You might be interested in …

Daily NCSC-FI news followup 2021-04-07

Microsoft’s Windows 10, Exchange, and Teams hacked at Pwn2Own www.bleepingcomputer.com/news/security/microsofts-windows-10-exchange-and-teams-hacked-at-pwn2own/ During the first day of Pwn2Own 2021, contestants won $440, 000 after successfully exploiting previously unknown vulnerabilities to hack Microsoft’s Windows 10 OS, the Exchange mail server, and the Teams communication platform. The first to fall was Microsoft Exchange in the Server category after the […]

Read More

Daily NCSC-FI news followup 2019-07-19

Security Lessons From a New Programming Language www.darkreading.com/application-security/security-lessons-from-a-new-programming-language/d/d-id/1335300?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple A security professional needed a secure language for IoT development. So he wrote his own, applying learned lessons about memory and resources in the process. It’s never good when ‘Magecart’ and ‘bulletproof’ appear in the same sentence, but here we are www.theregister.co.uk/2019/07/18/magecart_ukraine_hosting/ Researchers with security shop Malwarebytes […]

Read More

[SANS ISC] (Ab)Using Security Tools & Controls for the Bad, (Mon, Nov 8th)

All posts, Sans-ISC

As security practitioners, we give daily advices to our customers to increase the security level of their infrastructures. Install this tool, enable this feature, disable this  function, etc. When enabled, these techniques can also be (ab)used by attackers to perform nasty actions. PAM or Pluggable Authentication Modules[1] is an old authentication system that is around since […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.