From Security Weekly WikiJump to navigationJump to search
#[https://www.zdnet.com/article/openbsd-patches-severe-authentication-bypass-privilege-escalation-vulnerabilities/ OpenBSD patches authentication bypass, privilege escalation vulnerabilities | ZDNet]
#[https://arstechnica.com/information-technology/2019/12/hackerone-breach-lets-outside-hacker-read-customers-private-bug-reports/ HackerOne breach lets outside hacker read customers private bug reports] - Oops: '', the HackerOne analyst sent the community member parts of a cURL command that mistakenly included a valid session cookie that gave anyone with possession of it the ability to read and partially modify data the analyst had access to.'' One must be careful when sharing information with a bunch of hackers.
#[https://www.wired.com/story/microsoft-outlook-home-page-hack/ Hackers Find Ways Around a Years-Old Microsoft Outlook Fix]
#[https://www.zdnet.com/article/two-malicious-python-libraries-removed-from-pypi/ Two malicious Python libraries caught stealing SSH and GPG keys | ZDNet]
#[https://hotforsecurity.bitdefender.com/blog/mystery-server-found-to-host-private-data-in-the-open-for-1-2-billion-people-21827.html Mystery Server Found to Host Private Data in the Open for 1.2...]