This week, Duo reveals a path from a Docker container to its host, Google fumbles some password functionality, GitHub makes dependency tracking more dependable, and more!
Bugs, Breaches, and More!
If you build it, they will come
Learning & Tools
- MemoryRanger project updated with more Windows kernel-mode driver attacks and defenses
- Razzer reveals Linux kernel data races by focusing the more general syzkaller kernel fuzzer
- Autodesk shares threat modeling documentation
Food for Thought
- Facebook shows its infrastructure for mutual identity and authentication among its services
- The SPIFFE project is working to bring easier mutual authentication to services that adopt it
Follow us on Twitter: https://www.twitter.com/securityweekly
- Register for our upcoming webcasts with SaltStack, DomainTools, and LogRhythm by going to securityweekly.com/webcasts. If you have missed any of our previously recorded webcasts, you can find our on-demand library at securityweekly.com/ondemand
- Some of you told us that you are overwhelmed by the amount of content we distribute! In an attempt to make it a little easier for you to find what you’re interested in, we’ve created our new listener interest list! Sign up for list and select your interests by visiting: securityweekly.com/subscribe and clicking the button to join the list! You can also now submit your suggestions for guests in our recently released guest suggestion form! Go to securityweekly.com/guests and enter your suggestions!
- Security Weekly is returning to Vegas this August for BlackHat and DefCon! If you would like to request a briefing or sponsor an interview on-site at BlackHat, please go to securityweekly.com/booking and submit your request!
- Security Weekly will be at Hacker Halted in Atlanta, GA this October 10th-11th! EC-Council is offering our listeners a 15% discount to sit for any of their Bootcamp Courses or Workshops! Visit Securityweekly.com/hackerhalted to register now!