TSEC NEWS: 06.05.21 Cron-Job Fehlerhaft nach PHP Update + PWA mobile + Desktop / 04.05.21 - Android App von TSECURITY 28.04.21 - NEUER SERVER // 26.04.21 ++ Download the Electron-App für tsecurity.de // Über 550 Feed-Quellen


❈ ILDIS v2 Applications Multiple Vulnerabilities

➤ Weitere Beiträge von Team Security | IT Sicherheit (tsecurity.de)

Know, Prevent, Fix: A framework for shifting the discussion around vulnerabilities in open source

vom 106.89 Punkte
Posted by Eric Brewer, Rob Pike, Abhishek Arya, Anne Bertucio and Kim Lewandowski Executive Summary:The security of open source software has rightfully garnered the industry’s attention, but solutions require consensus about the challenges and cooperation

AA21-008A: Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments

vom 105.55 Punkte
Original release date: January 8, 2021SummaryThis Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. This Alert is a companion alert to

DevAudit - Open-source, Cross-Platform, Multi-Purpose Security Auditing Tool

vom 96.62 Punkte
DevAudit is an open-source, cross-platform, multi-purpose security auditing tool targeted at developers and teams adopting DevOps and DevSecOps that detects security vulnerabilities at multiple levels of the solution stack. DevAudit provides a wide array

Announcing .NET Core 3 Preview 1 and Open Sourcing Windows Desktop Frameworks

vom 96.14 Punkte
Today, we are announcing .NET Core 3 Preview 1. It is the first public release of .NET Core 3. We have some exciting new features to share and would love your feedback. You can develop .NET Core 3 applications with Visual Studio 2019 Preview 1, Visual St

AA21-048A: AppleJeus: Analysis of North Korea’s Cryptocurrency Malware

vom 96.14 Punkte
Original release date: February 17, 2021SummaryThis Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. This joint advisory is the result o

Why do the Vast Majority of Applications Still Not Undergo Security Testing?

vom 95.23 Punkte
Did you know that 84% of all cyber attacks target applications, not networks? What’s even more curious is that 80% of Internet of Things (IoT) applications aren’t even tested for security vulnerabilities. It is 2018, and despite all the evidence arou

Data Driven Security Hardening in Android

vom 95.1 Punkte
Posted by Kevin Deus, Joel Galenson, Billy Lau and Ivan Lozano, Android Security & Privacy TeamThe Android platform team is committed to securing Android for every user across every device. In addition to monthly security updates to patch vulnerabilities reported to us through our Vulnerability Rew

AA20-133A: Top 10 Routinely Exploited Vulnerabilities

vom 92.3 Punkte
Original release date: May 12, 2020SummaryThe Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the broader U.S. Government are providing this technical guidance to advise IT security professionals a

AA20-133A: Top 10 Routinely Exploited Vulnerabilities

vom 92.3 Punkte
Original release date: May 12, 2020SummaryThe Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the broader U.S. Government are providing this technical guidance to advise IT security professionals a

Towards native security defenses for the web ecosystem

vom 90.62 Punkte
Posted by Artur Janc and Lukas Weichselbaum, Information Security EngineersWith the recent launch of Chrome 83, and the upcoming release of Mozilla Firefox 79, web developers are gaining powerful new security mechanisms to protect their applications from

Trivy - A Simple And Comprehensive Vulnerability Scanner For Containers, Suitable For CI

vom 89.37 Punkte
A Simple and Comprehensive Vulnerability Scanner for Containers, Suitable for CI.AbstractTrivy (tri pronounced like trigger, vy pronounced like envy) is a simple and comprehensive vulnerability scanner for containers. A software vulnerability is a glitch, flaw, or weakness present in the software or in an Operating System. Trivy detects vulnerabilities of OS packages (A

Vulnerablecode - A Free And Open Vulnerabilities Database And The Packages They Impact And The Tools To Aggregate And Correlate These Vulnerabilities

vom 89.02 Punkte
VulnerableCode is a free and open database of FOSS software package vulnerabilities and the tools to create and keep the data current. It is made by the FOSS community to improve and secure the open source software ecosystem.Why? The existing solutions

Team Security Diskussion über ILDIS v2 Applications Multiple Vulnerabilities