Difference between revisions of "Template:ASW110NewsMikeShema"

From Security Weekly Wiki
Jump to navigationJump to search
(Added By Paul's Craptastic PPWorks Code)
 
 
Line 1: Line 1:
 
===Articles===
 
===Articles===
 +
* [https://blog.talosintelligence.com/2020/06/vuln-spotlight-zoom-code-execution-june-2020.html Vulnerability Spotlight: Two vulnerabilities in Zoom could lead to code execution], but only one leads to my favorite: path traversal within their Giphy support.
 +
* [https://bhavukjain.com/blog/2020/05/30/zeroday-signin-with-apple/ Zero-day in Sign in with Apple] and [https://aaronparecki.com/2020/05/31/30/the-real-cause-of-the-sign-in-with-apple-zero-day The Real Cause of the Sign In with Apple Zero-Day] explain how a privacy-protecting step in an authentication flow and a mistaken assumption exposed users to account takeover.
 +
* [https://www.bleepingcomputer.com/news/apple/apple-pushes-fix-across-all-devices-for-unc0ver-jailbreak-flaw/ Apple pushes fix across ALL devices for “unc0ver” jailbreak flaw]
 +
* [https://www.csoonline.com/article/3300164/dont-abandon-that-domain-name.html Why abandoned domain names are so dangerous], especially in a world of cookie-based authentication, dependencies, and user-generated content.
 +
* [https://thenewstack.io/focus-on-speed-doesnt-mean-focus-on-automation/ Focus on Speed Doesn’t Mean Focus on Automation], but it shouldn't mean forgetting about testing and security, either.
 +
* [https://devops.com/whos-responsible-for-security-apparently-it-depends/ Who’s Responsible for Security? Apparently, It Depends] on how you read the [https://about.gitlab.com/developer-survey/ Mapping the DevSecOps Landscape 2020 Survey Results] from GitLab.

Latest revision as of 20:30, 7 June 2020

Articles