security logo

Security Stack Sheet October 2022

News

https://portswigger.net/daily-swig/upcoming-critical-openssl-update-prompts-feverish-speculation – the OpenSSL vulnerability that everyone will talk about!

https://www.ncsc.gov.uk/blog-post/so-long-thanks-for-all-the-bits – [Ben] Dr Ian Levy, who is probably the most influential cyber security person you’ve never heard of, is leaving the UK National Cyber Security Centre. I thought many of you might find his parting blog interesting and it speaks to many of the things we are trying to achieve at Sage – its very long so should probably be in the Book Club thread!

[Prash] – DEFCON VR Security meet-up 

https://www.bleepingcomputer.com/news/technology/internet-connectivity-worldwide-impacted-by-severed-eu-subsea-cables/ [Javan] – First the sabotage of Nord Stream 1&2 pipes, then the sabotage of the fiber cable for German train system, now the sabotage of subsea cables.

https://research.nccgroup.com/2022/10/17/toner-deaf-printing-your-next-persistence-hexacon-2022/ [Sam H] Cool!

https://www.instagram.com/p/CjqCjsoOKed/?igshid=N2NmMDY0OWE= [Meer] Zoom! has more security issues

https://www.bleepingcomputer.com/news/security/toyota-discloses-data-leak-after-access-key-exposed-on-github/ [Sam H]

https://blog.cloudflare.com/making-phishing-defense-seamless-cloudflare-yubico/ [Sam H] – Cloudflare’s hardware key

 [Dave]

https://www.linkedin.com/feed/update/urn:li:activity:6992478042673586176/ – [Luc] My new privacy peg. 

Dont’ miss

Schneier’s blog for 15th of the month https://www.schneier.com/crypto-gram/archives/2022/1015.html 

Last AppSec Ezine https://github.com/Simpsonpt/AppSecEzine/blob/master/Ezines/454 – AppSec Ezine 

Last TL;DR https://tldrsec.com/blog/tldr-sec-156/ 

CloudSecList https://cloudseclist.com/issues/issue-161/ 


Posted

in

by

Tags:

Comments

One response to “Security Stack Sheet October 2022”

Leave a Reply

Your email address will not be published. Required fields are marked *