All the News - Just Six Months Later - Application Security Weekly #265
5 December 2023 - 1 hour 10 minsWe cover appsec news on a weekly basis, but sometimes that news is merely about the start of a new project, sometimes it's yet another example of a vuln class, and sometimes it's a topic we hope doesn't become a trend.
So, what themes have we seen and where do we see them going? Here are a few headline topics that have alternately generated yays and yawns.
CISA's Secure by Design and Secure by Default CVSS 4.0 Generative AI MFA mandates Microsoft, Rust, and Memory Safety New TLDs OAuth OpenSSF and OWASP In the news, repetition extracts data from ChatGPT, more vulns in the software that surrounds AI, guidelines for secure AI, LogoFAIL trips a boot, BLUFFS attack on Bluetooth, CISA's fir...
Perl & PHP Vulns, Fuzzing & Parsers, Protecting Multi-Hosted Tenants, Secure Design - ASW #303
41 mins
15 October Finished
Stego, uBlock, PPTP, Log4J, Command Jacking, Windows 10, Feet, Josh Marpet, and More. - SWN #422
30 mins
15 October Finished
Cybercab, Golden Jackal, Mamba 2FA, Microsoft, iPhone thieves, esims, Aaran Leyland.. - SWN #421
30 mins
11 October Finished
Community Knowledge Sharing with CyberNest - Ben Siegel, Aaron Costello - ESW #379
1 hour 53 mins
11 October Finished