From Security Weekly Wiki
Revision as of 21:37, 2 January 2020 by Paul Asadoorian (talk | contribs)
Jump to navigationJump to search
  1. InfoSec Handlers Diary Blog - Here is a sample that I spotted two days ago. It’s an interesting one because it’s a malware that implements ransomware features developed in Node.js[1]! The stage one is not obfuscated and I suspect the script to be a prototype or a test…
  2. Hacking Git Directories - First, make sure your build process is not deploying this folder. Second, configure your web server not to serve files from the .git directory, ever. Do both, then build a test to make sure someone has not opened this exposure. This is a well-known and basic security hygiene thing.
  3. Critical Citrix Bug Puts 80,000 Corporate LANs at Risk - No details yey, but: Digital workspace and enterprise networks vendor Citrix has announced a critical vulnerability in the Citrix Application Delivery Controller (ADC) and Citrix Gateway. If exploited, it could allow unauthenticated attackers to gain remote access to a company’s local network and carry out arbitrary code execution.
  4. The Coolest Hacks of 2019 - My favorite from this list: Researcher Matthew Wixey calls them acoustic cyber weapons: the PWC UK researcher wrote custom malicious code that forces Bluetooth and Wi-Fi-connected embedded speakers to emit painfully high-volume sound or even high intensity and inaudible frequency sounds that can possibly produce destructive sound levels to the speakers - and to the ear.
  5. 2020 Cybersecurity Trends to Watch - I hate slide shows in posts. This article is not all that useful. What are we watching? What is a trend?
  6. 7 Tips for Maximizing Your SOC
  7. The Most Dangerous People on the Internet This Decade
  8. Ethics and Encryption
  9. Mysterious Drones are Flying over Colorado - Schneier on Security
  10. Critical Vulnerabilities Impact Ruckus Wi-Fi Routers | SecurityWeek.Com
  11. Cisco DCNM Users Warned of Serious Vulnerabilities | SecurityWeek.Com