F5 - Cloud Security Alliance News Clipping Site

Simon Willison’s Weblog: OpenAI Public Bug Bounty

Nov 14, 2024

—

by

Source URL: https://simonwillison.net/2024/Nov/14/openai-public-bug-bounty/ Source: Simon Willison’s Weblog Title: OpenAI Public Bug Bounty Feedly Summary: OpenAI Public Bug Bounty Reading this investigation of the security boundaries of OpenAI’s Code Interpreter environment helped me realize that the rules for OpenAI’s public bug bounty inadvertently double as the missing details for a whole bunch of different aspects of…

Bulletins: Vulnerability Summary for the Week of October 28, 2024

Nov 4, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.cisa.gov/news-events/bulletins/sb24-309 Source: Bulletins Title: Vulnerability Summary for the Week of October 28, 2024 Feedly Summary: High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Patch Info acnoo — flutter_api Authentication Bypass Using an Alternate Path or Channel vulnerability in Acnoo Acnoo Flutter API allows Authentication Bypass.This issue affects Acnoo Flutter API:…

Simon Willison’s Weblog: Everything I built with Claude Artifacts this week

Oct 21, 2024

—

by

system automation

in Uncategorized

Source URL: https://simonwillison.net/2024/Oct/21/claude-artifacts/#atom-everything Source: Simon Willison’s Weblog Title: Everything I built with Claude Artifacts this week Feedly Summary: I’m a huge fan of Claude’s Artifacts feature, which lets you prompt Claude to create an interactive Single Page App (using HTML, CSS and JavaScript) and then view the result directly in the Claude interface, iterating on…

The Register: US and UK govts warn: Russia scanning for your unpatched vulnerabilities

Oct 12, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/10/12/russia_is_targeting_you_for/ Source: The Register Title: US and UK govts warn: Russia scanning for your unpatched vulnerabilities Feedly Summary: Also, phishing’s easier over the phone, and your F5 cookies might be unencrypted, and more in brief If you need an excuse to improve your patching habits, a joint advisory from the US and UK…

Hacker News: Bug, $50K+ in bounties: how Zendesk left a backdoor in companies

Oct 12, 2024

—

by

system automation

in Uncategorized

Source URL: https://gist.github.com/hackermondev/68ec8ed145fcee49d2f5e2b9d2cf2e52 Source: Hacker News Title: Bug, $50K+ in bounties: how Zendesk left a backdoor in companies Feedly Summary: Comments AI Summary and Description: Yes Summary: The text narrates the journey of a young programmer discovering a significant security vulnerability in Zendesk, which could potentially expose sensitive customer support tickets for multiple Fortune 500…

Alerts: Best Practices to Configure BIG-IP LTM Systems to Encrypt HTTP Persistence Cookies

Oct 10, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.cisa.gov/news-events/alerts/2024/10/10/best-practices-configure-big-ip-ltm-systems-encrypt-http-persistence-cookies Source: Alerts Title: Best Practices to Configure BIG-IP LTM Systems to Encrypt HTTP Persistence Cookies Feedly Summary: CISA has observed cyber threat actors leveraging unencrypted persistent cookies managed by the F5 BIG-IP Local Traffic Manager (LTM) module to enumerate other non-internet facing devices on the network. F5 BIG-IP is a suite of hardware and…

Tag: F5

Simon Willison’s Weblog: OpenAI Public Bug Bounty

Bulletins: Vulnerability Summary for the Week of October 28, 2024

Simon Willison’s Weblog: Everything I built with Claude Artifacts this week

The Register: US and UK govts warn: Russia scanning for your unpatched vulnerabilities

Hacker News: Bug, $50K+ in bounties: how Zendesk left a backdoor in companies

Alerts: Best Practices to Configure BIG-IP LTM Systems to Encrypt HTTP Persistence Cookies