Security: Pen Testing, Social Engineering, Open Source Security, and Holes in cURL
-
12 Vulnerable Sites & Web Applications For Pen Testing 2022
We put together a list that includes vulnerable XSS and SQL sites too. When we say this word we actually mean ethical hacking and using such sites and apps for testing gives a safe environment to practice the craft legally while staying on the right side of the law. Like this, you can hack freely without the fear of being arrested.
-
How Hackers Use Social Engineering to Get Passwords on Facebook?
Social engineering is a powerful method for hackers to exploit computer systems without the use of malware or computer hacking tools.
-
Episode 337 – Security patches are getting worse – Dustin Childs from ZDI tells us why – Open Source Security
Josh and Kurt talk to Dustin Childs about the recent ZDI Black Hat talk where they discovered the current trend of security patches not actually fixing the security problem. We talk about what this problem means. Why is it happening, and what ZDI is doing to try nudge the industry in the right direction.
-
Increased CVE activity in curl? | daniel.haxx.se
In 2022 we have already had 14 CVEs reported so far, and we will announce the 15th when we release curl 7.85.0 at the end of August. Going into September 2022, there have been a total of 18 reported CVEs in the last 12 months.
During the whole of 2021 we had 13 CVEs reported – and already that was a large amount and the most CVEs in a single year since 2016.
There has clearly been an increased CVE issue rate in curl as of late.