Collaborate Disseminate
Yes, the zoom thing, 50 Ways to Leak Your Data in 1,300 Popular Android Apps Access Data, Without Proper Permissions, GE Aviation exposed internal configs via open Jenkins instance, Preparing your enterprise to eliminate passwords, DevSecOps Survey… Continue reading Application News – Application Security Weekly #69
WordPress Plugin WP Statistics Patches XSS Flaw, Three RCEs in Android’s Media framework, Nine Best Practices For Integrating Application Security Testing Into DevOps, 6 Traits That Define DevSecOps, and much more! News Bugs, Breaches, and Mo… Continue reading Application News – Application Security Weekly #68
GKE improves authentication with Workload Identity, AWS reinforce reveals traffic tools and security solutions that improve support for DevOps, Brief history of Trusted Execution Environments, From the Enterprise’s Project: How to Explain Ser… Continue reading GKE, AWS, & S3 Buckets – Application Security Weekly #67
Cisco Expressway goes off path and a Cisco IOS XE vuln goes for emojis, More erosion of CPU data boundaries, RDP patches a pre-auth problem and even resuscitates a patch process for XP, Microsoft’s Attack Surface Analyzer gives DevSecOps team… Continue reading Application News – Application Security Weekly #62
In the Application News, Chrome constrains the cookies and Edge pushes privacy, Windows builds a sandbox for Linux, Android Q for more quarantined code with more LLVM features, Steve Singh stepping down as Docker CEO, and Verizon releases its 2019 … Continue reading Application News – Application Security Weekly #61
Firefox gives more scrutiny to add-ons but Firefox also forgot to give more scrutiny to a cert, Path traversals trampled by ransomware, Secure Software Design: The Next Frontier In Cybersecurity, Trust the Stack, Not the People, VRT adds a CAN, and… Continue reading Application News – Application Security Weekly #60
In the Application Security News, Software update gums up fingerprints, a counterproductive security practice expires thanks to well-considered guidelines, Docker Hub breach response, a path to hacking Ruby Gems, 5 Security Challenges to API Protec… Continue reading Application News – Application Security Weekly #59
Many websites threatened by highly critical code-execution bug in Drupal, UK parliament calls for antitrust, data abuse probe of Facebook, CommitStrip: Get rich quick, Google says the built-in microphone it never told Nest users about was ‘ne… Continue reading Bugs, Breaches, and More! – Application Security Weekly #52
In the Application Security News, Many popular iPhone apps secretly record your screen without asking, MongoDB databases still being held for ransom, Most of the Fortune 100 still use flawed software that led to the Equifax breach, and a Chrome ext… Continue reading Application News – Application Security Weekly #50
Three UK customer details exposed in homepage blunder, Microsoft cloud services see global authentication outage, the age of surveillance capitalism, the rise of DevXOps, and much more! News Bugs, Breaches, and More! 1.) Three UK customer details e… Continue reading Application News – Application Security Weekly #49