Oracle finally admits to a major data breach—after being sued for hiding it.

Just days after being hit with a class-action lawsuit for allegedly covering up a major data breach, Oracle has begun privately notifying some customers of a security incident that compromised login credentials—including data from as recently as 2024.

Key highlights:
・ Hacker accessed usernames, passkeys, and encrypted passwords
・ Extortion attempt reported
・ Lawsuit claims Oracle failed to notify victims within 60 days
・ Plaintiffs demand better security & transparency

Despite Oracle calling it an outdated system, the lawsuit points to risks that are very current. This is a critical moment for cloud providers to re-evaluate incident response protocols.

Full story: https://www.csoonline.com/article/3953644/oracle-quietly-admits-data-breach-days-after-lawsuit-accused-it-of-cover-up.html

Anyone know a good way to encrypt a ".env" file in prod? Thanks for any ideas you share

C'est bientôt les Universités de Printemps de l'/ d' / des Interhack[s] !

On se retrouve chez @lebib pour quatres jours d'éduc pop, de bidouille, de technocritique, d'expérimentations artistiques et de partages culturels.

Venez avec votre bonne humeur, vos proches, vos copaines et soyez toustes bienvenu⋅es!

Programme (voué à changer):
https://pretalx.lebib.org/univprintemps25/schedule/

Mein Benutzerpasswort ist abgelaufen. Das neue darf keines der drei letzten genutzten sein. Also hab ich drei mal das Passwort geändert und anschließend wieder mein ursprüngliches gesetzt.

Announcing the #OWASP #Ottawa April meetup on April 16th at 6pm at the UofO STEM building. This month Micah Clark will help us rethink your approach to finding information, to build systems that keep you focused and curious without getting stuck.
#OSINT #INFOSEC #APPSEC

https://www.meetup.com/owasp-ottawa/events/307060615/

Heyo! Time for a re-introduction here. I'm WinterKnight and I followed the Great InfoSec Migration here from Twitter a few years ago.

Outside of #infosec and #hacking, I entertain myself with #TTRPGs such as D&D and Paranoia, #boardgames such as Terraforming Mars, Scythe, and Gloomhaven. I also paint miniatures and other components which are used in games.

Outside of nerdery, I smoke meats and #BBQ so there may be some pictures of delicious things I cook from time to time. I tend to post about a myriad of things.

Opinions are my own, and not of any other entity.

Interesting read!

"Interview With a Crypto Scam Investment Spammer"

https://krebsonsecurity.com/2023/05/interview-with-a-crypto-scam-investment-spammer/

#introduction #intro #whoami

Hey Mastodonians!

I am a Critical Infrastructure & Industrial Security Advisor and CEO at Ampyx Cyber (https://infosec.exchange/@ampyxcyber). I spend most of my time on planes and in airports, but I’m proud to be #PDX-based. Also US Coordinator and professor for the Centro de Ciberseguridad Industrial (CCI) in Madrid as well as a former SANS ICS456 instructor. Ex utility staff (electric, telecom, water), recovering regulator, and one of the original architects of NERC CIP. Often found on stage ranting heretically at #ICS and #OT conferences. Honored to be BEER-ISAC coin 001 (@beerisac).

I mostly post about work in #infosec, #travel, #conferences, #regulations, and typical ICS/OT security topics. I also spend a lot of time carefully curating news stories from a wide range of tech, science and infosec sources which I then automatically post on my personal social media account(s) - no, this isn’t a bot. If this is too much news for your feed, please feel free to mute me.

Hobbies are #travel, #food, #kayaking, #slavaukraini

"Accidental $70k Google Pixel Lock Screen Bypass - bugs.xdavidhu.me"

https://bugs.xdavidhu.me/google/2022/11/10/accidental-70k-google-pixel-lock-screen-bypass/