From Security Weekly WikiJump to navigationJump to search
- DOMOS 5.8 - OS Command Injection demonstrates that even a hardened OS is only a semi-colon away from being compromised due to misuse and mistake.
- Teltonika Gateway TRB245 Multiple Vulnerabilities demonstrates how far we still have to go to stamp out SSRF, XSS, CSRF, and (our favorite) directory traversal.
- 4G, 5G networks could be vulnerable to exploit due to ‘mishmash’ of old technologies demonstrates how mismatched security assumptions and barriers make mixed-protocol networks hard to protect. From a Black Hat Asia presentation.
- Code scanning is now available! and demonstrates the success Microsoft is having with incorporating their acquisition of Semmle into GitHub.
- Announcing the launch of the Android Partner Vulnerability Initiative demonstrates the expansion of Google's security attention to its Android supply chain.
- Introducing API Shield demonstrates how important API traffic is to all the apps we use.