So, hey, yeah, how are all of you. Clearly SolarWinds has completely overwhelmed the news this week, so I have a couple of notes about that. To those of you who are having to deal with this, I am with you in spirit. Doing what I can here from The Bunker to help you out.
Here was my first indication there was a problem, I believe. It’s pretty old news now.
I spoke about Supply Chain problems at the Central Ohio .NET Developer’s group in March. Oddly timed.
MicroSolved has a good writeup you should read.
This is Microsoft’s breakdown on DLL Injection. For the record, I attended a BoF session on this at DefCon 15(!) and everyone I talked to blew it off. Guess not.
Some other news, thank goodness.
Github is gonna ban passwords.
The NSA finally figured out that authentication systems are under attack.
And finally, a short article about memcpy.
That’s the news, folks, have a great holiday and end-of-year. May your systems be secure and your code be frozen.