Seclog - #41
Spotlight: Account Takeover of Internal Tesla Accounts, RCE in Chrome, I hacked macOS, security testing for WebSocket, SecDevOps or DevSecOps?, etc.
seclinks
Post Account Takeover? Account Takeover of Internal Tesla Accounts
Getting RCE in Chrome with incorrect side effect in the JIT compiler
Critical JetBrains TeamCity Flaw Could Expose Source Code and Build Pipelines to Attackers
CVE-2023-34040 Spring Kafka Deserialization Remote Code Execution
38TB of data accidentally exposed by Microsoft AI researchers
Orange: From 2013 to 2023: Web Security Ten Years of Evolution and Trends!
A tale about a Red Team exercise and the Forcepoint Endpoint One DLP client
SocketSleuth: Improving security testing for WebSocket applications
AppSec: SecDevOps or DevSecOps? Do We Need to Choose? Guide to the What and the Why