One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 844001 |
| Date de publication | 2018-10-12 13:00:00 (vue: 2018-10-12 16:02:31) |
| Titre | Things I Hearted this Week, 12th October 2018 |
| Texte |
What is a Vulnerability?
The part that most people don’t seem to understand enough is that an attack only matters if something is at stake. A transaction of some sort needs to occur, otherwise it doesn’t matter if someone performs the particular attack against you.
When is a vulnerability not a vulnerability? | Medium, Tanya Janca
An Analysis of CVE-2018-0824
While we’re on the topic of vulnerabilities, I’ve said it before, but one of the best things that has come out from bug bounty programs is the writeups that sometimes follow which detail the thought process and the steps taken.
Similarly, it’s always insightful to see when security researchers not only create an exploit, but also spend some time analysing its patch and writing up how it works.
Marshalling to SYSTEM - An analysis of CVE-2018-0824 | Code White Sec
Visualising Your Threat Models
Do you struggle finding the right tool for threat model diagramming? Well, this may be the one for you, if your requirements match the ones of Michael where the app had to:
Support DFD and attack trees
Enjoyable and easy to us
Free and cross platform
Not web or ‘cloud’ based
Draw.IO for threat modeling | Michael Riksen
Brutal Blogging: Go for the Jugular
Ever wondered whether you should get into blogging? Ever started to write a blog but run out of ideas? Ever wonder why your blog post gets no love?
Well, fear not, because Kate Brew brings to you all these answers and more in her great DerbyCon 2018 talk
Brutal blogging: Go for the jugular | Youtube
Blockchain Eating its Greens?
Walmart Inc., in a letter to be issued Monday to suppliers, will require its direct suppliers of lettuce, spinach and other greens to join its food-tracking blockchain by Jan. 31. The retailer also will mandate that farmers, logistics firms and business partners of these suppliers join the blockchain by Sept. 30, 2019.
Walmart Requires Lettuce, Spinach Suppliers to Join Blockchain | Wall Street Journal
Do you Know What You’re Building?
Across the technology industry, rank-and-file employees are demanding greater insight into how their companies are deploying the technology that they built. At Google, Amazon, Microsoft and Salesforce, as well as at tech start-ups, engineers and technologists are increasingly asking whether the products they are working on are being used for surveillance in places like China or for military projects in the United States or elsewhere.
Tech Workers Now Want to Know: What Are We Building This For? | The New York Times
Why Logic Errors Are So Hard to Catch
The fact that a relatively simple flaw allowed an anonymous hacker to compromise 50 million Facebook accounts serves as a powerful reminder: When hackers, professional or amateur, find business logic errors, as |
| Envoyé | Oui |
| Condensat | ‘the 0824 12th 2018 2019 840 a about accounts across advice after against all allowed alone also always amateur amazon america analysing analysis anonymous answers anti antisocial app apparently are argos aristotle: asking attack automated avoid based battle because before beginning being best biased biases blockchain blog blogging blogging: bounty breach breach: brew brings brutal bug building built business but can can't candidates care case catch china city citylab code come comes companies company compromise consistently contact create cross cve cwe cyberwar damaging dark data defined demanding deploying derbycon detail developers dfd diagramming direct doesn’t don’t downgraded draw easy eating edge elsewhere employees engineer engineer’ engineers enjoyable enjoyed enough errors ever exploit exploitation facebook fact farmers fear female file find finding firms fix flaw follow food free from get gets google gov great greater greens hacker hackers had happens hard has hearted her home how i’ve ideas inc increasingly incredibly industry inherited insight insightful internal issue issued it’s its jan janca jobs join journal jugular kate know know: knowing learned lessons letter lettuce like logic logistics losing love mandate marshalling match matter matters may medium messenger michael microsoft military million model modeling models monday more most named necessarily needs new news nice not notify now occur october one ones only open other otherwise out part particular partners patch people performs places platform post potential powerful process products professional programs project projects random rank reading recruiting relatively reminder reminder: reportedly require requirements requires researcher researchers retailer right riksen run said salesforce scam scammers scrapped scrapping scraps sec security see seem sept serves shooting short should similarly simple simply social software solved some someone something sometimes somewhere sort sounds specifically spend spinach stake start started startups states steps stories story stratechery street struggle suppliers support surely surveillance system take taken talk tanya target tech technologists technology tells these things thought threat time times tl;dr to: tool tools topic tracking transaction trees tries try trying understand united ups use used useful verge vet visualising vulnerabilities vulnerability wall walmart want we’re web week well what when where whether which white why will wisdom women won’t wonder wondered work workers working works worst write writeups writing wrong york you’re your yourself youtube |
| Tags | Tool Vulnerability Threat |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.