Airline Hacks, MicroTik Bug, & WordPress – Application Security Weekly #37

Millions of passengers affected by Cathay Pacific Airline Hack, China has been hijacking the internet backbone of Western countries, how proficient are developers at fixing Application Security flaws, WordPress team working to wipe-out older versions f… Continue reading Airline Hacks, MicroTik Bug, & WordPress – Application Security Weekly #37

Bluebox-ng, Stock Data Breaches, and CommitStrip- Application Security Weekly #32

 Alpine Linux hit with bug that can lead to Poisoned Containers, data breaches affect stock performance in the long run, Bluebox-ng, a Node.js VoIP pentesting framework, and CommitStrip: It’s Not an App! News Bugs, Breaches, and More! 1.) Alpine… Continue reading Bluebox-ng, Stock Data Breaches, and CommitStrip- Application Security Weekly #32

Spectre, OWASP, and iGoat – Application Security Weekly #26

New Spectre attack can remotely steal secrets, Microsoft discovers supply chain attack at unnamed maker of PDF Software, XSS filter in edge, OWASP iGoat is a vulnerable swift application for iOS, and much more! Full Show NotesFollow us on Twitter: http… Continue reading Spectre, OWASP, and iGoat – Application Security Weekly #26

FireFox, Windows 10, DevOps, and BitHubLab – Application Security Weekly #19

Application news, DevOps food for thought, learning & tools from BitHubLab, and bugs, breaches, and more! News Bugs, Breaches, and More! 1.) FireFox uXSS and CSS XSS 2.) Windows 10 April 2018 Update Breaks SMBv1 3.) Some Signal Disappearing Message… Continue reading FireFox, Windows 10, DevOps, and BitHubLab – Application Security Weekly #19

Nest, Node.js, & F.Secure – Application Security Weekly #

In the news, the entire Nest ecosystem of smart home devices goes offline, how Alphabet plans to keep hackers away from this year’s election, the Node.js Ecosystem is chaotic and insecure, open-source vulnerabilities plague enterprise codebase sy… Continue reading Nest, Node.js, & F.Secure – Application Security Weekly #

Text Bombs, Black Dots of Death, and Azure – Application Security Weekly #16

A remote code execution vulnerability is discovered in Electron, the Azure CTO reveals details about Azure confidential computing, and part 1 of 3 on the ways of DevSecOps. Full Show NotesVisit our website: http://securityweekly.com Follow us on Twitte… Continue reading Text Bombs, Black Dots of Death, and Azure – Application Security Weekly #16

Adam Gordon, ITProTV – Application Security Weekly #16

Adam Gordon comes on the show to talk about DevOps, SecOps, and DevSecOps. He explains how DevOps, as a solution, is the framework for defining software, the nature of automation, and the nature of configuration management today. Full Show NotesVisit o… Continue reading Adam Gordon, ITProTV – Application Security Weekly #16

Building Your AppSec Program – Application Security Weekly #15

Keith and Paul talk more about building your own AppSec program. They discuss working with developers as part of building your appsec program, and giving developers the tools to be able to move fast and break things. Full Show NotesVisit our website: h… Continue reading Building Your AppSec Program – Application Security Weekly #15

Windows, MacOS, & Javascript – Application Security Weekly #12

In the news, Attacking an FTP Client: MGETting more than you bargained for, Warning: Your Windows PC can get hacked by just visiting a site, new MacOS backdoor linked to OceanLotus, & more on this episode of Application Security Weekly! Full Show … Continue reading Windows, MacOS, & Javascript – Application Security Weekly #12

Intel, Slack, Spectre, & NASA – Application Security Weekly #11

In the news, Microsoft rushes out fix for major hole caused by previous Meltdown patch, Intel admits a load of its CPUs have Spectre v2 flaw that can’t be fixed, Slack’s new policy lets bosses read employees’ DMs without consent, Georgia passes A… Continue reading Intel, Slack, Spectre, & NASA – Application Security Weekly #11