Developing Future Cybersecurity Contributors – Brian Glas – ASW #197
What does it look like to try teaching cybersecurity at an undergraduate level? What are the goals and challenges faced when trying to help future…
Smart Contract Security, Heroku Breach, & Real World Crypto Highlights – ASW #196
In the AppSec News Mike and John discuss: Secure coding practices and smart contracts, lessons from the Heroku breach, Real World Crypto conference highlights, and…
Securing SAP: Addressing the Critical & Complex Challenge – Christoph Nagy – ASW #196
With 77 percent of all financial transactions touching an SAP system, SAP is the backbone and heart of most organizations. Add to this the vast…
ExtraReplica, Document.domain Disfavored, & Highlights From Thinkst Quarterly – ASW #195
This week in the AppSec News: ExtraReplica in Azure, Chrome disfavors document.domain, appsec presentations highlighted in the latest Thinkst Quarterly, Nimbuspwn Vuln in Linux, &…
Bad Bots: Automated Threat Targeting Your Websites, Mobile Apps, & APIs – Lynn Marks – ASW #195
Sponsored By Visit https://securityweekly.com/imperva for more information! Bad bots accounted for a record-setting 27.7% of all global website traffic in 2021. These automated threats create…
Java’s ECDSA for Nought, Writing a Kernel RCE, Okta’s Conclusion, Log4Shell Hot Patch – ASW #194
Java’s ECDSA implementation is all for nought, writing a modern Linux kernel RCE, lessons learned from the Okta breach, lessons repeated from a log4shell hot…
What Does Software Supply Chain Security Threat Mean to Developers? – Dr. Chenxi Wang – ASW #194
How should we empower developers to embrace the NIST software development practices? Because from here on out, developers need to view themselves as the front…
OAuth Tokens Taken, Vulns in Medical IoT, Scoring a Proactive Security Culture – ASW #193
OAuth tokens compromised, five flaws in a medical robot, lessons from ASN.1 parsing, XSS and bad UX, proactive security & engineering culture at Chime Visit…
Change Controls Are More Necessary Than Ever – Rebecca Herold – CSP #64
Sponsored By Visit https://www.cybereason.com/cisostories for more information! Organizations are developing technology at a rapid pace today to maintain business relevance and adapt to changing conditions….
Filter By:
Typosquatting, Curl’s Security Update, & OpenSSF’s 10 Point Mobilization Plan – ASW #197
This week in the AppSec News: Typosquatting spreads to Rust, curl fixes flaws in mishandling dots and slashes, OpenSSF invests in a mobilization plan for…