Presentation by Stefan Lueders
CERN wireless networks are not encrypted WPA3 encrypts between client and router, HTTPS encrypts the rest of the way
Use TLS not SSH. Avoid security through obscurity! Consider security from the very beginning. you wouldn’t build a car without brakes
don’t put your tokens on github
people have tried to mine crypto with CERN resources lol
CERN has a tool which finds comprimised cern.ch accounts
is it possible that the most common passwords are 123456 etc because there is nothing of value behind them?
the undeclared war
reversemode showed how he got access to the cryo system app
2/3 factor identification. Something you know, have, are.
Beware of CEO fraud. Beware of zoom fraud. password protect
with http everything before the @ sign is ignored!
kensignton usb pointers were shipping with malware!
virustotal is a website where you can test domains etc. for malware.
Remember if you do not have to pay on the internet you pay with your data.
python wheel jacking, npm, etc. these package managers do not distinguish between internal and external packages. how do we protect against these attacks?question Use nexus or harbour
⇒ monitor your supply chain!
open source does not imply free
”freedom, security, convenience - choose two”
github has static code analysis!
openVAS to scan webpages for vulnerabilities
software licences