A new vulnerability impacting AMD’s line of Zen 2 processors — which includes popular CPUs like the budget-friendly Ryzen 5 3600 — has been discovered that can be exploited to steal sensitive data like passwords and encryption keys. Google security researcher Tavis Ormandy disclosed the “Zenbleed” bug (filed as...
Recommended AppSec conferences in Europe?
cross-posted from: infosec.pub/post/8123190...
[tl;dr sec] #215 - Cloud Threat Landscape, Web LLM Security Labs, Azure Logs Primer (tldrsec.com)
Signing Requests using RSA Keys (www.zaproxy.org)
Stir Trek 2024: Call for Speakers (sessionize.com)
We Must Consider Software Developers a Key Part of the Cybersecurity Workforce (www.cisa.gov)
OWASP Foundation - 2024 Global AppSec Lisbon Call for Trainers (owasp.submittable.com)
[tl;dr sec] #213 - AWS Secure Defaults, Damn Vulnerable LLM Agent, cdk-goat (tldrsec.com)
Reasonable 🔐AppSec #33 - Signing Off '23 with a Bang: Five Security Articles, AppSec New Year's Resolutions, and Podcast Corner (appsec.beehiiv.com)
Trustwave Transfers ModSecurity Custodianship to OWASP | OWASP Foundation (owasp.org)
'Networking' community is back
Thanks to Jerry for bringing this community back to life. I’ll be playing moderator for a while and may tweak the design a bit....
GitHub Copilot, Amazon Code Whisperer emit people's API keys (www.theregister.com)
Community review - OWASP Mobile Application Security risk assessment formula (mas.owasp.org)
OWASP Top 10 for LLMs (v1.0) (owasp.org)
AMD ‘Zenbleed’ bug can leak passwords from Ryzen CPUs (www.theverge.com)
A new vulnerability impacting AMD’s line of Zen 2 processors — which includes popular CPUs like the budget-friendly Ryzen 5 3600 — has been discovered that can be exploited to steal sensitive data like passwords and encryption keys. Google security researcher Tavis Ormandy disclosed the “Zenbleed” bug (filed as...
New OpenSSH Vulnerability Exposes Linux Systems to Remote Command Injection (thehackernews.com)
Norway government ministries hit by cyber attack (www.reuters.com)
cross-posted from: lemmy.capebreton.social/post/82259...
Kevin Mitnick Obituary - Las Vegas, NV (www.dignitymemorial.com)
RIP
Google Cloud Build bug lets hackers launch supply chain attacks (www.bleepingcomputer.com)
Exploiting XSS in hidden inputs and meta tags (portswigger.net)
Training Tuesday - Discussions for certs, training and learning-at-home
Weekly thread to discuss industry certifications, trainings and other courses/learning. Ask questions, share your experiences and help others!
Feedback open until 31 of August for CVSS 4.0 (www.first.org)