Changes

From Security Weekly Wiki
Jump to navigationJump to search
#[https://www.darkreading.com/edge/theedge/cybercriminals-could-be-coming-after-your-coffee/b/d-id/1339263 Cybercriminals Could be Coming After Your Coffee] - From the article: ''When it comes to whether you should get an IoT device or not, the general rule is to first ask yourself this question: Do I really need my light bulb/coffee pot/washing machine/doorbell/other household items to be smart?'' The real question is "When will I no longer have a choice?".
#[https://medium.com/better-programming/jwt-tokens-the-what-how-and-why-6ae3bad26661 JWT Tokens: The What, How, and Why] - This helped me understand things: ''The main difference to notice here is that with cookies, the information is stored server-side, while with JWT, since the information is stored in the actual token, the information is stored client-side. Since the server doesn’t need to remember anything, this simplifies things a lot, especially when working with multiple servers and having different sessions.'' Some JWT attacks rely on poor key management....
#[https://10.51.0helpnetsecurity.153com/2020/10/26/exploit-and-bypass-office-365-defenses/ Attackers finding new ways to exploit and bypass Office 365 defenses - Help Net Security]- Oh, all we need is Zero Trust: ''Zero-trust email: ​Adhere to a zero-trust-email approach, which should serve as a baseline for an email security strategy. All email, especially ongoing interactions with external partners and suppliers, should be considered areas of compromise.''
#[http://exploit.kitploit.com/2020/10/oracle-vm-virtualbox-buffer-overflow.html Oracle VM VirtualBox Buffer Overflow]
#[https://threatpost.com/ie-browser-death-march/160571/ Microsoft IE Browser Death March Hastens]
7,886

edits

Navigation menu