From Security Weekly WikiJump to navigationJump to search
- Cybercriminals Could be Coming After Your Coffee - From the article: When it comes to whether you should get an IoT device or not, the general rule is to first ask yourself this question: Do I really need my light bulb/coffee pot/washing machine/doorbell/other household items to be smart? The real question is "When will I no longer have a choice?".
- JWT Tokens: The What, How, and Why - This helped me understand things: The main difference to notice here is that with cookies, the information is stored server-side, while with JWT, since the information is stored in the actual token, the information is stored client-side. Since the server doesn’t need to remember anything, this simplifies things a lot, especially when working with multiple servers and having different sessions. Some JWT attacks rely on poor key management....
- Attackers finding new ways to exploit and bypass Office 365 defenses - Help Net Security - Oh, all we need is Zero Trust: Zero-trust email: Adhere to a zero-trust-email approach, which should serve as a baseline for an email security strategy. All email, especially ongoing interactions with external partners and suppliers, should be considered areas of compromise.
- Oracle VM VirtualBox Buffer Overflow - A buffer overflow vulnerability in Oracle VM VirtualBox was privately reported to Oracle on September 22, 2020 and was silently patched in VM VirtualBox version 6.1.16r140961. Not-so-silent (though no exploit example was provided, I didn't look further).
- Microsoft IE Browser Death March Hastens - Most users are running Chrome, Chrome has plenty of vulnerabilities, do we need IE any longer?
- 78% of Microsoft 365 admins don't activate MFA - Help Net Security - 99% is a lot... According to SANS, 99% of data breaches can be prevented using MFA. This is a huge security risk, particularly during a time when so many employees are working remotely.
- Humans are Bad at URLs and Fonts Dont Matter - This is why you need more than awareness training.
- Hackers Can Open Doors by Exploiting Vulnerabilities in Hrmann Device | SecurityWeek.Com - In one attack scenario described by SEC Consult for SecurityWeek, an attacker who is able to connect to the local network can open doors connected to the Hörmann gateway by executing a small script. The attack does not require authentication and it can be conducted from a mobile phone.
- URL and website scanner - urlscan.io
- Over 100 irrigation systems left exposed online without protection
- Microsoft Introduces New Password Spray Detection for Azure | SecurityWeek.Com
- Anonymous Authentication: How to Secure Public APIs
- Back to the future: What the Jericho Forum taught us about modern security - Microsoft Security - Truth: While it’s tempting to think “but it’s just safer if we block it entirely”, beware of this dangerous fallacy. Users today control how they work and they will find a way to work in a modern way, even if they must use devices and cloud services completely outside the control of IT and security departments. Additionally, attackers are adept at infiltrating approved communication channels that are supposed to be safe (legitimate websites, DNS (Domain Name Servers) traffic, email, etc.).
- Nagios XI 5.7.3 Remote Command Injection
- StackRox Releases Open Source Tool for Finding Kubernetes Misconfigurations | SecurityWeek.Com
- Can automated penetration testing replace humans? - Help Net Security - The speed of the test and reporting is many magnitudes faster, and the reports are actually surprisingly readable (after verifying with some QSA’s, they will also pass the various PCI DSS pentesting requirements). and The second advantage is the entry point. A human pentester may be given a specific entry point into your network, while an automated pentesting tool can run the same pen test multiple times from different entry points to uncover vulnerable vectors within your network and monitor various impact scenarios depending on the entry point..
- KashmirBlack Botnet Hijacks Thousands of Sites Running On Popular CMS Platforms
- Oracle WebLogic Server RCE Flaw Under Active Attack - Love this: “At this point, we are seeing the scans slow down a bit,” said Ullrich in a Thursday post. “But they have reached ‘saturation’ meaning that all IPv4 addresses have been scanned for this vulnerability. If you find a vulnerable server in your network: Assume it has been compromised.”
- Tracking Users on Waze - Schneier on Security
- Microsoft Introduces Device Vulnerability Report in Defender for Endpoint | SecurityWeek.Com
- Redirect Detective - Discover where those redirects really go to
- Hackers may have been of its time, but it was also ahead of it