Internet Discoveries between 23 March and 30 March

  • IngressNightmare: 9.8 Critical Unauthenticated Remote Code Execution Vulnerabilities in Ingress NGINX
  • Open-sourcing OpenPubkey SSH (OPKSSH): integrating single sign-on with SSH
  • https://cybernews.com/security/troy-hunt-falls-victim-to-phishing-attack/
  • The Worm That No Computer Scientist Can Crack

Interesting details

IngressNightmare: 9.8 Critical Unauthenticated Remote Code Execution Vulnerabilities in Ingress NGINX - This blog provides a high-level overview of the vulnerability and its impact. We will publish our technical deep-dive tomorrow (March 25) at 10AM ET.

Open-sourcing OpenPubkey SSH (OPKSSH): integrating single sign-on with SSH - OPKSSH makes it easy to SSH with single sign-on technologies like OpenID Connect, thereby removing the need to manually manage and configure SSH keys. It does this without adding a trusted party other than your identity provider (IdP).

https://cybernews.com/security/troy-hunt-falls-victim-to-phishing-attack/ -

The Worm That No Computer Scientist Can Crack - One of the simplest, most over-studied organisms in the world is the C. elegans nematode. For 13 years, a project called OpenWorm has tried—and utterly failed—to simulate it.

All this was saved to my GetPocket over the week