From Security Weekly Wiki
Jump to navigation
Jump to search
← Older edit
Newer edit →
Revision as of 06:02, 2 March 2020
1,099 bytes added
===== Flaws, Breaches & Threats =====
* [https://www.chaitin.cn/en/ghostcat CVE-2020-1938: Ghostcat vulnerability] in the Tomcat Apache JServ Protocol.
* [https://imp4gt-attacks.net IMP4GT: IMPersonation Attacks in 4G NeTworks] demonstrates a proven insecurity on a layer above provably secure protocol.
===== Cloud, Code & Controls =====
* [https://spacenews.com/boeing-implementing-more-rigorous-testing-of-starliner-after-software-problems/ Boeing implementing more rigorous testing of Starliner after software problems] shows how problems in cloud computing will be just the same in star systems.
* [https://www.csoonline.com/article/3527858/apis-are-becoming-a-major-target-for-credential-stuffing-attacks.html APIs are becoming a major target for credential stuffing attacks] and don't have to target the login workflow.
===== Learning & Tools =====
===== Food for Thought =====
* [https://nakedsecurity.sophos.com/2020/02/24/apple-chops-safaris-tls-certificate-validity-down-to-one-year/ SSL/TLS certificate validity chopped down to one year by Apple’s Safari] and how this can drive secure DevOps behaviors.
* [https://www.oreilly.com/radar/oreilly-2020-platform-analysis/ 5 key areas for tech leaders to watch in 2020]
Retrieved from "
Application Security Weekly
Business Security Weekly
Enterprise Security Weekly
Paul's Security Weekly
Security Weekly News
Security And Compliance Weekly
Tradecraft Security Weekly
Security Weekly Links
About Security Weekly Wiki