Sorry for the missing posts the last couple of weeks, I need to figure out how to manage these weekly posts during travel periods. So this week will include a couple items from the missing weeks.
- The crack heard around the world… Researchers crack SSL encryption
- Operation Shadeyrat: Over 70 prominent organizations were attacked in an operation called ShadyRAT.
- Embarrassing loss of control for NBC News Twitter account
- Web App Attacks Rise, Disclosed Bugs Decline
- WAF/IPS news:
- Whither the WAF: (subscribers only) If you can get your hands on this report from Wendy Nather its a very good read about the possible future of the WAF market and assimilation from IPS and Firewall players.
- Trustwave starts pushing the benefits of their corporate sponsorship of ModSecurity.
- Managing The Risk Of Flaws In Third-Party Software: A great reminder of the risks of using 3rd party code. Not to say that it must be avoided, but always be aware. These examples dont even touch on 3rd party binaries (like dll’s or static .lib’s) which also avoid any testing by source code analysis tools.
- Not new, but Joe McCray posted the slides from his talks. Hes awesome in person, but even the slides are informative, including his APT Presentation.
Leave a Reply