Weekly Udpate 164

Discussion in 'News Aggregator' started by Troy Hunt, 10 Nov 2019 at 4:03 PM.

  1. Troy Hunt

    Troy Hunt Guest

    Presently sponsored by: Varonis. Free Video Course: 7 Hidden Office 365 Security Settings You Can Only Unlock with PowerShell

    [​IMG]
    It's a late, early in the day, hazy, bush-firey Aussie weekly update with a whole bunch of various bits and pieces of interest from throughout the week. The references below will give you a sense of how much I've jammed into this week so I won't repeat it all here in the intro, but I reckon it's a really interesting mix of different things across the industry. Enjoy

    [​IMG]
    [​IMG]
    [​IMG]
    [​IMG]
    References

    1. Nord has had a heap of credential stuffing attacks (or at least a heap of Pastebin entries with creds from attacks)
    2. Whilst it sucks for Nord, they do also have some accountability here (the FTC says that "businesses will no longer be able to play the victim-card")
    3. Veritas (DNA testing) had a breach (whilst DNA data wasn't breached, it begs the question - what would the impact be if it was?)
    4. Finally - free SSL on the Azure app service for custom domains! (non-apex domains only at present, but it's still preview for now so hopefully that's only a temporary restriction)
    5. Sectigo - seriously guys, WTF is this garbage about?! (just read it and shake your head...)
    6. LinkedIn now has a security.txt file! (if your site doesn't have one already, do it because it's free and it's awesome)
    7. Do HSTS from top to bottom or GTFO (this week's blog post was a perfect illustration of why you need it everywhere)
    8. Varonis. Free Video Course: 7 Hidden Office 365 Security Settings You Can Only Unlock with PowerShell
    [​IMG]

    Continue reading...
     
Loading...
  • About Us

    We are a community mixed with professionals and beginners with an interest in wireless security, auditing and pentesting. Feel free to check out and upload resources.


    You can also find us on: Twitter and Facebook

  • Donate to Us

    Did you find our forums useful? Feel free to donate Bitcoin to us using the form below. Those who donate the equivlent of $10 USD or more will be upgraded to VIP membership. Don't have Bitcoin? Use your credit card to GO VIP here. Don't want to fork out some coin? There are other ways to GO VIP. Bitcoin: 1LMTGSoTyJWXuy2mQkHfgMzD7ez74x1Z8K