Collaborate Disseminate
Another server security lapse at NASA exposed staff and project data, CRLF Injection Into PHP’s cURL Options, System Down: A systemd-journald exploit, GitHub now gives free users unlimited private repositories, Twitter is Broken, Government shutdow… Continue reading CRLF, NASA, & GitHub – Application Security Weekly #46
Rey is a security advocate at Microsoft focused on helping the community build secure systems & being a voice for researchers within MS. After a long career in software development, he developed a strong interest in cybersecurity 2 years ago … Continue reading Rey Bango, Microsoft – Application Security Weekly #46
Wormable stored XSS on WordPress.org, a security lapse revealed private complaints from Silicon Valley employees, hackers hijack thousands of Chromecasts to warn of latest security bug, a linting tool for checking accessibility, speed, and security, ho… Continue reading WordPress, Silicon Valley, and Hijacking – Application Security Weekly #45
Harry Sverdlove is the CTO of Edgewise. Harry joins Keith and Paul to discuss what Edgewise does in the AppSec world, segmentation, cloud migration, trying different architectures, and more! To get involved with Edgewise, go to: https://www.edgewise.ne… Continue reading Harry Sverdlove, Edgewise – Application Security Weekly #44
In the Application Security News, a nasty DHCPv6 packet can Pwn vulnerable Linux Boxes, ‘Stalkerware’ website let anyone intercept texts of tens of thousands of people, twelve malicious Python libraries found and removed from PyPI, the U.S…. Continue reading ‘Stalkerware’, DHCPv6 Packets , & Python – Application Security Weekly #38
Corporate networks and user PCs continue to be exploited—leaving your sensitive applications and data vulnerable. Network segmentation is a fundamental way to mitigate the risks associated with these vulnerabilities—but it only works if aut… Continue reading Securing Apps When User Devices Are Compromised
Attend local meetups and conferences, practice your coding skills, get educated by World Class security researchers, do your homework, there’s no substitute for Practice, OWASP Juice Shop, and much more! Full Show NotesFollow us on Twitter: https… Continue reading Landing a Job in Application Security – Application Security Weekly #34
In the Application security news, ‘Fortnite’ developer had sharp words for Google after an Exploit was discovered, PHP flaw puts WordPress sites at risk, Oracle will charge for Java starting in 2019, how Netflix does Failovers in 7 minutes … Continue reading Fortnite, Netflix, & Black Hat – Application Security Weekly #30
Galen founded and lead the team building the Azure Sphere, announced at RSA Conference 2018. Our goal is to make IoT safe for society. Azure Sphere provides an end-to-end solution that enables any device manufacturer to create highly-secured devices; d… Continue reading Galen Hunt, Microsoft – Application Security Weekly #27
More and more countries are modifying their policies with a new “driving license” model. With a classic license model, drivers can be caught frequently; they just have to pay a huge amount of money to the police each time. Since this model… Continue reading Access to Applications Based on a « Driving License » Model