Patch Tuesday Quick Hits: 56 just from Microsoft. 3 critical and high severity TCP/IP bugs that are magnets for exploit. Two for .NET framework which are manual patches. And the critical one for WindowsDNS server. May the patching gods smile upon you
Dependency Confusion: How I Hacked into Apple, Microsoft and Dozens of Other Companies by Alex Birsan on Medium
We live in an increasingly interconnected digital world, where relationships and connections need to be understood and monitored at the system level, up through business and personal levels. Trust but verify. Attackers will be actively seeking out dependency vulnerabilities, leverage automated downloads and target open source repositories.
With automation, trust and expectation are bigger factors than we realize. Security researchers Alex Birsan and Justin Gardner highlight “Dependency Confusion” and how this can become something we missed.