@KungFuChickenNoodle That's the wise thing to do, even with the light. For example I'm not sure iphones have that little light (or at least not all models).

@wizzwizz4 It seems so (a few more steps are required, but that's it).The details are available on walkthrough post the author linked on this overview article.

"While connections made after connecting to a VPN on your iOS device are not affected by this bug, all previously established connections will remain outside the VPN's secure tunnel..."

bleepingcomputer.com/news/secu

"CVE-2020-10558 | Tesla Model 3 Vulnerability – Disable Autopilot Notifications, Speedometer, Web Browser, Climate Controls, Turn Signals, Nav, etc."

safekeepsecurity.com/about/cve

> Unless customized, Jinja2 is configured by Flask as follows: autoescaping is enabled for all templates ending in .html, .htm, .xml as well as .xhtml when using render_template().

bento.dev/blog/2020/bento-chec

If using flask pay special attention to this configuration.
In Django as far as I'm aware (after testing a bit), render/render_to_string always escapes the content.

"Mass account takeovers using HTTP Request Smuggling on slackb.com/ to steal session cookies"

hackerone.com/reports/737140

Very interesting bug report.

AMD – new side-channel attacks affecting CPUs from 2011 to 2019:

mlq.me/download/takeaway.pdf (PDF file)

– The L1D cache way predictor is exploited to access secret information.
– The attacks are named Collide+Probe and Load+Reload.

#AMD #CPU #vulnerability #security #infosec #cybersecurity

Show more
Social feed

This is a personal and private instance.