Collaborate Disseminate
This week, Paul reports on malicious Google Chrome extensions affecting 500K users, configuration errors in Intel workstations being labeled a security hole, VMware releases security updates for Workstation, Fusion, and Oracle still silent on Meltdown!… Continue reading Google, Intel, Oracle, and Meltdown-Spectre – Hack Naked News #157
In the news, prosecutors say Mac Spyware stole millions of user images over 13 years, Skype finally getting end-to-end encryption, Apple set to patch yet another macOS password security flaw, 147 security vulnerabilities reported in ICS mobile applicat… Continue reading Skype, Apple, and Wi-Fi Alliance – Paul’s Security Weekly #543
This week, Paul and Keith discuss the ten most critical web application security risks! They discuss broken authentication, sensible data exposure, XML external entities (XXE), broken access control, security configuration, and more on this episode of … Continue reading OWASP Top 10 (2017) Overview – Application Security Weekly #1
Jake Williams is the founder of Rendition Infosec and is a Senior Instructor at the SANS Institute. MalwareJake clears last weeks news story with the latest news on Meltdown and Spectre. He joins us this week for an interview! Full Show Notes Subscribe… Continue reading Jake Williams, SANS – Paul’s Security Weekly #543
In the Application Security News, Paul and Keith discuss how malicious NPM packages could harvest credit card numbers and passwords from your site, NVIDIA updates video drivers to help address CPU memory security, multiple vulnerabilities in PHP could … Continue reading NVIDIA, Oracle, Coinbase, and Bitcoin – Application Security Weekly #1
Diana Kelley is the Cybersecurity Field CTO at Microsoft and a cybersecurity thought leader, practitioner, executive advisor, speaker, author and co-founder of SecurityCurve. Ed Moyle is currently Director of Thought Leadership and Research for ISACA. … Continue reading Diana Kelley & Ed Moyle, Security Curve – Paul’s Security Weekly #543
Matt Alderman talks about container security with Paul! They analyze Docker, static analysis tools, and image build processes! Full Show Notes Visit http://securityweekly.com/esw for all the latest episodes!
The post Container Security – Enterpri… Continue reading Container Security – Enterprise Security Weekly #75
CASB Bitglass, WhiteHat, and Twistlock – Enterprise Security Weekly #75 In the news, CASB Bitglass announces zero-day cloud app indexing with machine learning, WhiteHat combats code vulnerabilities with Sentinel Source for Microservices, Twistloc… Continue reading CASB Bitglass, WhiteHat, and Twistlock – Enterprise Security Weekly #75
It is fairly common for pentesters to discover Cross-Site Scripting (XSS) vulnerabilities on web application assessments. Exploiting these issues potentially allow access to a user’s session tokens enabling attackers to navigate a site as the vic… Continue reading HTML5 Storage Exfil via XSS – Tradecraft Security Weekly #23
This week, Matt Alderman joins Paul to interview Marci McCarthy, CEO and President of T.E.N. & CEO and Chairman of ISE®! Marci has over 20 years of business management and entrepreneurial experience, specializing in executive-level searches, as wel… Continue reading Marci McCarthy, CEO and President of T.E.N. – Enterprise Security Weekly #75