Please enjoy this encore of Word Notes.
Code and data repositories that don't protect against unauthorized changes.
Learn more about your ad choices. Visit megaphone.fm/adchoices
--------
8:27
OWASP server-side request forgery (noun)
Please enjoy this encore of Word Notes.
An attack technique that leverages an unprotected web server as a proxy for attackers to send commands through to other computers.
Learn more about your ad choices. Visit megaphone.fm/adchoices
--------
7:38
OWASP security logging and monitoring failures (noun)
Please enjoy this encore of Word Notes.
The absence of telemetry that could help network defenders detect and respond to hostile attempts to compromise a system.
Learn more about your ad choices. Visit megaphone.fm/adchoices
--------
6:04
OWASP identification and authentication failures (noun)
Please enjoy this encore of Word Notes.
Ineffectual confirmation of a user's identity or authentication in session management.
CyberWire Glossary link: https://thecyberwire.com/glossary/owasp-identification-and-authentication-failure
Audio reference link: “Mr. Robot Hack - Password Cracking - Episode 1.” YouTube Video. YouTube, September 21, 2016.
Learn more about your ad choices. Visit megaphone.fm/adchoices
--------
5:58
Log4j vulnerability (noun)
Please enjoy this encore of Word Notes.
An open source Java-based software tool available from the Apache Software Foundation designed to log security and performance information.
CyberWire Glossary link: https://thecyberwire.com/glossary/log4j
Audio reference link: “CISA Director: The LOG4J Security Flaw Is the ‘Most Serious’ She’s Seen in Her Career,” by Eamon Javers (CNBC) and Jen Easterly (Cybersecurity and Infrastructure Security Director) YouTube, 20 December 20 2021.
Learn more about your ad choices. Visit megaphone.fm/adchoices
Polska