DevOps

Bugs, Breaches, and More! – Application Security Weekly #52

February 25, 2019

 

 

Many websites threatened by highly critical code-execution bug in Drupal, UK parliament calls for antitrust, data abuse probe of Facebook, CommitStrip: Get rich quick, Google says the built-in microphone it never told Nest users about was 'never supposed to be a secret', and much more!

Full Show Notes

News

Bugs, Breaches, and More!

1.) Many websites threatened by highly critical code-execution bug in Drupal

2.) IT subcontractor left 2.7 million recorded calls from people seeking medical advice exposed on the internet

3.) Password Managers: Under the Hood of Secrets Management & 1Password's Response

If you build it, they will come

1.) Google says the built-in microphone it never told Nest users about was 'never supposed to be a secret'

2.) You Give Apps Sensitive Personal Information. Then They Tell Facebook.

3.) UK parliament calls for antitrust, data abuse probe of Facebook

Food for Thought

1.) Facebook uses its apps to track users it thinks could threaten employees and offices

2.) Life On The Other Side Of Digital Transformation: Another Peek

3.) CommitStrip: Get rich quick 

Follow us on Twitter: https://www.twitter.com/securityweekly

Hosts

[caption id="attachment_210" align="alignleft" width="120"]Paul Asadorian Paul Asadorian - CEO, Security Weekly.[/caption] [caption id="attachment_210" align="alignleft" width="120"]Keith Hoodlet Keith Hoodlet - Application Security Manager, Thermo Fisher Scientific.[/caption]

 

 

 

 

 

Announcements

  • Join us April 1-3, at Disney's Contemporary Resort for InfoSec World 2019 where you can connect and network with like-minded individuals in search of actionable information. Visit https://infosecworld.misti.com/ and use the registration code OS19-SECWEEK for 15% off the Main Conference or World Pass. If you are interested in booking an interview or briefing with Security Weekly, please go to securityweekly.com/conferencerequest to submit your request!
  • SecureWorld Boston is hosting their 15th annual conference March 27-28 @ the Hynes Convention Center. Security Weekly Listeners save $100 off a full conference pass by visiting secureworldexpo.com and using the code 'SecurityWeekly'
  • OSHEAN is hosting RI Cybersecurity Exchange Day on March 13th at the O'Hare Academic Building at Salve Regina in Newport, RI! Register Now @ OSHEAN.org/events.
  • We just released our 2019 Security Weekly 25 Index Survey. Please go to securityweekly.com and click the Survey link to help us understand who's evaluating, using, or formerly used any of the Security Weekly 25 companies. The results will be summarized and presented back to all responders in a private webcast.

 

[audio src="http://traffic.libsyn.com/sw-all/Bugs_Breaches_and_More_-_Application_Security_Weekly_52_converted.mp3" ]

prestitial ad