Mar 29, 2022
In the AppSec News: Okta breach, fuzzing Rust find ReDos, SQL injection and the age of code, Log4j numbers paint a not-pretty picture
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes:
Mar 28, 2022
Developers ignore security issues. But can we really blame them? After all, security folks bombard them with an endless stream of issues that need to be addressed with no way for them to separate what’s actually critical from all the noise, all while they are expected to release software more frequently and faster...
Mar 22, 2022
This week in the AppSec News: A great escape isn't always as great as it sounds, Solana cryptocurrency logic isn't always as great as intended, some people's idea of "peace" isn't that great at all, and some great security suggestions for package maintainers.
Visit https://www.securityweekly.com/asw for all the latest...
Mar 21, 2022
Past research such as JNDI Injection, Unsafe deserialization, Struts RCEs - OSS security: CodeQL, Dependabot, collaboration between researchers and developers, OWASP Top Ten Proactive Controls, CVD for OSS
Segment Resources:
- [Write more secure code with the OWASP Top 10 Proactive Controls]
Mar 15, 2022
This week in the AppSec News: Dirty Pipe vuln hits the Linux Kernel, AutoWarp vuln hits Azure Automation, TLStorm hits critical infrastructure, & hacking the Mazda RX8 ECU!
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: