From Security Weekly Wiki
Jump to navigationJump to search


  1. Not all cyberattacks are created equal: What researchers learned from 103 'extreme' events - The global 2017 NotPetya attack heavily skewed that figure, accounting for 20 percent of the losses by itself.
  2. Rapid7 Metasploit Framework msfvenom APK Template Command Injection - Irony: This Metasploit module exploits a command injection vulnerability in Metasploit Framework's msfvenom payload generator when using a crafted APK file as an Android payload template. Affected includes Metasploit Framework versions 6.0.11 and below and Metasploit Pro versions 4.18.0 and below.
  3. The Sad State of Two-Factor Authentication in U.S. Banking
  4. Container Security Threats
  5. The Security Failures of Online Exam Proctoring - Schneier on Security
  6. DNS cache poisoning, the Internet attack from 2008, is back from the dead
  7. Google patches two more Chrome zero-days | ZDNet
  8. The Term "Threat Intelligence" is Poisoned. It Does Not Mean What You Think it Means. | SecurityWeek.Com
  9. Bugs in Critical Infrastructure Gear Allow Sophisticated Cyberattacks
  10. Yantra Manav A wormable SSH bot
  11. SaltStack Salt REST API Arbitrary Command Execution
  12. Microsoft advises users to stop using SMS- and voice-based MFA - Help Net Security
  13. The alleged decompiled source code of Cobalt Strike toolkit leaked online
  14. How to get root on Ubuntu 20.04 by pretending nobodys /home - GitHub Security Lab
  15. Decrypting OpenSSH sessions for fun and profit
  16. This new malware wants to add your Linux servers and IoT devices to its botnet | ZDNet
  17. Mysterious Bugs Were Used to Hack iPhones and Android Phones and No One Will Talk About It
  18. Computer Scientists Achieve Crown Jewel of Cryptography