https://portswigger.net/daily-swig/upcoming-critical-openssl-update-prompts-feverish-speculation – the OpenSSL vulnerability that everyone will talk about!
https://www.ncsc.gov.uk/blog-post/so-long-thanks-for-all-the-bits – [Ben] Dr Ian Levy, who is probably the most influential cyber security person you’ve never heard of, is leaving the UK National Cyber Security Centre. I thought many of you might find his parting blog interesting and it speaks to many of the things we are trying to achieve at Sage – its very long so should probably be in the Book Club thread!
In case you missed our VR event yesterday:— DEF CON Groups VR Events (@DCGVR) October 30, 2022
"There’s Nothing Scary about Mental Health Threat Modelling" by @GyledC https://t.co/38zWRMFMZc
"The anatomy of UAC bypasses" by @yo_yo_yo_jbohttps://t.co/hQNIKu7WQv@defcongroups @defcon pic.twitter.com/w1tRehGqBs
[Prash] – DEFCON VR Security meet-up
https://www.bleepingcomputer.com/news/technology/internet-connectivity-worldwide-impacted-by-severed-eu-subsea-cables/ [Javan] – First the sabotage of Nord Stream 1&2 pipes, then the sabotage of the fiber cable for German train system, now the sabotage of subsea cables.
https://www.instagram.com/p/CjqCjsoOKed/?igshid=N2NmMDY0OWE= [Meer] Zoom! has more security issues
https://blog.cloudflare.com/making-phishing-defense-seamless-cloudflare-yubico/ [Sam H] – Cloudflare’s hardware key
I love that part of the Microsoft Security Score for Identity in Azure improves your score if you *don't* enforce password rotation, what a sign of the times! Who out there still works somewhere that forces rotation (because "reasons")? pic.twitter.com/a2yQQvNRpa— Troy Hunt (@troyhunt) October 6, 2022
https://www.linkedin.com/feed/update/urn:li:activity:6992478042673586176/ – [Luc] My new privacy peg.
Schneier’s blog for 15th of the month https://www.schneier.com/crypto-gram/archives/2022/1015.html
Last TL;DR https://tldrsec.com/blog/tldr-sec-156/