Application Security Weekly Subscribe

Good Ol’ Days – Application Security Weekly #41

November 26, 2018

This week, Keith and Paul interview Brent Dukes! Brent is a hacker, and Director of Information Security for an established manufacturing company. He joins Keith and Paul this week to talk about WAF’s, Pentesting, Burp Suite, and more! In the Application Security News, Hackers use Drupalgeddon 2 and Dirty COW exploits to take over web servers, second WordPress hacking campaign underway, USPS took a year to fix a vulnerability that exposed all 60 million users' data, this JavaScript can snoop on other Browser Tabs to work out what you're visiting, and more! Full Show Notes: https://wiki.securityweekly.com/ASW_Episode41 Visit https://www.securityweekly.com/asw for all the latest episodes! Visit https://www.activecountermeasures/asw to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

View Show Index

Full Audio

Segments

1. Brent Dukes –

Brent Dukes is a hacker, and Director of Information Security for an established manufacturing company. He joins Keith and Paul this week to talk about WAF’s, Pentesting, Burp Suite, and more!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode41

Hosts

Keith Hoodlet

Keith Hoodlet

Principal Security Specialist at GitHub

Paul Asadoorian

Paul Asadoorian

Founder at Security Weekly

https://securityweekly.com

2. Drupalgeddon, USPS, & JavaScript –

Hackers use Drupalgeddon 2 and Dirty COW exploits to take over web servers, second WordPress hacking campaign underway, USPS took a year to fix a vulnerability that exposed all 60 million users' data, this JavaScript can snoop on other Browser Tabs to work out what you're visiting, and more!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode41

Hosts

Keith Hoodlet

Keith Hoodlet

Principal Security Specialist at GitHub

Paul Asadoorian

Paul Asadoorian

Founder at Security Weekly

https://securityweekly.com

3. Drupalgeddon, USPS, & JavaScript – Application Security Weekly #41

Hackers use Drupalgeddon 2 and Dirty COW exploits to take over web servers, second WordPress hacking campaign underway, USPS took a year to fix a vulnerability that exposed all 60 million users' data, this JavaScript can snoop on other Browser Tabs to work out what you're visiting, and more! Full Show Notes: https://wiki.securityweekly.com/ASW_Episode41 Follow us on Twitter: https://www.twitter.com/securityweekly

Host

Keith Hoodlet

Keith Hoodlet

Principal Security Specialist at GitHub

Related

Security awareness

What We’ve Learned From Interviewing Cybercriminals – Adam Janofsky – ESW Vault

June 2, 2023

Check out this interview from the ESW VAULT, hand picked by main host Adrian Sanabria! This segment was originally published on October 21, 2021. The Record has published several interviews with cybercriminals, courtesy The Record's Russian-speaking analyst, Dmitry Smilyanets (https://therecord.media/author/dmitry-smilyanets). These interviews hav...

Career Ladders In Information Security – Marc French – BSW Vault

May 31, 2023

Check out this interview from the BSW VAULT, hand picked by main host Matt Alderman! This segment was originally published on June 8, 2020. Marc French has more than 25 years of technology experience in engineering, operations, product management, and security. Prior to his current role at CISO at Product Security Group, Marc was the SVP & Chi...

Vulnerability management

Plain Text Keystrokes, WPBT, One Packet Exploits, & Sock Puppets! – PSW #787

May 31, 2023

In the security news: keystroke logs are stored in plain-text (and other atrocities in software used in schools), WPBT is the gift that keeps on giving and this time it's Gigabyte, PCI DSS 4.0 (drink!), immutable linux desktops, one packet exploits, neat linux malware, sock puppets, a must read new book about hacks, why SMB why?, boot girls, exposi...