Application Security Weekly Subscribe

Email security, Vulnerability Management, Leadership, Application security

AWS S3 Crypto SDK, ReVoLTE Attack, & Microsoft Bug Bounties – ASW #118

August 17, 2020

Microsoft Bug Bounty Programs Year in Review: $13.7M in Rewards, In-band key negotiation issue in AWS S3 Crypto SDK for golang, ReVoLTE attack can decrypt 4G (LTE) calls to eavesdrop on conversations, Hardware Security Is Hard: How Hardware Boundaries Define Platform Security, How to make your security team more business savvy, and more!

Full episode and show notes

Announcements

Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

Hosts

Tech Lead at Block

Senior Engineering Leader at AWS

Chief Product Officer at CyberSaint

Related

Third-Party Risk Management – BEC Compromises and the Cloud – Michael Swinarski – CSP #167

March 26, 2024

Third-Party Risk Management is essential for safeguarding an organization's assets, reputation, and operations. By identifying, assessing, and managing risks associated with external partners, organizations can enhance their resilience, protect sensitive information, and maintain the trust of stakeholders in an increasingly interconnected business ...

Prioritizing Identity and Getting the Fundamentals Right – Bezawit Sumner – CSP #151

December 5, 2023

Prioritizing identity and getting the fundamentals right. We are managing more identities than ever – people-people, machine-to-machine, and people-machines. What actions should CISOs be ensuring are being done within the environment to prioritize identities? Join us as we discuss where Bezwit has focused to enhance the identity management process....

Email impersonation threats reaching corporate inboxes hit an all-time high – John Wilson – ESW #326

August 3, 2023

While malware and ransomware tend to dominate cybersecurity headlines, Fortra’s research shows that nearly 99% of email threats reaching corporate inboxes utilize impersonation rather than malware. Email impersonation is a key component of credential phishing, advance fee fraud, hybrid vishing, and business email compromise schemes. Because email i...