From Security Weekly WikiJump to navigationJump to search
- There's a hole in the boot that breaks the root of trust needed by systems to attest to their integrity.
- OkCupid Security Flaw Threatens Intimate Dater Details is a story about XSS meets mobile, mobile meets Same Origin Policy, accounts meet threat models.
- Florida teen charged as “mastermind” in Twitter hack hitting Biden, Bezos, and others, which we only revisit to highlight that threat modeling should focus on the "what" and "how" rather than "who" might attack a system.
- Sandboxing and Workload Isolation talks through a brief history of protecting workloads and what effective modern techniques are evolving to.
- Microsoft to remove all SHA-1 Windows downloads next week, which is either small news for the prepared or a surprise for the supply chain stragglers.