Security Weekly
Paul's Security WeeklySubscribe
Application security

Open Redirects – An Underestimated Vulnerability – PSW #688

Learn what redirects are, the different types, how they work and how they are exploited by attackers. Oh, also learn how to defend against redirect attacks!

Sven's Slide Deck - Open Redirects: https://securityweekly.com/wp-content/uploads/2021/03/Netsparker-Sven-Morgenroth-3-25-21-Open-Redirect.pdf

This segment is sponsored by Netsparker.

Visit https://securityweekly.com/netsparker to learn more about them!

Sponsored By

Netsparker
Full episode and show notes

Announcements

  • We're always looking for great guests for all of the Security Weekly shows! Submit your suggestions by visiting https://securityweekly.com/guests and completing the form!

Guest

Sven Morgenroth
Security Researcher at Netsparker

Sven Morgenroth is a security researcher at Netsparker. He found filter bypasses for Chrome’s XSS auditor and several web application firewalls. He likes to exploit vulnerabilities in creative ways and has hacked his smart TV without even leaving his bed. Sven writes about web application security and documents his research on the Netsparker blog.

Hosts

Principal Security Evangelist at Eclypsium
Professor at Roger Williams University
Sr. InfoSec Consultant at Online Business Sytems
Security Analyst at Black Hills Information Security
Senior Cyber Advisor at Lawrence Livermore National Laboratory

Related

PCI 4.0 – PSW #825

Version 4.0 of the Payment Card Industry Data Security Standard (PCI DSS) puts greater emphasis on application security than did previous versions of the standard. It also adds a new “customized approach” option that allows merchants and other entities to come up with their own ways to comply with requirements, and which also has implications for a...