Reasonable 🔐AppSec #33 - Signing Off '23 with a Bang: Five Security Articles, AppSec New Year's Resolutions, and Podcast Corner (appsec.beehiiv.com)
Norway government ministries hit by cyber attack (www.reuters.com) cross-posted from: lemmy.capebreton.social/post/82259...
Here’s MITRE’s top-25 CWE list — with your old vulnerability category favorites (www.reversinglabs.com)
Recommended AppSec conferences in Europe?
Hello everyone,...
[tl;dr sec] #215 - Cloud Threat Landscape, Web LLM Security Labs, Azure Logs Primer (tldrsec.com)
Signing Requests using RSA Keys (www.zaproxy.org)
We Must Consider Software Developers a Key Part of the Cybersecurity Workforce (www.cisa.gov)
Stir Trek 2024: Call for Speakers (sessionize.com)
[tl;dr sec] #213 - AWS Secure Defaults, Damn Vulnerable LLM Agent, cdk-goat (tldrsec.com)
Reasonable 🔐AppSec #33 - Signing Off '23 with a Bang: Five Security Articles, AppSec New Year's Resolutions, and Podcast Corner (appsec.beehiiv.com)
Trustwave Transfers ModSecurity Custodianship to OWASP | OWASP Foundation (owasp.org)
GitHub Copilot, Amazon Code Whisperer emit people's API keys (www.theregister.com)
Community review - OWASP Mobile Application Security risk assessment formula (mas.owasp.org)
New OpenSSH Vulnerability Exposes Linux Systems to Remote Command Injection (thehackernews.com)
Norway government ministries hit by cyber attack (www.reuters.com)
cross-posted from: lemmy.capebreton.social/post/82259...
Kevin Mitnick Obituary - Las Vegas, NV (www.dignitymemorial.com)
RIP
Google Cloud Build bug lets hackers launch supply chain attacks (www.bleepingcomputer.com)
Exploiting XSS in hidden inputs and meta tags (portswigger.net)
Why Authorization is Hard (www.osohq.com)
ChatGPT Hallucinations Open Developers to Supply Chain Malware Attacks (www.darkreading.com)
Feedback open until 31 of August for CVSS 4.0 (www.first.org)
Here’s MITRE’s top-25 CWE list — with your old vulnerability category favorites (www.reversinglabs.com)
OWASP Top 10 for LLMs - 0.5 (owasp.org)
Testing GraphQL APIs | Web Security Academy (portswigger.net)
XML Security in Java (semgrep.dev)