Application Security

Instagram, Kraken, GitMiner – Application Security Weekly #40

November 21, 2018
Instagram leaks passwords to the public, Clickjacking on Google MyAccount Worth $7,500, James Wickett's thread on Open Source SAST options, an advanced search tool for sensitive information stored in GitHub repos, and more!

News

Bugs, Breaches, and More!
1.) Instagram leaks passwords to the Public 2.) Apple Warned about iPhone X Hack that Stole "Deleted" photo" 3.) Clickjacking on Google MyAccount Worth $7,500
If you Build It, They Will Come
1.) Hacking Gmail's UX with From Fields 2.) Researchers discover Seven new Meltdown and Spectre attacks 3.) One and a half years of scanning GitHub for Sensitive Data
Learning & Tools
1.) James Wickett's thread on Open Source SAST options 2.) Kraken: A cross-platform Yara scanner built for Windows, Mac, FreeBSD, and Linux 3.) GitMiner: An advanced search tool for sensitive information stored in GitHub repos
Food for Thought
1.) What Surveillance Does to your Brain 2.) A bot now tels Financial Times reporters if they're only quoting Men 3.) CommitStrip: HTTP/3 Follow us on Twitter: https://www.twitter.com/securityweekly

Hosts

[caption id="attachment_210" align="alignleft" width="120"]Keith Hoodlet Keith Hoodlet - Application Security Manager, Thermo Fisher Scientific.[/caption] [caption id="attachment_210" align="alignleft" width="120"]Paul Asadorian Paul Asadorian - CEO, Security Weekly.[/caption] [audio src="http://traffic.libsyn.com/sw-all/Instagram_Kraken_GitMiner_-_Application_Security_Weekly_40_converted.mp3" ]
prestitial ad