National Consumer Protection Week

Original release date: February 28, 2020

National Consumer Protection Week (NCPW) is March 1–7. This annual event encourages individuals and businesses to learn about their consumer rights and how to keep themselves secure. The Federal Trade Commission (FTC) and its NCPW partners provide free resources to protect consumers from fraud, scams, and identity theft.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages consumers to review FTC’s NCPW resource page and review the following CISA tips:

 

This product is provided subject to this Notification and this Privacy & Use policy.

Cisco Releases Security Updates

Original release date: February 27, 2020

Cisco has released security updates to address vulnerabilities affecting FXOS, NX-OS, and Unified Computing System (UCS) software. A remote attacker could exploit some of these vulnerabilities to cause a denial-of-service condition. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco advisories, as well as the Cisco Event Response page, and apply the necessary updates:

This product is provided subject to this Notification and this Privacy & Use policy.

New CWE List of Common Security Weaknesses

Original release date: February 26, 2020

MITRE has released version 4.0 of the community-developed Common Weakness Enumeration (CWE) list. Previous CWE list versions describe common software security weaknesses. With version 4.0, the CWE list expands to include hardware security weaknesses. Additionally, version 4.0 simplifies the presentation of weaknesses into various views and adds a search function to enable easier navigation of the information.

The Cybersecurity and Infrastructure Security Agency (CISA) sponsors MITRE’s CWE program, which is a community-based initiative. CISA welcomes new partners to the CWE program. Visit https://cwe.mitre.org to learn how to get involved.

This product is provided subject to this Notification and this Privacy & Use policy.

Astra – API Automated Security Testing For REST

Astra – API Automated Security Testing For REST

Astra is a Python-based tool for API Automated Security Testing, REST API penetration testing is complex due to continuous changes in existing APIs and newly added APIs.

Astra can be used by security engineers or developers as an integral part of their process, so they can detect and patch vulnerabilities early during development cycle. Astra can automatically detect and test login & logout (Authentication API), so it’s easy for anyone to integrate this into CI/CD pipeline.

Read the rest of Astra – API Automated Security Testing For REST now! Only available at Darknet.