SAPwned, Squarespace Domain Hijacks, AIs Fixing Code, Infosec Investments – ASW #292
SAPwned demonstrates tenets of tenant isolation, a weak login flow puts Squarespace domains at risk, how AIs might (or might not) be useful for fixing code, getting buy-in for infosec investments, and more!
Announcements
Maximize your investment at BlackHat 2024 with a 1:1 on-site interview. Drive thought leadership and boost brand awareness with CyberRisk Alliance's expert editorial team from Security Weekly and SC Media. Act now, limited interview slots available - secure yours today at https://securityweekly.com/blackhat2024
Guest
Farshad Abasi is the Founder and CEO of Forward Security, bringing over 27 years of industry experience to the forefront of cybersecurity innovation. His professional journey includes key technical roles at Intel and Motorola, evolving into senior security positions as the Principal Security Architect for HSBC Global, and Head of IT Security for the Canadian division. Farshad’s commitment to the field extends to his role as an instructor at BCIT, where he imparts his wealth of knowledge to the next generation of cybersecurity experts.
At Forward Security, Farshad leads the development of the Eureka DevSecOps platform and the delivery of comprehensive security services. His diverse experience, ranging from startups to large enterprises, informs Forward Security’s approach to delivering adaptive, reliable solutions.
Engaged actively in the cybersecurity community through roles in BSides Vancouver/MARS, OWASP Vancouver/AppSec PNW, and as a CISSP designate, Farshad’s vision and leadership continue to drive the industry forward. Under his guidance, Forward Security is setting new standards in application and cloud security
Host
- 1. Give Me the Green Light Part 1: Hacking Traffic Control Systems — Red Threat
- 2. SAPwned: SAP AI vulnerabilities expose customers’ cloud environments and private AI artifacts | Wiz Blog
- 3. Researchers: Weak Security Defaults Enabled Squarespace Domains Hijacks
- 4. AI Cyber Challenge (AIxCC) and the Needle Linux Kernel Vulnerability – Part 2
- 5. Why Good Security Fails: The Asymmetry of InfoSec Investment
- 6. Our Statement on Today’s Outage | CrowdStrike