From Security Weekly WikiJump to navigationJump to search
, 21:06, 12 November 2020
#[http://exploit.kitploit.com/2020/11/rapid7-metasploit-framework-msfvenom.html Rapid7 Metasploit Framework msfvenom APK Template Command Injection] - Irony: ''This Metasploit module exploits a command injection vulnerability in Metasploit Framework's msfvenom payload generator when using a crafted APK file as an Android payload template. Affected includes Metasploit Framework versions 6.0.11 and below and Metasploit Pro versions 4.18.0 and below.''
#[https://medium.com/@andrewselig/the-sad-state-of-two-factor-authentication-in-u-s-banking-580b109fa2f3 The Sad State of Two-Factor Authentication in U.S. Banking] - Neat site: https://twofactorauth.org/ (List of websites and whether or not they support 2FA.)
#[https://medium.com/oreillymedia/container-security-threats-38649261fb4f Container Security Threats]
#[https://www.schneier.com/blog/archives/2020/11/the-security-failures-of-online-exam-proctoring.html The Security Failures of Online Exam Proctoring - Schneier on Security]
#[https://arstechnica.com/information-technology/2020/11/researchers-find-way-to-revive-kaminskys-2008-dns-cache-poisoning-attack/ DNS cache poisoning, the Internet attack from 2008, is back from the dead]