Forwarded from Записки админа
Ну что, Intel собрали в один список все (но это не точно) потенциальные проблемы безопасности в Intel ME, о которых сообщали различные исследователи. К списку подготовили обновление и утилиту для проверки, подвержена ли система уязвимостям.
Сам список доступен по ссылке:
https://goo.gl/BuLp6h
Информация об обновлениях:
https://goo.gl/GLijsg
Утилита для проверки наличия уязвимости (для Windows и Linux):
https://downloadcenter.intel.com/download/27150
Все ли бекдоры закрыли, завезли ли новые - история умалчивает.
#intel #security
Сам список доступен по ссылке:
https://goo.gl/BuLp6h
Информация об обновлениях:
https://goo.gl/GLijsg
Утилита для проверки наличия уязвимости (для Windows и Linux):
https://downloadcenter.intel.com/download/27150
Все ли бекдоры закрыли, завезли ли новые - история умалчивает.
#intel #security
Intel
Intel® Management Engine Critical Firmware Update (Intel-SA-00086)
Security Advisory (Intel-SA-00086), a critical firmware vulnerability in systems.
"Engineering Security" by Peter Gutmann https://www.cs.auckland.ac.nz/~pgut001/pubs/book.pdf #books #security #dukeBarman
Open Source Security Foundation (OpenSSF): Reflection and Future https://www.linuxfoundation.org/en/blog/openssf-reflection-and-future/ #security #linux #dukeBarman
Wubes is like Qubes but for Windows. The idea is to leverage the Windows Sandbox technology to spawn applications in isolation. https://github.com/nccgroup/Wubes #windows #security #dukeBarman
GitHub
GitHub - nccgroup/Wubes: Qubes containerization on Windows
Qubes containerization on Windows . Contribute to nccgroup/Wubes development by creating an account on GitHub.
Windows Exploit Suggester was updated to Python 3 https://github.com/a1ext/Windows-Exploit-Suggester #security #windows #dukeBarman
GitHub
GitHub - a1ext/Windows-Exploit-Suggester: This tool compares a targets patch levels against the Microsoft vulnerability database…
This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public expl...
The new OpenSecurityTraining2 site has been launched at http://ost2.fyi The public betas of refreshed classes on x86-64 assembly, x86-64 OS internals and coreboot are now open #security #hardware #reverse #dukeBarman
Android security checklist: WebView
https://blog.oversecured.com/Android-security-checklist-webview/
#mobile #android #webview #checklist #security #darw1n
https://blog.oversecured.com/Android-security-checklist-webview/
#mobile #android #webview #checklist #security #darw1n
News, Techniques & Guides
Android security checklist: WebView
WebView is a web browser that can be built into an app, and represents the most widely used component of the Android ecosystem; it is also subject to the largest number of potential errors.
Smart Contract Security: The Ultimate Guide
This article serves as a mini course on smart contract security and provides an extensive list of the issues and vulnerabilities that tend to recur in Solidity smart contracts.
https://www.rareskills.io/post/smart-contract-security
#crypto #security
This article serves as a mini course on smart contract security and provides an extensive list of the issues and vulnerabilities that tend to recur in Solidity smart contracts.
https://www.rareskills.io/post/smart-contract-security
#crypto #security
RareSkills
Smart Contract Security | By RareSkills
Smart Contract Security This article serves as a mini course on smart contract security and provides an extensive list of the issues and vulnerabilities that tend to recur in Solidity smart contracts. A security issue in Solidity boils down to smart contracts…
👍3🔥1