Changes

From Security Weekly Wiki
Jump to navigationJump to search
Created page with "* Zoom is gaining lots of attention for [https://www.csoonline.com/article/3535789/weakness-in-zoom-for-macos-allows-local-attackers-to-hijack-camera-and-microphone.html flaws..."
* Zoom is gaining lots of attention for [https://www.csoonline.com/article/3535789/weakness-in-zoom-for-macos-allows-local-attackers-to-hijack-camera-and-microphone.html flaws] and serves as a good exercise in threat modeling and communicating security trade-offs.
* [https://www.vpnmentor.com/blog/report-keyring-leak/ Report: Popular Digital Wallet Exposes Millions to Risk in Huge Data Leak] from the usual suspect of an S3 bucket for an unusual amount of sensitive data.
* [https://www.zdnet.com/article/12k-android-apps-contain-master-passwords-secret-access-keys-secret-commands/ 12k+ Android apps contain master passwords, secret access keys, secret commands] in not-so-secret client-side code identified by a research tool [https://panda.moyix.net/~moyix/papers/inputscope_oakland20.pdf Inputscope].
* [https://nakedsecurity.sophos.com/2020/04/03/zombie-windows-win32k-bug-reanimated-by-researcher/ ‘Zombie’ Windows win32k bug reanimated by researcher] with a new bug class for an ancient library.
* [https://www.microsoft.com/security/blog/2020/04/02/attack-matrix-kubernetes/ Attack matrix for Kubernetes] for planning your product security focus.
* [https://www.darkreading.com/cloud/want-to-improve-cloud-security-it-starts-with-logging/a/d-id/1337383 Want to Improve Cloud Security? It Starts with Logging] and a set of questions to make logging effective.
215

edits

Navigation menu