Application Security WeeklySubscribe

Facebook, RedHat, & Russian Twitterbots – Application Security Weekly #03

January 30, 2018

This week, Doug and Keith discuss the last of the top ten most critical web application security risks! They discuss security misconfiguration, insecure deserialization, insufficient logging and monitoring, and more on this episode of Application Security Weekly!

Learning & Tools

News

The Star

Tim Cook surprises kids taking coding lessons at Apple store in Eaton Centre

Bugs, Breaches, and More!

Critical Flaw in All Blizzard Games Could Let Hackers Hijack Millions of PCs Here’s why the epidemic of malicious ads grew so much worse last year After ignoring for months, Uber fixes two-factor bypass bug after all Facebook invites submissions for “Secure the Internet Grants” Redhat have now reverted CPU patches for Spectre due to stability issues introduced Hackers Are Using ‘Fire & Fury’ to Install Malware

If you build it, they will come

Russian Twitterbots are blaming the US shutdown on Democrats “80% of the AWS creds I posted to github got stolen. But <10% of the ones posted to pastebin, which is better than some commercial secret storage services I’ve tried…” - Dan Bourke from Atlassian on his SPACECRAB honeytokens project at Malicious Chrome extension is next to impossible to manually remove

Food for Thought

Automation Critical to Securing Code in an Agile, DevOps World Working overnight has been classified as a carcinogen Which programming language are you? Full Show Notes Subscribe to our YouTube channel: https://www.youtube.com/securityweekly [audio src="http://traffic.libsyn.com/aswaudio/Facebook_RedHat__Russian_Twitterbots_-_Application_Security_Weekly_71_converted.mp3" ]

Related

A young woman with a smartphone walks past a billboard advertisement for YouTube.

Threat Management

Majority of YouTube accounts Google terminated in Q3 linked to China

Steve ZurierAugust 29, 2022

While some of the 1,546 YouTube channels terminated by Google emanated from Russia, the vast majority blocked were linked to China.

DevSecOps Scanning Challenges & Tips

Bill BrennerOctober 26, 2021

There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]

It Should Be ‘Cybersecurity Culture Month’

Bill BrennerOctober 19, 2021

It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news