfad-Schwachstelle im YubiKey Manager, libfido2 und python-fido2. Updates korrigieren die Fehler.

Screaming: TP-Link routers represent no more of a security risk than other routers, which is to say, they are all filled with crummy firmware and never get updated.
https://www.csoonline.com/article/3504775/no-evidence-that-tp-lin…

No evidence that TP-Link routers are a Chinese security threat
Despite a request for a US government investigation into Chinese-made TP-Link, evidence presented by a US House committee fails to support allegations they are a national security risk, experts say.