Difference between revisions of "Template:PSW672NewsPaulAsadoorian"

From Security Weekly Wiki
Jump to navigationJump to search
(Created page with "===Articles===")
 
(Added With Paul's Craptastic Python Script)
Line 1: Line 1:
 +
===Articles===
 +
#[https://www.darkreading.com/edge/theedge/cybercriminals-could-be-coming-after-your-coffee/b/d-id/1339263 Cybercriminals Could be Coming After Your Coffee]
 +
#[https://medium.com/better-programming/jwt-tokens-the-what-how-and-why-6ae3bad26661 JWT Tokens: The What, How, and Why]
 +
#[https://10.51.0.153/2020/10/26/exploit-and-bypass-office-365-defenses/ Attackers finding new ways to exploit and bypass Office 365 defenses - Help Net Security]
 +
#[http://exploit.kitploit.com/2020/10/oracle-vm-virtualbox-buffer-overflow.html Oracle VM VirtualBox Buffer Overflow]
 +
#[https://threatpost.com/ie-browser-death-march/160571/ Microsoft IE Browser Death March Hastens]
 +
#[https://www.helpnetsecurity.com/2020/10/27/activate-microsoft-365-mfa/ 78% of Microsoft 365 admins don't activate MFA - Help Net Security]
 +
#[https://www.troyhunt.com/humans-are-bad-at-urls-and-fonts-dont-matter/ Humans are Bad at URLs and Fonts Dont Matter]
 +
#[https://www.securityweek.com/hackers-can-open-doors-exploiting-vulnerabilities-h%C3%B6rmann-device Hackers Can Open Doors by Exploiting Vulnerabilities in Hrmann Device | SecurityWeek.Com]
 +
#[https://urlscan.io/ URL and website scanner - urlscan.io]
 +
#[https://securityaffairs.co/wordpress/110032/iot/irrigation-systems-exposed-online.html Over 100 irrigation systems left exposed online without protection]
 +
#[https://www.securityweek.com/microsoft-introduces-new-password-spray-detection-azure Microsoft Introduces New Password Spray Detection for Azure | SecurityWeek.Com]
 +
#[https://medium.com/swlh/anonymous-authentication-how-to-secure-public-apis-8f295f23dff2 Anonymous Authentication: How to Secure Public APIs]
 +
#[http://www.microsoft.com/security/blog/2020/10/28/back-to-the-future-what-the-jericho-forum-taught-us-about-modern-security/ Back to the future: What the Jericho Forum taught us about modern security - Microsoft Security]
 +
#[http://exploit.kitploit.com/2020/10/nagios-xi-573-remote-command-injection.html Nagios XI 5.7.3 Remote Command Injection]
 +
#[https://www.securityweek.com/stackrox-releases-open-source-tool-finding-kubernetes-misconfigurations StackRox Releases Open Source Tool for Finding Kubernetes Misconfigurations | SecurityWeek.Com]
 +
#[https://www.helpnetsecurity.com/2020/10/29/can-automated-penetration-testing-replace-humans/ Can automated penetration testing replace humans? - Help Net Security]
 +
#[https://thehackernews.com/2020/10/kashmirblack-botnet-hijacks-thousands.html KashmirBlack Botnet Hijacks Thousands of Sites Running On Popular CMS Platforms]
 +
#[https://threatpost.com/oracle-weblogic-server-rce-flaw-attack/160723/ Oracle WebLogic Server RCE Flaw Under Active Attack]
 +
#[https://www.schneier.com/blog/archives/2020/10/tracking-users-on-waze.html Tracking Users on Waze - Schneier on Security]
 +
#[https://www.securityweek.com/microsoft-introduces-device-vulnerability-report-defender-endpoint Microsoft Introduces Device Vulnerability Report in Defender for Endpoint | SecurityWeek.Com]
 +
#[https://redirectdetective.com/ Redirect Detective - Discover where those redirects really go to]
 +
#[https://film.avclub.com/hackers-may-have-been-of-its-time-but-it-was-also-ahea-1798230815 Hackers may have been of its time, but it was also ahead of it]
 +
#[https://www.helpnetsecurity.com/2020/10/01/amazon-timestream/ AWS launches Amazon Timestream, a serverless time series database for IoT and operational applications - Help Net Security]
 +
#[https://threatpost.com/amazon-alexa-one-click-attack-can-divulge-personal-data/158297/ Amazon Alexa One-Click Attack Can Divulge Personal Data]
 +
#[https://www.zdnet.com/article/redcurl-cybercrime-group-has-hacked-companies-for-three-years/ RedCurl cybercrime group has hacked companies for three years | ZDNet]
 +
#[https://arstechnica.com/information-technology/2020/08/chinese-hackers-have-pillaged-taiwans-semiconductor-industry/ Chinese hackers have pillaged Taiwans semiconductor industry]
 +
#[https://medium.com/@veeralpatel/if-your-email-is-hacked-everything-is-47544aeee699 If your email is hacked, everything is]
 +
#[https://securityaffairs.co/wordpress/106978/breaking-news/teamviewer-flaw-system-password.html TeamViewer flaw can allow hackers to steal System password]
 +
#[https://threatpost.com/researcher-publishes-bypass-for-patch-for-vbulletin-0-day-flaw/158232/ Researcher Publishes Patch Bypass for vBulletin 0-Day]
 +
#[https://www.zdnet.com/article/adobe-tackles-critical-code-execution-vulnerabilities-in-acrobat-reader/ Adobe tackles critical code execution vulnerabilities in Acrobat, Reader | ZDNet]
 +
#[https://www.securityweek.com/windows-and-ie-zero-day-vulnerabilities-chained-powerfall-attacks Windows and IE Zero-Day Vulnerabilities Chained in 'PowerFall' Attacks | SecurityWeek.Com]
 +
#[https://www.darkreading.com/attacks-breaches/sans-security-training-firm-hit-with-data-breach/d/d-id/1338647 SANS Security Training Firm Hit with Data Breach]
 +
#[https://securityaffairs.co/wordpress/107076/hacking/attackers-control-23-tor-exit-nodes.html Threat actors managed to control 23% of Tor Exit nodes]
 +
#[https://www.helpnetsecurity.com/2020/08/13/most-security-pros-are-concerned-about-human-error-exposing-cloud-data/ Most security pros are concerned about human error exposing cloud data - Help Net Security]
 +
#[https://www.securityweek.com/stick-plan-until-it-not-longer-makes-sense Stick With The Plan Until It Not Longer Makes Sense | SecurityWeek.Com]
 +
#[https://www.darkreading.com/omdia/black-hat-usa-2020-shines-spotlight-on-the-mental-challenges-of-cybersecurity/a/d-id/1338658 Black Hat USA 2020 Shines Spotlight on the Mental Challenges of Cybersecurity]
 +
#[https://arstechnica.com/information-technology/2020/08/your-mobile-calls-may-be-vulnerable-to-a-new-revolting-eavesdrop-attack/ Hackers can eavesdrop on mobile calls with $7,000 worth of equipment]
 +
#[https://www.techrepublic.com/article/sans-cybersecurity-training-firm-suffers-data-breach-due-to-phishing-attack/ SANS cybersecurity training firm suffers data breach due to phishing attack]
 +
#[http://msrc-blog.microsoft.com/2020/07/02/solving-uninitialized-kernel-pool-memory-on-windows/ Solving Uninitialized Kernel Pool Memory on Windows - Microsoft Security Response Center]
 +
#[http://msrc-blog.microsoft.com/2020/05/13/solving-uninitialized-stack-memory-on-windows/ Solving Uninitialized Stack Memory on Windows - Microsoft Security Response Center]
 +
#[https://www.sans.org/blog/vulnerability-management-maturity-model/ Vulnerability Management Maturity Model | SANS Institute]
 +
#[https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbswitch-session-JZAS5jnY Cisco Small Business Smart and Managed Switches Session Management Vulnerability]
 +
#[https://news.hitb.org/content/hackers-are-exploiting-5-alarm-bug-networking-equipment Hackers Are Exploiting a 5-Alarm Bug in Networking Equipment]
 +
#[https://securityaffairs.co/wordpress/105547/security/talos-chrome-firefox-flaws.html Cisco Talos discloses technicals details of Chrome, Firefox flaws]
 +
#[https://www.zdnet.com/article/google-open-sources-tsunami-vulnerability-scanner/ Google open-sources Tsunami vulnerability scanner | ZDNet]
 +
#[https://securityaffairs.co/wordpress/105662/hacking/f5-big-ip-flaw-mitigation-bypass.html Threat actors found a way to bypass mitigation F5 BIG-IP CVE-2020-5902 flaw]
 +
#[https://www.schneier.com/blog/archives/2020/07/half_a_million.html Half a Million IoT Passwords Leaked - Schneier on Security]
 +
#[https://www.vice.com/en_us/article/qj43xq/cops-seize-blueleaks-ddosecrets-server Cops Seize Server that Hosted BlueLeaks, DDoSecrets Says]
 +
#[https://threatpost.com/notorious-hacker-fxmsp-outed/157275/ Notorious Hacker Fxmsp Outed After Widespread Access-Dealing]
 +
#[https://news.hitb.org/content/trump-administration-looking-ban-tiktok-other-chinese-apps Trump administration looking into ban on TikTok, other Chinese apps]
 +
#[https://www.securityweek.com/palo-alto-networks-patches-command-injection-vulnerabilities-pan-os Palo Alto Networks Patches Command Injection Vulnerabilities in PAN-OS | SecurityWeek.Com]
 +
#[https://isc.sans.edu/diary.html?storyid=26330 InfoSec Handlers Diary Blog]
 +
#[https://www.darkreading.com/vulnerabilities---threats/pen-testing-roi-how-to-communicate-the-value-of-security-testing/a/d-id/1338257 Pen Testing ROI: How to Communicate the Value of Security Testing]
 +
#[https://www.darkreading.com/vulnerabilities---threats/6-tips-for-getting-the-most-from-nessus/d/d-id/1338310 6 Tips for Getting the Most From Nessus]
 +
#[https://www.helpnetsecurity.com/2020/07/09/zoom-zero-day-windows/ Zoom zero-day flaw allows code execution on victim's Windows machine - Help Net Security]
 +
#[https://www.theregister.com/2020/07/09/separating_good_data_from_clutter/ How to build a cyber threat intelligence program while cutting through the noise]
 +
===Articles===
 +
===Articles===
 +
===Articles===
 +
===Articles===
 +
===Articles===
 +
===Articles===
 +
===Articles===
 +
===Articles===
 +
===Articles===
 
===Articles===
 
===Articles===

Revision as of 18:22, 29 October 2020

Articles

  1. Cybercriminals Could be Coming After Your Coffee
  2. JWT Tokens: The What, How, and Why
  3. Attackers finding new ways to exploit and bypass Office 365 defenses - Help Net Security
  4. Oracle VM VirtualBox Buffer Overflow
  5. Microsoft IE Browser Death March Hastens
  6. 78% of Microsoft 365 admins don't activate MFA - Help Net Security
  7. Humans are Bad at URLs and Fonts Dont Matter
  8. Hackers Can Open Doors by Exploiting Vulnerabilities in Hrmann Device | SecurityWeek.Com
  9. URL and website scanner - urlscan.io
  10. Over 100 irrigation systems left exposed online without protection
  11. Microsoft Introduces New Password Spray Detection for Azure | SecurityWeek.Com
  12. Anonymous Authentication: How to Secure Public APIs
  13. Back to the future: What the Jericho Forum taught us about modern security - Microsoft Security
  14. Nagios XI 5.7.3 Remote Command Injection
  15. StackRox Releases Open Source Tool for Finding Kubernetes Misconfigurations | SecurityWeek.Com
  16. Can automated penetration testing replace humans? - Help Net Security
  17. KashmirBlack Botnet Hijacks Thousands of Sites Running On Popular CMS Platforms
  18. Oracle WebLogic Server RCE Flaw Under Active Attack
  19. Tracking Users on Waze - Schneier on Security
  20. Microsoft Introduces Device Vulnerability Report in Defender for Endpoint | SecurityWeek.Com
  21. Redirect Detective - Discover where those redirects really go to
  22. Hackers may have been of its time, but it was also ahead of it
  23. AWS launches Amazon Timestream, a serverless time series database for IoT and operational applications - Help Net Security
  24. Amazon Alexa One-Click Attack Can Divulge Personal Data
  25. RedCurl cybercrime group has hacked companies for three years | ZDNet
  26. Chinese hackers have pillaged Taiwans semiconductor industry
  27. If your email is hacked, everything is
  28. TeamViewer flaw can allow hackers to steal System password
  29. Researcher Publishes Patch Bypass for vBulletin 0-Day
  30. Adobe tackles critical code execution vulnerabilities in Acrobat, Reader | ZDNet
  31. Windows and IE Zero-Day Vulnerabilities Chained in 'PowerFall' Attacks | SecurityWeek.Com
  32. SANS Security Training Firm Hit with Data Breach
  33. Threat actors managed to control 23% of Tor Exit nodes
  34. Most security pros are concerned about human error exposing cloud data - Help Net Security
  35. Stick With The Plan Until It Not Longer Makes Sense | SecurityWeek.Com
  36. Black Hat USA 2020 Shines Spotlight on the Mental Challenges of Cybersecurity
  37. Hackers can eavesdrop on mobile calls with $7,000 worth of equipment
  38. SANS cybersecurity training firm suffers data breach due to phishing attack
  39. Solving Uninitialized Kernel Pool Memory on Windows - Microsoft Security Response Center
  40. Solving Uninitialized Stack Memory on Windows - Microsoft Security Response Center
  41. Vulnerability Management Maturity Model | SANS Institute
  42. Cisco Small Business Smart and Managed Switches Session Management Vulnerability
  43. Hackers Are Exploiting a 5-Alarm Bug in Networking Equipment
  44. Cisco Talos discloses technicals details of Chrome, Firefox flaws
  45. Google open-sources Tsunami vulnerability scanner | ZDNet
  46. Threat actors found a way to bypass mitigation F5 BIG-IP CVE-2020-5902 flaw
  47. Half a Million IoT Passwords Leaked - Schneier on Security
  48. Cops Seize Server that Hosted BlueLeaks, DDoSecrets Says
  49. Notorious Hacker Fxmsp Outed After Widespread Access-Dealing
  50. Trump administration looking into ban on TikTok, other Chinese apps
  51. Palo Alto Networks Patches Command Injection Vulnerabilities in PAN-OS | SecurityWeek.Com
  52. InfoSec Handlers Diary Blog
  53. Pen Testing ROI: How to Communicate the Value of Security Testing
  54. 6 Tips for Getting the Most From Nessus
  55. Zoom zero-day flaw allows code execution on victim's Windows machine - Help Net Security
  56. How to build a cyber threat intelligence program while cutting through the noise

Articles

Articles

Articles

Articles

Articles

Articles

Articles

Articles

Articles

Articles