Welcome to the sixteenth edition of Infosec Weekly - the Monday newsletter that brings the best in Infosec straight to your inbox.
So many new things are happening in the cybersecurity world that it’s difficult to keep up! 🥲
We’ve done all the hardwork for you by selecting the most top-notch Infosec stuff that caught our attention this week. The format is: 5 articles, 4 Threads, 3 videos, 2 Github repos and tools, 1 job alert and Upcoming CTF Events to help you maximize the benefit from this newsletter and take a massive jump ahead in your career.
Excited? Let’s dive in👇
📝 5 Infosec Articles
#1 @Gafnit Amiga explains about three vulnerabilities detected in the AWS IAM Authenticator where all of them were caused by the same code line.
#2 @OriginalSicksec’s new blog talks about how you can find and abuse URL shorteners to ATO or Information disclosure.
#4 A vulnerability was identified by @GoSecure_Inc within the Tableau Server that could allow malicious actors to extract sensitive data from the application through Reflected XSS.
#5 @David French shares some threat hunting and security monitoring tips to help defensive practitioners protect their Okta environments from attack.
🧵4 Trending Threads
📽️ 3 Insightful Videos
#3 @rana__khalil’s new long version video is up regarding the Lab#5 command injection with out-of-band data exfiltration
⚒️2 Github repositories & Tools
💰1 Job alert ⚠️
Required experience: 2 to 4 years.
Apply here:- Web app Security - Mobile app security - Code review
🎮 Upcoming CTF Events
A jeopardy-style CTF for professional hackers, students and cyber security enthusiasts.
Wed, July 20, 2022 15:00 UTC+00:00
Weight: 0 points
Duration: 1 day
#2 Lexington Informatics Tournament CTF 2022 - Jeopardy
A beginner friendly jeopardy-style CTF hosted by Lexington High School
Fri, July 22, 2022 15:00 UTC+00:00
Weight: 23 points
Duration: 2 days and 12 hours
That’s all for this week. Hope you enjoyed these incredible finds and learned something new from today’s newsletter.
Before we say bye…
If you found this newsletter interesting, and know other people who would too, we'd really appreciate if you could forward it to them 📨
If you have questions, comments, or feedback, just reply to this email or let us know on Twitter @InfoSecComm.
See you again next week.
Lots of love
This newsletter has been created in collaboration with our amazing ambassadors.
If you wish to join our Ambassadors channel and contribute to the newsletter, send us a DM on Twitter with your discord username.