Security Headers da F ad A: Cookie Flags e Cookie Prefix via

"We must ban facial recognition in both public and private sectors, before we grow so dependent on it that we accept its inevitable harms as necessary for 'progress,'" write and

2.19.216 - Remote Code Execution Exploit CVE-2019-11932 [remote ]

Threat Modelling Stories From The Trenches - David Johannson and Andrew Lee-Thorp

Security Vulnerabilities Decomposition: Another Way To Look At Vulnerabilities - Katy Anton

How To Find And Prevent Entire Classes Of Security Vulnerabilities with Variant Analysis

Banca d'Italia - Banca d'Italia - N. 517 - Sviluppo di un sistema di cyber threat intelligence in una banca centrale

Mozilla will change security and privacy indicators in upcoming Firefox :firefox: 70:

So it is time to change the "look for the green padlock icon" security tips that are around for years (and were actually never sufficient as written in

#mozilla #firefox #security #privacy #indicator #padlock #infosec #cybersecurity

"Dance like no one is watching, encrypt like everyone is." Ho parlato con dei TransCyberian CryptoParty

Security researcher and OSINT practioner has put together this awesome beginner guide to detecting firewalls and gateways.

Working on compiling a Ryuk/Grim Spider layer for the MITRE ATT&CK navigator, based on available OSINT, in case anyone wants to help out.

~Open Source Security Tool of the Day~

Nebulo is a free, open-source, non-root and small sized DNS changer utilizing dns-over-https and dns-over-tls to bring privacy and security to your phone.
It is fast, contains no ads or tracking and offers a lot of flexibility.

Blog post: CVE-2019-10392 — Yet Another 2k19 Authenticated Remote Command Execution in Jenkins -
Reading: 3 min
Published: 09/12/2019

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.