From Security Weekly Wiki
Jump to navigationJump to search
===== Flaws, Breaches & Threats =====
* [ CVE-2020-1938: Ghostcat vulnerability] in the Tomcat Apache JServ Protocol.
* [ IMP4GT: IMPersonation Attacks in 4G NeTworks] demonstrates a proven insecurity on a layer above provably secure protocol.
===== Cloud, Code & Controls =====
* [ Boeing implementing more rigorous testing of Starliner after software problems] shows how problems in cloud computing will be just the same in star systems.
* [ APIs are becoming a major target for credential stuffing attacks] and don't have to target the login workflow.
===== Learning & Tools =====
===== Food for Thought =====
* [ SSL/TLS certificate validity chopped down to one year by Apple’s Safari] and how this can drive secure DevOps behaviors.
* [ 5 key areas for tech leaders to watch in 2020]


Navigation menu