Changes

From Security Weekly Wiki
Jump to navigationJump to search
* [https://www.darkreading.com/vulnerabilities---threats/attackers-will-target-critical-pan-os-flaw-security-experts-warn/d/d-id/1338221 Attackers Will Target Critical PAN-OS Flaw, Security Experts Warn], which isn't much of warning about flaws being attacked, but is a good reminder about modeling attacker goals.
* [https://www.zdnet.com/article/microsoft-releases-emergency-security-update-to-fix-two-bugs-in-windows-codecs/ Microsoft releases emergency security update to fix two bugs in Windows codecs] that once again proves a picture is worth a 1,000 flaws and why [https://www.zdnet.com/article/google-discloses-zero-click-bugs-impacting-several-apple-operating-systems/ this older article] notes the design changes that Android and Mozilla took in their media handling code.
* [https://www.marcolancini.it/2020/blog-kubernetes-threat-modelling/ The Current State of Kubernetes Threat Modelling] highlights past work in evaluating the security of Kubernetes, although it didn't touch on the [https://www.microsoft.com/security/blog/2020/04/02/attack-matrix-kubernetes/ ATT&CK matrix] from Microsoft that we covered in episode 102.
* [https://devops.com/how-to-build-a-culture-of-resilience-through-good-habits/ How To Build a Culture of Resilience Through Good Habits] so that improving availability also leads to improving confidentiality and integrity.
199

edits

Navigation menu