-
This Week in Cyber November 2020 Week 4
Sunday, November 29, 2020
November 2020 Week 4 2FA Bypass Discovered in Web Hosting Software cPanel cPanel is a popular web hosting control panel (hence the name “cPanel”). Essentially cPanel provides a clean, easy to use, GUI to simply the web hosting process. A simple shodan.io query will show just how wide used this service is with over 550,000 results showing cPanel in use. This 2 Factor Authentication bypass was discovered on cPanel version 11.…more
-
This Week in Cyber November 2020 Week 2
Sunday, November 15, 2020
November 2020 Week 2 Open-source Tool Checks for Data Leakage From AI Systems ML Privacy Meter is a Python library that enables quantifying the privacy risks of machine learning models. Developed by National University of Singapore’s School of Computing Assistant Professor Reza Shokri and team; this project has very much sparked my interest. Checkpoint Releases 2021 Security Predictions Checkpoint provides an interesting perspective on securing the ‘next normal’ - This report covers it all from 5G to IoT to Covid-19.…more
-
This Week in Cyber October 2020 Week 4
Sunday, November 1, 2020
October 2020 Week 4 Vendors Lead to Breaches? Great article about the affect of vendors and 3rd party partners on organizations cyber health. Using data collected by Opinion Matters on behalf of Blue Voyant 80% of organizations have suffered a 3rd party related breach in the past 12 months. This article furthers the conversation around vendor reliance and the need for companies to either home-grow or develop a strict monitoring / auditing process for partners who touch data (which, they almost all certainly do)…more
-
This Week in Cyber October 2020 Week 3
Sunday, October 25, 2020
October 2020 Week 3 CONTINUOUS MONITORING FOR CONTROLS & VULNERABILITIES - DANIEL MIESSLER I started listening to the Cloud Security Podcast this past month. Great digestible interviews with security professionals from different fields. This episode really caught my attention when they discussed bug bounty hunters using a continuous monitoring technique involving favicon hashes. What’s a favicon: A favicon is the tiny logo you see in the tab section of your browser.…more