by Bill Sempf
24. November 2019 10:03
Github is starting SecurityLab. It's part knowledge sharing, part secure coding, part bounty hunting, and it is pretty neat.
https://securitylab.github.com/
Stacey on IoT has a good writeup on device and container security citing this Trend Micro report
https://www.trendmicro.com/vinfo/us/security/research-and-analysis/predictions/2020
Subscribe to her newsletter!
https://staceyoniot.com/
TrustedSec, an infosec firm in Cleveland run by my friend Dave Kennedy, has open sourced their legal documentation for physical pentesting in order to try and prevent another Iowa.
https://github.com/trustedsec/physical-docs
Read more about why here
https://www.trustedsec.com/blog/a-message-of-support-coalfire-consultants-charged/
Cool writeup of a DOM clobbering vulnerability. I think DOM XSS will become more of a thing as browsers get more and more power.
https://research.securitum.com/xss-in-amp4email-dom-clobbering/
That's the news!
3e6d8fec-4db2-409e-9bda-250a77a25205|0|.0|96d5b379-7e1d-4dac-a6ba-1e50db561b04
Tags: