Meet the🌟!;) #ShiftSecurityLeft is a @Hackernoon #Noonies2022 Best General Technology Newsletter runner-up in emerging tech. Thx for your votes, folks! And let's proceed with making this world more secure together! Subscribe: shift-security-left.curated.co Check your 📩 tomorrow.💛🔐

#ShiftSecurityLeft #9: 🔸threat modeling 🔸cracking Zeppelin ransomware 🔸subdomain takeover 🔸FBI vs cybercrime 🔸foreign adtech threat 👏Tal Eliyahu Unit 221B _nynan @renee_dudley @danlgolden James Pearson Marisa Taylor ➤‌‌ shift-security-left.curated.co #cryptography #security

In security, we don’t simply go on 🦌🎅🧦 holidays and switch off building better data protection ;) Find the 10th #ShiftSecurityLeft issue in your inbox tomorrow to mull over #encryption, #cryptography, #security audits, etc. ➤‌‌ shift-security-left.curated.co Stay secure 2⃣0⃣2⃣3⃣🔐

#ShiftSecurityLeft #10🎅: 🔸ALE on #GitHub 🔸memory safety issues in Android 🔸smart contract #security audit 🔸pre-auth RCE with CodeQL 🔸Wi-Fi security 👏 @kyfast Jeff Vander Stoep Joseph Thacker nazar serhїchuk frycos ➤‌‌ shift-security-left.curated.co #cryptography #DevSecOps #appsec

Did you miss the latest stories about #security and #cryptography in software development? Check the new #ShiftSecurityLeft newsletter in your 📩 tomorrow for a few new ones :) ➤‌‌ shift-security-left.curated.co #DevSecOps #appsec #dataprotection

#ShiftSecurityLeft #11: 🔸Go1.20 #cryptography 🔸#ZKP failures 🔸mobile app frameworks 🔸vulns in auto, Google🏠 👏 Filippo Valsorda @filippo.abyssdomain.expert Vladimir Ivanov Sam Curry ꙅɿɘƚɔɘqꙅ Brett Buerhaus xEHLE Ian Carroll sshell shubs Ben Sadeghipour Joseph Thacker shift-security-left.curated.co 👈

#Security is a complex area with so many perspectives and viewpoints to consider! Get some new insights on this 🧩, tailored to developers, in the new #ShiftSecurityLeft issue (tomorrow in your 📩). ➤‌‌ shift-security-left.curated.co #DevSecOps #cryptography #appsec #dataprotection

#ShiftSecurityLeft #12: 🔸email #security 🔸exploiting URL parsers 🔸migration challenges 🔸USB-based hacking 📓 applied #cryptography 👏 Sebastian Salla Claroty #Team82 Snyk Gergely Orosz Andy Greenberg (@agreenberg at the other places) Dan Boneh @VictorShoup ➤‌‌ shift-security-left.curated.co #DevSecOps #appsec

#TGIF Friday work’s all done? Now, you can wait for tomorrow to get #ShiftSecurityLeft in your inbox and enjoy the stories about password managers’ breaches, fuzzing the curl, and SNI vulnerabilities. ➤‌‌ shift-security-left.curated.co 👈🏻 #cryptography #DevSecOps #appsec

#ShiftSecurityLeft #13: 🔸password #security 🔸password managers breaches 🔸6 forces of #infosec risk 🔸fuzzing curl 🔸SNI? SSRF! 👏 @[email protected] -- Follow me there Aleksei Tiurin ahpaleus @WPalant Phil Venables Ryan Naraine ➤‌‌ shift-security-left.curated.co #cryptography #appsec

#ShiftSecurityLeft #14: 🔸Vultur RAT malware 🔸🇺🇦 wartime #cybersecurity 🔸fuzzing IoT devices 🔸reversing UK rail e-tickets 🔸side-channel in #Django 👏 @threatfabric Andrada Fiscutean @jtseces @sonarsource Schneier Blog ➤‌‌ shift-security-left.curated.co #cryptography #appsec #DevSecOps

The Dunning-Kruger effect suggests newcomers pass through Mount stupid, Valley of despair, and Slope of enlightenment to reach a Plateau of sustainability. In #security, this way is so loong, but let me lead you. ➤‌‌ shift-security-left.curated.co check your 📩 tomorrow

#ShiftSecurityLeft #15: 🔸voice-based biometric #security fails 🔸Cyber Resilience Act 🔸building Spy Extension 🔸database #cryptography 🔸debugging features & techniques 👏 Joseph Cox @bert_hu_bert Matt Frisbie Soatok is now on furry.engineer instead of here Andy Hippo ➤‌‌ shift-security-left.curated.co #DevSecOps #appsec

#ShiftSecurityLeft #16: 🔸hacking D-Link 🔸prompt injections 🔸exploits in NFC #digitalwallets 🔸inaudible voice trojan 🔸brute-forcing Bitwarden PIN 👏🏻 lucasluitjes GreyNoise nazar serhїchuk vixentael 🛡🇺🇦 ➤‌‌ shift-security-left.curated.co #security #cryptography

#ShiftSecurityLeft #17: 🔸complexity and security 🔸energy consumption of PQC 🔸cryptography for passwords 🔸browser extension for stealing crypto 🔸static analysis and CodeQL 👏🏻 Prof B Buchanan OBE FRSE Phil Venables Soatok is now on furry.engineer instead of here ➤‌‌ shift-security-left.curated.co #security #cryptography

#ShiftSecurityLeft #18: 🔸Dependency confusion attack on Google 🔸Why is OAuth still hard? 🔸Secure user data hosting in modern web apps 🔸Attacks on Cisco routers 🔸Pegasus spyware returns with evolved attack techniques ➤‌‌ shift-security-left.curated.co

#ShiftSecurityLeft #19: 🔸People and security incentives 🔸Attacks on JWT via ECDSA 🔸Catching cookie bugs 🔸Google passwordless login 🔸SolarWinds supply-chain hack 👏🏻 Kim Zetter Phil Venables arxenix shift-security-left.curated.co #AppSec #Security

#ShiftSecurityLeft #20: 🔸pseudorandom function explained 🔸backdooring Electron apps 🔸how FBI outsmarted Kremlin-connected APT group 🔸breaking security claims of e2e encrypted messenger 🔸inside Datadog’s $5M outage ➤‌‌ shift-security-left.curated.co #appsec