A very deep dive into iOS Exploit chains found in the wild followed by Heap Exploit Development, Twitter turns off SMS texting after @Jack hijacking, CVE-2019-15846: Unauthenticated Remote Command Execution Flaw Disclosed for Exim, 7 Steps to Web App Security, Fuzzing 101: Why Bug Hunters Still Love It After All These Years, and more!
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode75
Visit https://www.securityweekly.com/asw for all the latest episodes!
[caption id="attachment_210" align="alignleft" width="120"] John Kinsella - Vice President of Container Security[/caption]
[caption id="attachment_210" align="alignleft" width="120"] Matt Alderman - CEO[/caption]
[caption id="attachment_210" align="alignleft" width="120"] Mike Shema - Product Security Lead[/caption]
We have exciting news about the Security Weekly webcast program: We are now partnered with (ISC)2 as an official CPE provider! If you attend any of our webcasts, you will be receiving 1 CPE credit per webcast! Register for one of our upcoming webcast with Zane Lackey of Signal Sciences, Ian McShane from Endgame, or Stephen Smith and Jeff Braucher of LogRhythm (or all 3!) by going to securityweekly.com/webcasts If you have missed any of our previously recorded webcasts, you can find our on-demand library at securityweekly.com/ondemand
Security Weekly will be at Hacker Halted in Atlanta, GA this October 10th-11th! EC-Council is offering our listeners a $100 discount to attend the two day conference. Use discount code HH19SW when you register or go to securityweekly.com/hackerhalted and register there! Make sure you checkout the keynote (Paul Asadoorian) and Mr. Jeff Man's talk as well!
A law originally designed to push IT modernization in the federal government should be used to evaluate how agencies are meeting a number of government-wide cybersecurity goals, from modernization and supply chain threats to implementing post-quantum encryption protocols, experts told Congress.