Lmst

Lorenzo Gallegos presents 'How to Write Secure Code' July 25th at Nebraska.Code().

https://nebraskacode.amegala.com/

#securecode #OWASP #XSS #sqlinjection #crosssitescripting #lincoln #CrossSiteRequestForgery #serversiderequestforgery #Nebraska #PrivilegeEscalation #supplychain #webdevelopment #DeveloperConference #coding #TechSecurity #TechConference

#autonomoussystems #Bufferoverflow #connecteddevices #Crosssitescripting(XSS) #cyberattacks #cybersecurity #dataencryption #Dataprivacy #DenialofService(DoS) #deviceencryption #dosattack #hacking #hackinglot #InternetofThings #iOT #IoTpreventionmethods #IoTrisks #IoTSecurity #IoTvulnerabilities #lot #lotdevices #malware #networksecurity #outdatedprotocols #Physicaltampering #Privacybreaches #secureiot

https://miltonmarketing.com/news/hacking-the-iot-vulnerabilities-and-prevention-methods/

Sicherheitslücken #Gitlab: Heruntergestufte Admins behalten weitreichende Rechte | Security https://www.heise.de/news/Sicherheitsluecken-Gitlab-Heruntergestufte-Admins-behalten-weitreichende-Rechte-10332147.html #git :git: #Patchday #XSS #CrossSiteScripting

Cross-eyed scripting.

Cross-site scripting.

You haven't lived if you've done neither.

#XSS #CrossSiteScripting #CrossEyedScripting

Fünf Sicherheitslücken in #Gitlab geschlossen | Security https://www.heise.de/news/Ueber-Bug-Bounty-Programm-gemeldete-Sicherheitsluecken-in-Gitlab-geschlossen-10299543.html #Patchday #XSS #CrossSiteScripting

Sicherheitsupdates #Zimbra: Angreifer können Metadaten von E-Mails auslesen | Security https://www.heise.de/news/Sicherheitsupdates-Zimbra-Angreifer-koennen-Metadaten-von-E-Mails-auslesen-10277628.html #Patchday #XSS #CrossSiteScripting

Jetzt patchen: Cross-Site-Scripting und Denial of Service in #GitLab möglich | Developer https://www.heise.de/news/Jetzt-patchen-Cross-Site-Scripting-und-Denial-of-Service-in-GitLab-moeglich-10254924.html #Patchday #DoS #DenialOfService #XSS #CrossSiteScripting

Heimserver-Betriebssystem: Updates beheben Sicherheitslücken in #Unraid | Security https://www.heise.de/news/Heimserver-Betriebssystem-Updates-beheben-Sicherheitsluecken-in-Unraid-10253366.html #Patchday #XSS #CrossSiteScripting

Ist die Content Security Policy Level 3 eigentlich "aktueller Stand der Technik", wenn sie sich im Status "working draft" befindet? Eigentlich nicht, oder?!

#csp #xss #crosssitescripting #security #webentwicklung #dev #itsecurity #dsgvo #bsi #datenschutz

@bsi @certbund

#CMS: Updates stopfen Sicherheitslecks in #ProgressSitefinity | Security https://www.heise.de/news/CMS-Updates-stopfen-Sicherheitslecks-in-Progress-Sitefinity-10233332.html #Sitefinity #Patchday #XSS #CrossSiteScripting #ContentManagementSystem

#CrushFTP: Attacken auf Admins möglich | Security https://www.heise.de/news/CrushFTP-Attacken-auf-Admins-moeglich-10202537.html #XSS #CrossSiteScripting #Patchday

Web-Security: Mit Content Security Policy gegen Cross-Site Scripting, Teil 2 | Developer https://www.heise.de/hintergrund/Web-Security-Mit-Content-Security-Policy-gegen-Cross-Site-Scripting-Teil-2-10175246.html #XSS #development #JavaScript #CrossSiteScripting

iOS 18.1.1 und macOS Sequoia 15.1.1 schließen aktiv ausgenutzte Sicherheitslücken
Apple hat mit den neuen Updates iOS 18.1.1 und macOS Sequoia 15.1.1 bedeutende Sicherheitslücken geschlossen, die Beric
https://www.apfeltalk.de/magazin/feature/ios-18-1-1-und-macos-sequoia-15-1-1-schliessen-aktiv-ausgenutzte-sicherheitsluecken/
#Feature #iPad #iPhone #Mac #Apple #CrossSiteScripting #CVE202444308 #CVE202444309 #IntelMac #IOS1811 #JavaScriptCore #MacOSSequoia1511 #Sicherheitsupdate #Webkit

Web-Security: Mit Content Security Policy gegen Cross-Site Scripting, Teil 1 | Developer https://www.heise.de/hintergrund/Web-Security-Mit-Content-Security-Policy-gegen-Cross-Site-Scripting-Teil-1-9998046.html #XSS #Development #JavaScript #CrossSiteScripting

🟠 Attacking browser extensions

by Kevin Stubbings @kwstubbs at @github

Learn about browser extension security and secure your extensions with the help of CodeQL.

#vulnerability #extension #script #CrosssiteScripting #ServerSideRequestForgery #xtensionAPIinjection #webdev

https://github.blog/security/vulnerability-research/attacking-browser-extensions/

Black text on orange rectangles on bottom left of image: Attacking browser extensions.
Image:
Man in armour on a black horse, wearing armor and helmet with arm raised with a sword attacking a bunch of enemies hidden behind a wall of black shields. A rain of arrow protect the knight, coming from behind.
Kay Nielsen (illustrator). East of the Sun and West of the Moon: Old Tales from the North. New York: G.H. Doran, 1922.

💡 Did you know? Cross-Site Scripting (XSS) is the top cloud vulnerability in 2024, responsible for 27% of cloud security incidents!

👾 Cybercriminals are exploiting XSS to steal credentials and hijack user accounts in cloud environments. Make sure your cloud services are secure by implementing strict input validation and using Content Security Policy (CSP). 🔐

🔎 How is your organization protecting against cloud vulnerabilities? Share your insights below! 💬

🔗 Read more about the top threats in 2024 and how to stay secure in our latest post:
https://guardiansofcyber.com/cybersecurity-news/top-cloud-vulnerability-in-2024-cross-site-scripting-leads-as-the-most-exploited-threat/

#Cybersecurity #GuardiansOfCyber #CloudSecurity #CrossSiteScripting #XSS #Infosec #ThreatIntel #CloudVulnerabilities #Guardians #CyberThreats