Application Security Weekly Subscribe

Two Phones – Application Security Weekly #36

October 24, 2018

Full Audio

View Show Index

Segments

1. Bugs, Breaches, and More! –

Paul and April Wright discuss a jQuery Plugin that has been exploited for years is finally getting patched, a flaw in LibSSH leaves thousands of servers at risk, and a remote code implantation flaw found in Medtronic Cardiac Programmers.

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode36

2. Cryptocurrency, Disney, and Adobe –

Hackers hide Cryptocurrency malware in Adobe flash updates, the government is finally rolling out 2 Factor Authentication for Federal Agency Domains, and Disney is helping women from across their company to become Developers!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode36

Host

Paul Asadoorian

Principal Security Evangelist at Eclypsium

https://securitypodcaster.com

Related

Threat Modeling and Understanding Inherent Threats – Adam Shostack – ESW #359

April 25, 2024

This is a great interview with Adam Shostack on all things threat modeling. He's often the first name that pops into people's heads when threat modeling comes up, and has created or been involved with much of the foundational material around the subject. Adam recently released a whitepaper that focuses on and defines inherent threats. Resources: ...

How GenAI Can Improve SecOps – Ely Kahn – ESW #359

April 25, 2024

We've talked about generative AI in a general sense on our podcast for years, but we haven't done many deep dives into specific security use cases. That ends with this interview, as we discuss how generative AI can improve SecOps with Ely Kahn. Some of the use cases are obvious, while others were a complete surprise to me. Check out this episode if...

Application security

Autonomous – I don’t think that word means what you think it means – ESW #359

April 25, 2024

A clear pattern with startups getting funding this week are "autonomous" products and features. Automated detection engineering Autonomously map and predict malicious infrastructure ..."helps your workforce resolve their own security issues autonomously" automated remediation automated compliance management & reporting I'll believe it when ...