Security Headers da F ad A: Cookie Flags e Cookie Prefix https://youtu.be/3LM3BP7aqY0 via @firstname.lastname@example.org
"We must ban facial recognition in both public and private sectors, before we grow so dependent on it that we accept its inevitable harms as necessary for 'progress,'" write @EvanSelinger@twitter.com and @email@example.com https://nyti.ms/2MSM09B
Banca d'Italia - Banca d'Italia - N. 517 - Sviluppo di un sistema di cyber threat intelligence in una banca centrale https://www.bancaditalia.it/pubblicazioni/qef/2019-0517/index.html
How Dropbox Security builds tools for threat detection and incident response https://blogs.dropbox.com/tech/2019/10/how-dropbox-security-builds-better-tools-for-threat-detection-and-incident-response/
Mozilla will change security and privacy indicators in upcoming Firefox 70:
So it is time to change the "look for the green padlock icon" security tips that are around for years (and were actually never sufficient as written in https://infosec-handbook.eu/blog/web-security-myths/#m3).
WordPress 5.2.4 Security Release Breakdown
"Dance like no one is watching, encrypt like everyone is." Ho parlato con @firstname.lastname@example.org dei TransCyberian CryptoParty https://www.vice.com/it/article/vb5xbd/transcyberian-cryptoparty-intervista-xenia-ermoshina
Securing Docker Containers https://0x00sec.org/t/securing-docker-containers/16913
Security researcher and OSINT practioner @email@example.com has put together this awesome #osint beginner guide to detecting firewalls and gateways.
Così i partiti manipolano l’opinione pubblica online: un problema globale https://www.agendadigitale.eu/cultura-digitale/cosi-i-partiti-manipolano-lopinione-pubblica-online-un-problema-globale/
~Open Source Security Tool of the Day~
Nebulo is a free, open-source, non-root and small sized DNS changer utilizing dns-over-https and dns-over-tls to bring privacy and security to your phone.
It is fast, contains no ads or tracking and offers a lot of flexibility.
Vendor related - Intelligence From Internet Background Noise
Analysis of an Exploited #NPM Package || Jarrod Overson
Vendor Whitepaper, TI
ThreatConnect Building a Threat Intelligence Program
Blog post: CVE-2019-10392 — Yet Another 2k19 Authenticated Remote Command Execution in Jenkins - https://iwantmore.pizza/posts/cve-2019-10392.html
Reading: 3 min
Ⓐ INTJ • Infosec analyst • Metaveillance practitioner • Crypto-anarchism enthusiast • Fellow at Cyber Saiyan
A Mastodon instance for info/cyber security-minded people.