Application Security Weekly Subscribe

The Wind Beneath My Wings – Application Security Weekly #46

January 16, 2019

This week, Keith and Paul interview Rey Bango, Security Advocate for Microsoft! Rey is focused on helping the community build secure systems & being a voice for researchers within MS! In the Application Security News, Another server security lapse at NASA exposed staff and project data, CRLF Injection Into PHP’s cURL Options, System Down: A systemd-journald exploit, GitHub now gives free users unlimited private repositories, Twitter is broken, Government shutdown: TLS certificates not renewed, many websites are down, and much more! Full Show Notes: https://wiki.securityweekly.com/ASW_Episode46 Visit https://www.securityweekly.com/asw for all the latest episodes! Visit our website: https://www.securityweekly.com Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

View Show Index

Full Audio

Segments

1. Rey Bango, Microsoft –

Rey is a security advocate at Microsoft focused on helping the community build secure systems & being a voice for researchers within MS. After a long career in software development, he developed a strong interest in cybersecurity 2 years ago & worked feverishly to transition into this new community.

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode46

Hosts

Keith Hoodlet

Keith Hoodlet

Principal Security Specialist at GitHub

Paul Asadoorian

Paul Asadoorian

Founder at Security Weekly

https://securityweekly.com

2. CRLF, NASA, & GitHub –

Another server security lapse at NASA exposed staff and project data, CRLF Injection Into PHP’s cURL Options, System Down: A systemd-journald exploit, GitHub now gives free users unlimited private repositories, Twitter is Broken, Government shutdown: TLS certificates not renewed, many websites are down, and much more!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode46

Hosts

Keith Hoodlet

Keith Hoodlet

Principal Security Specialist at GitHub

Paul Asadoorian

Paul Asadoorian

Founder at Security Weekly

https://securityweekly.com

Related

Network Device Supply Chain Security – Nate Warfield – BTS #13

September 20, 2023

We dig into network devices/appliances, why they are still around, who is attacking them, and how. Just why are attackers using network devices in ransomware campaigns and how do we stop them? Tune-in to find out as Nate Warfield, Director of Threat Research and Intelligence at Eclypsium joins us for this episode! This segment is sponsored by Ecly...

Vulnerability Management

Ncurses & Bad Things, LVFS is NOT a Backdoor, Physical Proximity, & Oh, Fortinet! – PSW #799

September 20, 2023

In the Security News: LVFS is not a backdoor, attackers are in physical proximity, when you need to re-cast risk, oh Fortinet, pre-installed backdoors again, deep down the rabbit hole, the buffer overflow is in your BIOS!, what is 345gs5662d34?, a cone is all you need, we are compliant because we said so but we lied, 10 years of updates, Microsoft ...

AI Attacks and LLM Security Matters – Nathan Hamiel – PSW #799

September 20, 2023

Nathan comes on the show to discuss LLMs, such as ChatGPT, the issues we face today and in the future. Learn about prompt injection attacks, jailbreaking, LLMs for threat actors, and more!