Changes

From Security Weekly Wiki
Jump to navigationJump to search
===== Flaws, Breaches & Threats =====
* [https://www.chaitin.cn/en/ghostcat CVE-2020-1938: Ghostcat vulnerability] in the Tomcat Apache JServ Protocol.
* [https://imp4gt-attacks.net IMP4GT: IMPersonation Attacks in 4G NeTworks] demonstrates a proven insecurity on a layer above provably secure protocol.
===== Cloud, Code & Controls =====
* [https://spacenews.com/boeing-implementing-more-rigorous-testing-of-starliner-after-software-problems/ Boeing implementing more rigorous testing of Starliner after software problems] shows how problems in cloud computing will be just the same in star systems.
* [https://www.csoonline.com/article/3527858/apis-are-becoming-a-major-target-for-credential-stuffing-attacks.html APIs are becoming a major target for credential stuffing attacks] and don't have to target the login workflow.
===== Learning & Tools =====
===== Food for Thought =====
* [https://nakedsecurity.sophos.com/2020/02/24/apple-chops-safaris-tls-certificate-validity-down-to-one-year/ SSL/TLS certificate validity chopped down to one year by Apple’s Safari] and how this can drive secure DevOps behaviors.
* [https://www.oreilly.com/radar/oreilly-2020-platform-analysis/ 5 key areas for tech leaders to watch in 2020]
{{SocialMedia}}
192

edits

Navigation menu