Difference between revisions of "Template:PSW674NewsPaulAsadoorian"

From Security Weekly Wiki
Jump to navigationJump to search
(Created page with "===Articles===")
 
(Added With Paul's Craptastic Python Script)
Line 1: Line 1:
 +
===Articles===
 +
#[https://www.cyberscoop.com/data-breach-cyentia-institute-extreme/ Not all cyberattacks are created equal: What researchers learned from 103 'extreme' events - CyberScoop]
 +
#[http://exploit.kitploit.com/2020/11/rapid7-metasploit-framework-msfvenom.html Rapid7 Metasploit Framework msfvenom APK Template Command Injection]
 +
#[https://medium.com/@andrewselig/the-sad-state-of-two-factor-authentication-in-u-s-banking-580b109fa2f3 The Sad State of Two-Factor Authentication in U.S. Banking]
 +
#[https://medium.com/oreillymedia/container-security-threats-38649261fb4f Container Security Threats]
 +
#[https://www.schneier.com/blog/archives/2020/11/the-security-failures-of-online-exam-proctoring.html The Security Failures of Online Exam Proctoring - Schneier on Security]
 +
#[https://arstechnica.com/information-technology/2020/11/researchers-find-way-to-revive-kaminskys-2008-dns-cache-poisoning-attack/ DNS cache poisoning, the Internet attack from 2008, is back from the dead]
 +
#[https://www.zdnet.com/article/google-patches-two-more-chrome-zero-days/ Google patches two more Chrome zero-days | ZDNet]
 +
#[https://www.securityweek.com/term-threat-intelligence-poisoned-it-does-not-mean-what-you-think-it-means The Term "Threat Intelligence" is Poisoned. It Does Not Mean What You Think it Means. | SecurityWeek.Com]
 +
#[https://threatpost.com/bugs-critical-infrastructure-gear-attacks/161164/ Bugs in Critical Infrastructure Gear Allow Sophisticated Cyberattacks]
 +
#[https://akijosberryblog.wordpress.com/2020/11/08/yantra-manav-a-wormable-ssh-bot/ Yantra Manav  A wormable SSH bot]
 +
#[http://exploit.kitploit.com/2020/11/saltstack-salt-rest-api-arbitrary.html SaltStack Salt REST API Arbitrary Command Execution]
 +
#[https://www.helpnetsecurity.com/2020/11/12/sms-voice-mfa/ Microsoft advises users to stop using SMS- and voice-based MFA - Help Net Security]
 +
#[https://securityaffairs.co/wordpress/110782/hacking/cobalt-strike-source-code.html The alleged decompiled source code of Cobalt Strike toolkit leaked online]
 +
#[https://securitylab.github.com/research/Ubuntu-gdm3-accountsservice-LPE How to get root on Ubuntu 20.04 by pretending nobodys /home - GitHub Security Lab]
 +
#[https://blog.fox-it.com/2020/11/11/decrypting-openssh-sessions-for-fun-and-profit/ Decrypting OpenSSH sessions for fun and profit]
 +
#[https://www.zdnet.com/article/this-new-malware-wants-to-add-your-linux-servers-and-iot-devices-to-its-botnet/ This new malware wants to add your Linux servers and IoT devices to its botnet | ZDNet]
 +
#[https://www.vice.com/en/article/xgzxmk/google-project-zero-bugs-used-to-hack-iphones-and-android-phones Mysterious Bugs Were Used to Hack iPhones and Android Phones and No One Will Talk About It]
 +
#[https://www.quantamagazine.org/computer-scientists-achieve-crown-jewel-of-cryptography-20201110/ Computer Scientists Achieve Crown Jewel of Cryptography]
 +
#[https://www.helpnetsecurity.com/2020/10/01/amazon-timestream/ AWS launches Amazon Timestream, a serverless time series database for IoT and operational applications - Help Net Security]
 +
#[https://threatpost.com/amazon-alexa-one-click-attack-can-divulge-personal-data/158297/ Amazon Alexa One-Click Attack Can Divulge Personal Data]
 +
#[https://www.zdnet.com/article/redcurl-cybercrime-group-has-hacked-companies-for-three-years/ RedCurl cybercrime group has hacked companies for three years | ZDNet]
 +
#[https://arstechnica.com/information-technology/2020/08/chinese-hackers-have-pillaged-taiwans-semiconductor-industry/ Chinese hackers have pillaged Taiwans semiconductor industry]
 +
#[https://medium.com/@veeralpatel/if-your-email-is-hacked-everything-is-47544aeee699 If your email is hacked, everything is]
 +
#[https://securityaffairs.co/wordpress/106978/breaking-news/teamviewer-flaw-system-password.html TeamViewer flaw can allow hackers to steal System password]
 +
#[https://threatpost.com/researcher-publishes-bypass-for-patch-for-vbulletin-0-day-flaw/158232/ Researcher Publishes Patch Bypass for vBulletin 0-Day]
 +
#[https://www.zdnet.com/article/adobe-tackles-critical-code-execution-vulnerabilities-in-acrobat-reader/ Adobe tackles critical code execution vulnerabilities in Acrobat, Reader | ZDNet]
 +
#[https://www.securityweek.com/windows-and-ie-zero-day-vulnerabilities-chained-powerfall-attacks Windows and IE Zero-Day Vulnerabilities Chained in 'PowerFall' Attacks | SecurityWeek.Com]
 +
#[https://www.darkreading.com/attacks-breaches/sans-security-training-firm-hit-with-data-breach/d/d-id/1338647 SANS Security Training Firm Hit with Data Breach]
 +
#[https://securityaffairs.co/wordpress/107076/hacking/attackers-control-23-tor-exit-nodes.html Threat actors managed to control 23% of Tor Exit nodes]
 +
#[https://www.helpnetsecurity.com/2020/08/13/most-security-pros-are-concerned-about-human-error-exposing-cloud-data/ Most security pros are concerned about human error exposing cloud data - Help Net Security]
 +
#[https://www.securityweek.com/stick-plan-until-it-not-longer-makes-sense Stick With The Plan Until It Not Longer Makes Sense | SecurityWeek.Com]
 +
#[https://www.darkreading.com/omdia/black-hat-usa-2020-shines-spotlight-on-the-mental-challenges-of-cybersecurity/a/d-id/1338658 Black Hat USA 2020 Shines Spotlight on the Mental Challenges of Cybersecurity]
 +
#[https://arstechnica.com/information-technology/2020/08/your-mobile-calls-may-be-vulnerable-to-a-new-revolting-eavesdrop-attack/ Hackers can eavesdrop on mobile calls with $7,000 worth of equipment]
 +
#[https://www.techrepublic.com/article/sans-cybersecurity-training-firm-suffers-data-breach-due-to-phishing-attack/ SANS cybersecurity training firm suffers data breach due to phishing attack]
 +
#[http://msrc-blog.microsoft.com/2020/07/02/solving-uninitialized-kernel-pool-memory-on-windows/ Solving Uninitialized Kernel Pool Memory on Windows - Microsoft Security Response Center]
 +
#[http://msrc-blog.microsoft.com/2020/05/13/solving-uninitialized-stack-memory-on-windows/ Solving Uninitialized Stack Memory on Windows - Microsoft Security Response Center]
 +
#[https://www.sans.org/blog/vulnerability-management-maturity-model/ Vulnerability Management Maturity Model | SANS Institute]
 +
#[https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbswitch-session-JZAS5jnY Cisco Small Business Smart and Managed Switches Session Management Vulnerability]
 +
#[https://news.hitb.org/content/hackers-are-exploiting-5-alarm-bug-networking-equipment Hackers Are Exploiting a 5-Alarm Bug in Networking Equipment]
 +
#[https://securityaffairs.co/wordpress/105547/security/talos-chrome-firefox-flaws.html Cisco Talos discloses technicals details of Chrome, Firefox flaws]
 +
#[https://www.zdnet.com/article/google-open-sources-tsunami-vulnerability-scanner/ Google open-sources Tsunami vulnerability scanner | ZDNet]
 +
#[https://securityaffairs.co/wordpress/105662/hacking/f5-big-ip-flaw-mitigation-bypass.html Threat actors found a way to bypass mitigation F5 BIG-IP CVE-2020-5902 flaw]
 +
#[https://www.schneier.com/blog/archives/2020/07/half_a_million.html Half a Million IoT Passwords Leaked - Schneier on Security]
 +
#[https://www.vice.com/en_us/article/qj43xq/cops-seize-blueleaks-ddosecrets-server Cops Seize Server that Hosted BlueLeaks, DDoSecrets Says]
 +
#[https://threatpost.com/notorious-hacker-fxmsp-outed/157275/ Notorious Hacker Fxmsp Outed After Widespread Access-Dealing]
 +
#[https://news.hitb.org/content/trump-administration-looking-ban-tiktok-other-chinese-apps Trump administration looking into ban on TikTok, other Chinese apps]
 +
#[https://www.securityweek.com/palo-alto-networks-patches-command-injection-vulnerabilities-pan-os Palo Alto Networks Patches Command Injection Vulnerabilities in PAN-OS | SecurityWeek.Com]
 +
#[https://isc.sans.edu/diary.html?storyid=26330 InfoSec Handlers Diary Blog]
 +
#[https://www.darkreading.com/vulnerabilities---threats/pen-testing-roi-how-to-communicate-the-value-of-security-testing/a/d-id/1338257 Pen Testing ROI: How to Communicate the Value of Security Testing]
 +
#[https://www.darkreading.com/vulnerabilities---threats/6-tips-for-getting-the-most-from-nessus/d/d-id/1338310 6 Tips for Getting the Most From Nessus]
 +
#[https://www.helpnetsecurity.com/2020/07/09/zoom-zero-day-windows/ Zoom zero-day flaw allows code execution on victim's Windows machine - Help Net Security]
 +
#[https://www.theregister.com/2020/07/09/separating_good_data_from_clutter/ How to build a cyber threat intelligence program while cutting through the noise]
 +
===Articles===
 +
===Articles===
 +
===Articles===
 +
===Articles===
 +
===Articles===
 +
===Articles===
 +
===Articles===
 +
===Articles===
 +
===Articles===
 
===Articles===
 
===Articles===

Revision as of 20:55, 12 November 2020

Articles

  1. Not all cyberattacks are created equal: What researchers learned from 103 'extreme' events - CyberScoop
  2. Rapid7 Metasploit Framework msfvenom APK Template Command Injection
  3. The Sad State of Two-Factor Authentication in U.S. Banking
  4. Container Security Threats
  5. The Security Failures of Online Exam Proctoring - Schneier on Security
  6. DNS cache poisoning, the Internet attack from 2008, is back from the dead
  7. Google patches two more Chrome zero-days | ZDNet
  8. The Term "Threat Intelligence" is Poisoned. It Does Not Mean What You Think it Means. | SecurityWeek.Com
  9. Bugs in Critical Infrastructure Gear Allow Sophisticated Cyberattacks
  10. Yantra Manav A wormable SSH bot
  11. SaltStack Salt REST API Arbitrary Command Execution
  12. Microsoft advises users to stop using SMS- and voice-based MFA - Help Net Security
  13. The alleged decompiled source code of Cobalt Strike toolkit leaked online
  14. How to get root on Ubuntu 20.04 by pretending nobodys /home - GitHub Security Lab
  15. Decrypting OpenSSH sessions for fun and profit
  16. This new malware wants to add your Linux servers and IoT devices to its botnet | ZDNet
  17. Mysterious Bugs Were Used to Hack iPhones and Android Phones and No One Will Talk About It
  18. Computer Scientists Achieve Crown Jewel of Cryptography
  19. AWS launches Amazon Timestream, a serverless time series database for IoT and operational applications - Help Net Security
  20. Amazon Alexa One-Click Attack Can Divulge Personal Data
  21. RedCurl cybercrime group has hacked companies for three years | ZDNet
  22. Chinese hackers have pillaged Taiwans semiconductor industry
  23. If your email is hacked, everything is
  24. TeamViewer flaw can allow hackers to steal System password
  25. Researcher Publishes Patch Bypass for vBulletin 0-Day
  26. Adobe tackles critical code execution vulnerabilities in Acrobat, Reader | ZDNet
  27. Windows and IE Zero-Day Vulnerabilities Chained in 'PowerFall' Attacks | SecurityWeek.Com
  28. SANS Security Training Firm Hit with Data Breach
  29. Threat actors managed to control 23% of Tor Exit nodes
  30. Most security pros are concerned about human error exposing cloud data - Help Net Security
  31. Stick With The Plan Until It Not Longer Makes Sense | SecurityWeek.Com
  32. Black Hat USA 2020 Shines Spotlight on the Mental Challenges of Cybersecurity
  33. Hackers can eavesdrop on mobile calls with $7,000 worth of equipment
  34. SANS cybersecurity training firm suffers data breach due to phishing attack
  35. Solving Uninitialized Kernel Pool Memory on Windows - Microsoft Security Response Center
  36. Solving Uninitialized Stack Memory on Windows - Microsoft Security Response Center
  37. Vulnerability Management Maturity Model | SANS Institute
  38. Cisco Small Business Smart and Managed Switches Session Management Vulnerability
  39. Hackers Are Exploiting a 5-Alarm Bug in Networking Equipment
  40. Cisco Talos discloses technicals details of Chrome, Firefox flaws
  41. Google open-sources Tsunami vulnerability scanner | ZDNet
  42. Threat actors found a way to bypass mitigation F5 BIG-IP CVE-2020-5902 flaw
  43. Half a Million IoT Passwords Leaked - Schneier on Security
  44. Cops Seize Server that Hosted BlueLeaks, DDoSecrets Says
  45. Notorious Hacker Fxmsp Outed After Widespread Access-Dealing
  46. Trump administration looking into ban on TikTok, other Chinese apps
  47. Palo Alto Networks Patches Command Injection Vulnerabilities in PAN-OS | SecurityWeek.Com
  48. InfoSec Handlers Diary Blog
  49. Pen Testing ROI: How to Communicate the Value of Security Testing
  50. 6 Tips for Getting the Most From Nessus
  51. Zoom zero-day flaw allows code execution on victim's Windows machine - Help Net Security
  52. How to build a cyber threat intelligence program while cutting through the noise

Articles

Articles

Articles

Articles

Articles

Articles

Articles

Articles

Articles

Articles