Taking the time for blogging, is really not as easy as it sounds, as there is so much to possibly blog about.

But let's start with some IT-Security news

• DDoS still on the rise for blackmailing, extortion and disruption. Cloudflare says it stopped the largest DDoS attack on record, German Police raided a DDoS friendly hoster, but no day goes by with news based on DDoS attacks

• Microsoft released some Critical Patches on their February and March Patch-tuesdays - Brian Krebs had a great roundup of what got patched for both

• Ransomware like DDoS, still hitting hard - Israels top tech university got hit by ransomware, censys had a great overview for the latest VMWare ESX ransomware deadbolt ransomware crew got tricked

• Euler Finance lost near $200 Million in one of those "crypto is so safe, please take all my money"-attacks

• An italian fashion label does some crazy designs, to confuse facial recognition systems

• GoDaddy,one of the worlds largest Domain Registrars, got hacked via Phishing - so please - use more 2FA Hardware-Keys !!!

• CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks - after infiltrating a large corp, without getting caught

• git got audited - great read

• great article on honeypots over at hackerfactor

• small tweet, huge opinion !!!

Linux News

• the ever growing Linux systemd Bootloader does now Support FIDO2 Token unlocking of encrypted systems - great move towards a Passwordless future

• SSDFS found its way into the linux kernel a new filesystem specially catered at NVMe Zoned Namespaces (ZNS) SSDs

• Also the Linux BFQ-Scheduler gets tuned for the use of HDDs with Multi-Actuators, which operate nearly as fast as SSDs.

• In the comments of a hackernews thread, on how to learn linux i found sadservers.com - great learning resource !

Hardware News

• Pine64 launched their first SBC, based on the RISC-V CPU Architecture

• T-Firefly released an interesting modular PC

• not really hardware news, but modern firmware sucks and here are some ideas for improving

Web + Browser News

• Let's Encrypt keeps on improving ACME and with it the deployment and lifecycle of TLS Certificates as whole

• Not only Let's Encrypt keeps on improving the web, chromium released a policy, which includes a max Lifetime of 90 Days for TLS Certificates (Let's Encrypt default lifetime). Sooner or later the TLS Ecosystem has to be driven by automation. USE and PUSH - ACME !!!

• The Vary HTTP Response Header is getting some Adoption

• Matthew Garrett shared some ideas for better ssh host certificate support - after github exposed their private key

• As RPKI gets some Adoption in the BGP Routing World - The Calgary Internet Exchange are the first in the world, to deploy ASPA-filtering to prevent BGP route leaks

• Classification of encrypted traffic is hard - but maybe getting easier in the future

Cyber Security Policy News

• The newly released US Cybersecurity Strategy makes some steps into the right direction - it looks like software vendors will finally be liable, if security is not taken seriously

General tech

• Yuval Harrari tha Autor of Sapiens, wrote a great piece on our future with AI

• The Cloud is dead, long live the cloud - Reasons for leaving the cloud by @Ubuntu

• cryptomuseum.com has a great article, about how the CryptoPhone of Andy Müller-Maguhn got manipulated

• Big data is dead - great article on the big data hype !

• Cloudflare released a blog post, how they update the firmware on thousands of Servers

Courses / Howtos / Books / Guides / Talks

Videos for Microsoft's Bluehat 2023 are out

Awesome Video on - How a Database Looks from a Disk's Perspective