Third-party risk, DevOps, Mobile, Bug bounties

TaskRouter JS SDK, EL1/EL3 Vulnerability, & 234 Alexa Skills Store Violations – ASW #116

July 28, 2020

TaskRouter JS SDK Security Incident, Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Read-Only Path Traversal Vulnerability, An EL1/EL3 coldboot vulnerability affecting 7 years of LG Android devices, Towards native security defenses for the web ecosystem, Academics smuggle 234 policy-violating skills on the Alexa Skills Store, Apple Security Research Device Program, and What is DevSecOps? Why it's hard to do well!Visit https://www.securityweekly.com/asw for all the latest episodes!
Full Episode Show Notes

TaskRouter JS SDK, EL1/EL3 Vulnerability, & 234 Alexa Skills Store Violations

Hosts

[caption id="attachment_210" align="alignleft" width="120"]John Kinsella John Kinsella - Vice President of Container Security[/caption] [caption id="attachment_210" align="alignleft" width="120"]Matt Alderman Matt Alderman - CEO[/caption] [caption id="attachment_210" align="alignleft" width="120"]Mike Shema Mike Shema - Product Security Lead[/caption]

Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!
  • Learn how to keep your "internet self" safe in our next webcast on August 13th! Register for our upcoming webcasts or virtual trainings by visiting https://securityweekly.com/webcasts. Or visit securityweekly.com/ondemand to view our previously recorded webcasts!

[audio src="http://traffic.libsyn.com/sw-all/ASW_116_-_News-0_converted.mp3"]

prestitial ad