https://gbhackers.com/owasp-top-10-2017-released/ Open Web Application Security Project(OWASP) released new Top 10 Most Critical Web Application Security Risks list. With the new release, they have completely refactored the methodology of categorizing risks. →
https://arstechnica.com/tech-policy/2017/11/an-alarming-number-of-sites-employ-privacy-invading-session-replay-scripts/ If you have the uncomfortable sense someone is looking over your shoulder as you surf the Web, you’re not being paranoid. A new study finds hundreds of sites—including microsoft.com, adobe.com, and godaddy.com—employ scripts that record visitors’ keystrokes, mouse movements, and scrolling behavior in real time… →
https://techcrunch.com/gallery/10-of-the-most-funded-startups-to-fail-in-2017/ Some startups rise and many startups fall when things do not go as planned. 2017 has seen some prominent startups go under. Together these 10 companies raised a combined $1.7 billion from venture capitalists and banks. →
https://www.edn.com/electronics-blogs/out-of-this-world-design/4459036/Magnetising-the-next-generation-of-high-throughput-satellites?utm_content=bufferddeae&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer This article tells how magnetic electronics components are used in satellite electronics. →
https://www.denimgroup.com/resources/blog/2017/11/getting-started-with-iot-security-with-threat-modeling/?lipi=urn%3Ali%3Apage%3Ad_flagship3_pulse_read%3BtGhVz%2BNYQRiSgJC%2Bt%2FEWQQ%3D%3D The security of IoT systems can be exceptionally complex because of the large number of components, potentially extensive attack surface, and the interactions between different parts of the system. Threat modeling is a great starting point to understand the risks associated with IoT systems. The challenge with this trend is that IoT devices are just computers →
https://sciencebasedmedicine.org/placebo-myths-debunked/ →
http://www.productive-cpp.com/hardening-cpp-programs-executable-space-protection-address-space-layout-randomization-aslr/ Interesting information on C/C++ code security issues. →
http://www.theserverside.com/feature/Containers-and-microservices-complicate-cloud-native-security?utm_campaign=Black%20Duck%20Press&utm_content=60709505&utm_medium=social&utm_source=facebook Developing applications with microservices and containers may be a modern approach to software design, but traditional software flaws still remain a problem when addressing cloud-native security. When you think about microservices-architected, there’s a wide range of, I guess you could say opinions, about what that means. In this age of DevOps and cloud-native development, the software →
https://www.sudosatirical.com/articles/10-year-old-root-exploit-found-in-man-command/ This article claims that A 10-year old root exploit was found in the Unix “man” program – read the description and think how to react to this report. →
https://motherboard.vice.com/en_us/article/pa3vvg/the-greatest-computer-network-youve-never-heard-of?utm_campaign=sharebutton This is a fascinating story… →