Facebook, RedHat, & Russian Twitterbots – Application Security Weekly #03

This week, Doug and Keith discuss the last of the top ten most critical web application security risks! They discuss security misconfiguration, insecure deserialization, insufficient logging and monitoring, and more on this episode of Application Security Weekly!

Learning & Tools

News

The Star

Tim Cook surprises kids taking coding lessons at Apple store in Eaton Centre

Bugs, Breaches, and More!

Critical Flaw in All Blizzard Games Could Let Hackers Hijack Millions of PCs Here’s why the epidemic of malicious ads grew so much worse last year After ignoring for months, Uber fixes two-factor bypass bug after all Facebook invites submissions for “Secure the Internet Grants” Redhat have now reverted CPU patches for Spectre due to stability issues introduced Hackers Are Using ‘Fire & Fury’ to Install Malware

If you build it, they will come

Russian Twitterbots are blaming the US shutdown on Democrats “80% of the AWS creds I posted to github got stolen. But <10% of the ones posted to pastebin, which is better than some commercial secret storage services I’ve tried…” - Dan Bourke from Atlassian on his SPACECRAB honeytokens project at Malicious Chrome extension is next to impossible to manually remove

Food for Thought

Automation Critical to Securing Code in an Agile, DevOps World Working overnight has been classified as a carcinogen Which programming language are you? Full Show Notes Subscribe to our YouTube channel: https://www.youtube.com/securityweekly [audio src="http://traffic.libsyn.com/aswaudio/Facebook_RedHat__Russian_Twitterbots_-_Application_Security_Weekly_71_converted.mp3" ]