This week in the AppSec News: Lessons learned from fuzzing, OT:ICEFALL report on insecure designs, CSA's Top Threats to Cloud Computing, Twitter apologizes for misusing data collection, & State of Open Source Security report!
Both GraphQL and template engines have the potential for injection attacks, from potentially exposing data due to weak authorization in APIs to the slew of OGNL-related vulns in Java this past year. We take a look at both of these technologies in order to understand the similarities in what could go...
This week, Jason Wood talks: Fancy Bear Nukes, CISA/NSA on PowerShell, and Lots More Crime, as well as all the show Wrap-Ups on the Security Weekly News!