It’s a 9.8 on the 10-point #CVSS scale.
— @Richi 🤓 Jennings (@RiCHi) January 13, 2023
In today’s #SBBlogwatch, we’re surprised it’s not a perfect 10.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/1SAdehYj9Z
Friday, 13 January 2023
Yikes, Control Web Panel has Critical RCE — Patch NOW - Security Boulevard
CWP RCE CVE POC BBQ: Linanto’s popular web hosting control panel, CWP, has a nasty flaw. It’s easily exploitable—in fact, it’s being exploited right now.
Thursday, 12 January 2023
FAA Ground Stop due to Technical Debt? | Don’t Do DIY Crypto! - DevOps.com
The moral of the story: Don’t settle for what life gives you—make life better and build something
In this week’s #TheLongView:
— @Richi 🤓 Jennings (@RiCHi) January 12, 2023
1⃣ The @FAANews’s #NOTAM database gets corrupted, and
2⃣ @ThreemaApp shows why DIY #cryptography is bad.
At @TechstrongGroup’s @DevOpsDotCom: https://t.co/3rMIcrbWTg #DevOps #crypto #TechicalDebt
Wednesday, 11 January 2023
If you don't love me now: JsonWebToken breaks the software supply chain (again) - ReversingLabs
JWT type confusion: Yes, here’s another example of the risks in uncontrolled software supply chains. This npm library is relied upon by countless apps and services — perhaps yours.
3/ The bug’s been fixed by @Auth0, after the #vulnerability was disclosed responsibly by @Unit42_intel.
— @Richi 🤓 Jennings (@RiCHi) January 11, 2023
In this week’s #SSBlogwatch we worry for people who don’t update.
For @ReversingLabs’ @SecuredSoftware: https://t.co/iBhPMnKOPO
Tuesday, 10 January 2023
Digital License Plates: Stupid, Pointless, Insecure - Security Boulevard
The ‘S’ in IoT is for Security: Reviver’s Rplate digital license plates are inherently insecure: Their design seems to be riddled with privacy holes, given the apparent lack of API security, which is easily defeated.
3/ It’s another silly #SiliconValley digitalization disaster.
— @Richi 🤓 Jennings (@RiCHi) January 10, 2023
In today’s #SBBlogwatch, we pity the fool.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/N7hzzSzUUZ #IoT #Rplate
Monday, 9 January 2023
CES 2023 FAIL: Worst in Show for Security and Privacy - Security Boulevard
This Happened in Vegas — it Should Stay in Vegas: The Consumer Electronics Show wrapped up yesterday. But some vendors faced stiff criticism over their privacy and security stances.
3/ This is the way.
— @Richi 🤓 Jennings (@RiCHi) January 9, 2023
In today’s #SBBlogwatch, we feel #fabulous.
At @TechstrongGroup’s @SecurityBlvd: https://t.co/D6tS8QhzMo
Subscribe to:
Posts (Atom)