security vulnerability - Cloud Security Alliance News Clipping Site

Hacker News: Bug, $50K+ in bounties: how Zendesk left a backdoor in companies

Oct 12, 2024

—

by

Source URL: https://gist.github.com/hackermondev/68ec8ed145fcee49d2f5e2b9d2cf2e52 Source: Hacker News Title: Bug, $50K+ in bounties: how Zendesk left a backdoor in companies Feedly Summary: Comments AI Summary and Description: Yes Summary: The text narrates the journey of a young programmer discovering a significant security vulnerability in Zendesk, which could potentially expose sensitive customer support tickets for multiple Fortune 500…

Alerts: Best Practices to Configure BIG-IP LTM Systems to Encrypt HTTP Persistence Cookies

Oct 10, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.cisa.gov/news-events/alerts/2024/10/10/best-practices-configure-big-ip-ltm-systems-encrypt-http-persistence-cookies Source: Alerts Title: Best Practices to Configure BIG-IP LTM Systems to Encrypt HTTP Persistence Cookies Feedly Summary: CISA has observed cyber threat actors leveraging unencrypted persistent cookies managed by the F5 BIG-IP Local Traffic Manager (LTM) module to enumerate other non-internet facing devices on the network. F5 BIG-IP is a suite of hardware and…

The Register: Mozilla patches critical Firefox vuln that attackers are already exploiting

Oct 10, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/10/10/firefixed_mozilla_patches_critical_firefox/ Source: The Register Title: Mozilla patches critical Firefox vuln that attackers are already exploiting Feedly Summary: Firefixed: It’s maintenance time for low-complexity, high-impact security flaw It’s patch time for Firefox fans as Mozilla issues a security advisory for a critical code execution vulnerability in the browser.… AI Summary and Description: Yes Summary:…

The Register: NIST’s security flaw database still backlogged with 17K+ unprocessed bugs. Not great

Oct 2, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/10/02/cve_pileup_nvd_missed_deadline/ Source: The Register Title: NIST’s security flaw database still backlogged with 17K+ unprocessed bugs. Not great Feedly Summary: Logjam ‘hurting infosec processes world over’ one expert tells us as US body blows its own Sept deadline NIST has made some progress clearing its backlog of security vulnerability reports to process – though…

Hacker News: Ldd(1) and Untrusted Binaries (2023)

Sep 29, 2024

—

by

system automation

in Uncategorized

Source URL: https://jmmv.dev/2023/07/ldd-untrusted-binaries.html Source: Hacker News Title: Ldd(1) and Untrusted Binaries (2023) Feedly Summary: Comments AI Summary and Description: Yes Summary: This text highlights a significant security concern about the `ldd` command, which can run untrusted binaries and introduce vulnerabilities. The discussion emphasizes the importance of understanding tool behaviors in security contexts, particularly for professionals…

Tag: security vulnerability

Hacker News: Bug, $50K+ in bounties: how Zendesk left a backdoor in companies

Alerts: Best Practices to Configure BIG-IP LTM Systems to Encrypt HTTP Persistence Cookies

The Register: Mozilla patches critical Firefox vuln that attackers are already exploiting

The Register: NIST’s security flaw database still backlogged with 17K+ unprocessed bugs. Not great

Hacker News: Ldd(1) and Untrusted Binaries (2023)