Security Stack Sheet #104

Word of the Week

“Life Is Now a Game of Risk”

Understanding how the brain navigates this new reality can build confidence and empathy in everyday decision-making.

A picture containing indoor, table, bird Description automatically generated

In general, humans do very poorly with this kind of ambiguity. The less that’s known about a risk, the riskier it seems, and decisions are more fraught than they would be if all the facts were available. The exception to this rule is young adults

A picture containing knife Description automatically generated

Links HERE and HERE and cybercrime during covid HERE

Word of the Week Special

“Cancel culture”

An unhappy side effect of the digital age is “cancel culture.” Anyone with an attitude of moral superiority and a Twitter account can try to shut down an event where opinions he dislikes are likely to be spoken. For several years the National Association of Scholars has inveighed against this infantile form of protest, which undermines free expression of ideas and legitimate debate. Now the cancel caravan has arrived at our door.

Don’t do this to someone.

Nick Cave has said cancel culture is akin to “bad religion run amuck”.

Writing on his website, the Australian rock star suggested that political correctness has an “asphyxiating effect on the creative soul of a society”.

Image for post

“Cancel culture” is the term for when individuals or companies face swift public backlash and boycott over statements or actions perceived by some as offensive.

It “embodies all the worst aspects that religion has to offer”, said Cave.

Let’s cancel ‘cancel culture’

Links HERE and HERE and HERE and HERE and HERE and HERE and HERE and HERE and HERE

Bonus

A screenshot of a cell phone Description automatically generated

Link HERE

A screenshot of a cell phone Description automatically generated

Link HERE – thanks to TK

A picture containing knife, table Description automatically generated

Link HERE

A close up of a piece of paper Description automatically generated

Link HERE

DEPENDENCIES

A close up of a logo Description automatically generated

Crypto challenge of the week

[email protected] – Pizza Time

Here is a nice detailed write-up by Brett Buerhaus on solving a CTF challenge at the recent HackerOne HacktivityCon 2020.

The challenge included:

Finding and exploring an API vulnerability
Endpoint discovery
Server-Side Request Forgery (SSRF)
SQL injections
Cross-Site Scripting (XSS)

Link HERE

Dates

May 25th 2018: Over 2 years of GDPR Live! See incidents section below GDPR Enforce Tracker Link HERE – thanks to Marius
1st January 2020 – The California Consumer Privacy Act (CCPA) becomes effective Link HERE
Now: TLS1.2 mandatory for proper security HTTPS everywhere HERE
DO NOT DELAY TLS1.2 migration LATER THAN JUNE 2020 or A FEW THINGS WILL STOP WORKING! [Browsers, Office365, Cisco and many others]
January 2020 – Qualys SSLLabs will rate your TLS1.0 setup as B – Qualys will de-grade you HERE
June 2020 – Microsoft plans to deprecate TLS versions 1.0 and 1.1 in Office 365 and Office 365 GCC – HERE
31^st of December 2020 – Brexit Finalised?
1^st of July 20201 – Freedom from viruses?