From Security Weekly Wiki
Jump to navigationJump to search
* [ There's a hole in the boot] that breaks the root of trust needed by systems to attest to their integrity.
* [ OkCupid Security Flaw Threatens Intimate Dater Details] is a story about XSS meets mobile, mobile meets Same Origin Policy, accounts meet threat models.
* [ Florida teen charged as “mastermind” in Twitter hack hitting Biden, Bezos, and others], which we only revisit to highlight that threat modeling should focus on the "what" and "how" rather than "who" might attack a system.
* [ Sandboxing and Workload Isolation] talks through a brief history of protecting workloads and what effective modern techniques are evolving to.
* [ Microsoft to remove all SHA-1 Windows downloads next week], which is either small news for the prepared or a surprise for the supply chain stragglers.


Navigation menu