lundi 11 avril 2016
MS13-082 - Critical: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Version: 1.2
via Microsoft Security Bulletins http://bit.ly/23yug4U
OSVDB: FIN
As of today, a decision has been made to shut down the Open Sourced Vulnerability Database (OSVDB), and will not return. We are not looking for anyone to offer assistance at this point, and it will not be resurrected in its previous form.This was not an easy decision, and several of us struggled for well […]
via OSVDB http://bit.ly/1VO3VgA
via OSVDB http://bit.ly/1VO3VgA
Libellés :
appsec,
appsecfr,
blog,
Feedly,
IFTTT,
lk,
Recently Read,
Saved for Later,
veille
WordPress sets up default HTTPS encryption for custom domains
WordPress has turned on HTTPS encryption for every custom domain hosted on WordPress.com. The publishing platform started working with the certificate authority Let's Encrypt to launch a beta rollout of HTTPS earlier this year.
via Latest articles from SC Magazine http://bit.ly/25Vm1lz
via Latest articles from SC Magazine http://bit.ly/25Vm1lz
Worldpay merchant portal allowed merchants to view customer card data
Worldpay's electronic payment gateway setup pages offer poor security seals on credit card details, according to a security researcher.
via Latest articles from SC Magazine http://bit.ly/1Q3njPC
via Latest articles from SC Magazine http://bit.ly/1Q3njPC
Malicious Chrome Extension Can Hijack Your Browser
via Hackers Online Club (HOC) http://bit.ly/25Vm1lo
INURLBR – Advanced Search Engine Tool
via Darknet – The Darkside http://bit.ly/1Q3nmer
Libellés :
appsec,
appsecfr,
blog,
devsec,
devsecfr,
Feedly,
hack,
IFTTT,
lk,
Recently Read,
Saved for Later,
veille
jeudi 7 avril 2016
Le hacking ça peut payer… légalement
Le hacking : « accès et maintien frauduleux dans un système de traitement automatisé de données » va changer. Le 21 janvier 2016, l’Assemblée nationale a adopté, en première lecture, un amendement contenu dans le projet de loi pour une République numérique visant à compléter l’article 323-1 du Code pénal, par un nouvel …
via Lexing Alain Bensoussan http://bit.ly/1MgY81e
via Lexing Alain Bensoussan http://bit.ly/1MgY81e
OWASP Releases Software Assurance Maturity Model (SAMM) Version 1.1 for Improving Software Security - PR Newswire (press release)
PR Newswire (press release) |
OWASP Releases Software Assurance Maturity Model (SAMM) Version 1.1 for Improving Software Security
PR Newswire (press release) BEL AIR, Md., March 16, 2016 /PRNewswire/ -- The OWASP Foundation today announced the next release of OWASP SAMM v1.1. The Software Assurance Maturity Model (SAMM) is an open OWASP framework to help organizations formulate and implement ... |
via #owasp - Google News http://bit.ly/22eJ4TD
Raising The Stakes For Application Security - Dark Reading
Raising The Stakes For Application Security
Dark Reading For example, protection against the OWASP Top 10 is a requirement for PCI DSS compliance. Once security people have “checked this box,” many think it's time to move on to the next problem. This is dangerous thinking, as the bad guys, our online ... |
via #owasp - Google News http://bit.ly/1MgY69I
Hardening Wordpress - ISBuzz News
ISBuzz News |
Hardening Wordpress
ISBuzz News That the CMS WordPress is a common choice in blog platforms everybody knows, but what we see is that this use most of the time is implemented with no security countermeasures (according to the OWASP Top Ten 2013 – The Ten Most Critical Web ... |
via #owasp - Google News http://bit.ly/1q8DRk3
Libellés :
appsec,
appsecfr,
blog,
Feedly,
IFTTT,
lk,
Recently Read,
Saved for Later,
veille
OWASP ZAP Receives Global Community Vote As Leading Security Tool - PR Newswire (press release)
OWASP ZAP Receives Global Community Vote As Leading Security Tool
PR Newswire (press release) BEL AIR, Md., April 4, 2016 /PRNewswire-USNewswire/ -- OWASP ZAP (Open Web Application Security Project Zed Attack Proxy) has been voted the most preferred open source testing tool for the second time in three years by users and readers of leading ... and more » |
via #owasp - Google News http://bit.ly/1MUsdDP
Libellés :
appsec,
appsecfr,
blog,
devsec,
devsecfr,
Feedly,
IFTTT,
lk,
Recently Read,
Saved for Later,
veille
Major Programming Languages Fail to Detect Revoked TLS Certificate - Security Intelligence (blog)
Security Intelligence (blog) |
Major Programming Languages Fail to Detect Revoked TLS Certificate
Security Intelligence (blog) Sucuri researchers decided to use these new languages and see what would still break by testing TLS. According to the blog, “all programming language implementations fail to check if a certificate is revoked,” which is a recognized OWASP vulnerability. |
via #owasp - Google News http://bit.ly/1q8DSo5
Libellés :
appsec,
appsecfr,
blog,
devsec,
devsecfr,
Feedly,
IFTTT,
lk,
Recently Read,
Saved for Later,
veille
Inscription à :
Articles (Atom)