From Security Weekly WikiJump to navigationJump to search
#[https://isc.sans.edu/diary.html?storyid=25664 InfoSec Handlers Diary Blog] - ''Here is a sample that I spotted two days ago. It’s an interesting one because it’s a malware that implements ransomware features developed in Node.js! The stage one is not obfuscated and I suspect the script to be a prototype or a test…''
#[https://medium.com/swlh/hacking-git-directories-e0e60fa79a36 Hacking Git Directories] - First, make sure your build process is not deploying this folder. Second, configure your web server not to serve files from the .git directory, ever. Do both, then build a test to make sure someone has not opened this exposure. This is a well-known and basic security
#[https://threatpost.com/critical-citrix-bug-80000-corporate-lans-at-risk/151444/ Critical Citrix Bug Puts 80,000 Corporate LANs at Risk]
#[https://www.darkreading.com/threat-intelligence/the-coolest-hacks-of-2019/d/d-id/1336682 The Coolest Hacks of 2019]