by Bill Sempf
12. May 2019 08:56
If you have been in my classes, you know that I often point to weev as my example for why not to hack live sites. Well, now I have a new example.
https://thehackernews.com/2019/05/israel-hamas-hacker-airstrikes.html
DHS is putting a 15 day deadline on all critical patches. Maybe that Windows NT4SP2 box will get a little sumpn sumpn, huh?
https://thehackernews.com/2019/05/dhs-patch-vulnerabilities.html
The Google CTF is coming up in a month or so. Start doing those ZAP pushups.
https://security.googleblog.com/2019/05/google-ctf-2019-is-here.html
El Reg has a great article on the latest (of many) SQLite RCE flaws.
https://www.theregister.co.uk/2019/05/10/sqlite_rce_vuln/
Y'all know that cryptography is not my best subject, but this is important. SHA1 is now provably just as broken as MD5, so start scrubbing it from codebases, except in cases like HMAC.
https://eprint.iacr.org/2019/459
That's the news!
aa265b26-63a0-4ad6-b5d2-4901cced1b9c|0|.0|96d5b379-7e1d-4dac-a6ba-1e50db561b04
Tags:
Subscribe