Weekly newsletter on Cybersecurity — Issue #6
The main goal of this newsletter is to enhance your learnings towards Application Security, Cloud Security, DevSecOps every week directly in your inbox. So that, you can learn and practice on weekends.
Hello friends,
I hope you are enjoying the weekly cybersecurity newsletter and going through these resources over the weekend.
In the last issue#5, I had covered skills, resources, etc to start a career in cybersecurity.
HTTP Request methods and Response Headers
This is a very easy but important concept for security engineers to understand what are request methods, how many of them are there, and which one means what.
You might have header and seen the 2 most common request methods: GET and POST. There are a few more OPTIONS, TRACE, PUT, PATCH, DELETE. Read more here: https://developer.mozilla.org/en-US/docs/Web/HTTP/Methods
Respons Headers is always an interesting part for hackers to gather more information about the application, server, and its behavior with each such request.
X-*, server details, cookie details are some info that you should try to understand as much as possible.
Here is a cheat sheet from OWASP Top 10 that you must go through. https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Headers_Cheat_Sheet.html
Security News
Hacked cloud accounts are being used to mine crypto, says Google — www.theblockcrypto.com
A report released this week by Google indicates that a majority of recently attacked accounts on its Google Cloud Platform service were used to mine cryptocurrency.
Fall 2021 SOC reports now available with 141 services in scope | Amazon Web Services — aws.amazon.com
At Amazon Web Services (AWS), we’re committed to providing our customers with continued assurance over the security, availability and confidentiality of the AWS control environment. We’re proud to deliver the System and Organizational (SOC) 1, 2, and 3 reports to enable our AWS customers to maintain confidence in AWS services. For the Fall 2021 SOC […]
Google Announces Intent to Acquire Mandiant — www.googlecloudpresscorner.com
MOUNTAIN VIEW, Calif. (March 8, 2022) — Google LLC today announced that it has signed a definitive agreement to acquire Mandiant, Inc., a leader in dynamic cyber defense and response, for $23.00 per share, in an all-cash transaction valued at approximately $5.4 billion, inclusive of Mandiant’s net cash. Upon the close of the acquisition, Mandiant will join Google Cloud.
Free Security Videos on Youtube
- Log4shell Deep Dive by Snyk Team.
How to start a career in Cybersecurity: Webinar
Hacking AI: Security & Privacy of Machine Learning Models
How to run Mutillidae on Docker