1024
Comment:
|
1126
|
Deletions are marked like this. | Additions are marked like this. |
Line 6: | Line 6: |
Department of Justice Announces New Policy for Charging Cases under the Computer Fraud and Abuse Act |
1. Security
1.1. DOJ
- Department of Justice Announces New Policy for Charging Cases under the Computer Fraud and Abuse Act
https://people.scs.carleton.ca/~paulv/toolsjewels.html
1.2. WordPress
Latest WordPress security news
https://portswigger.net/daily-swig/wordpress
WordPress sites getting hacked ‘within seconds’ of TLS certificates being issued
インストール手順が悪いと、侵入を許すことに。-- ToshinoriMaeno 2022-05-09 12:28:35
https://twitter.com/matsuu/status/1522751803242455043?s=20&t=PQmzgfKsqbNLXEew0gsp8w
Let's EncryptなどでSSL証明書取得を行うと CT(Certificate Transparency)を監視している悪意ある第三者が即座にアクセスしてきて 初期インストール状態のWordPressにバックドアを仕掛ける手口が横行。
ここの要求は実現困難: https://twitter.com/matsuu/status/1522753612161511424?s=20&t=PQmzgfKsqbNLXEew0gsp8w