InfoSec World 2021 is proud to announce its keynote lineup for this year’s event! Hear from Robert Herjavec plus heads of security at the NFL, TikTok, U.S. Department of Homeland Security, Stanford University, and more… Plus, Security Weekly listeners save 20% on Digital Pass registration! Visit https://securityweekly.com/isw2021 to register now!
Network breaches, ransomware attacks, and remote-work challenges highlight the need for cloud-native Secure Access Service Edge (SASE) deployments.
Brakeman is a free static analysis security tool specifically designed for Ruby on Rails applications. It analyzes Rails application code to find security issues at any stage of development.
Justin first released Brakeman in 2010. In 2018, the commercial version, “Brakeman Pro”, was acquired by Synopsys. Brakeman continues to be a very popular security tool for Rails, with tens of thousands of downloads per day.
Justin Collins – People Empowerer for Product Security Team at Gusto
Justin currently empowers the product security team at Gusto. In the past, he has been an application security engineer at SurveyMonkey, Twitter, & AT&T Interactive. Justin is the primary author of Brakeman, a free static analysis security tool for Ruby on Rails. The commercial version of Brakeman was acquired by Synopsys in 2018.
Co-founder & CTO at Cysense
Security Consultant at Rapid 7
Founder at Security Weekly
3. Dubious Drones, NSO Group, Apple’s Bug Bounties, Ghostscript 0-Day, & IBM Server Bugs – 08:00 PM-09:30 PM
Do you want to stay in the loop on all things Security Weekly? Visit https://securityweekly.com/subscribe to subscribe on your favorite podcast catcher or our Youtube channel, sign up for our mailing list, join our Discord Server, and follow us on our newest live-streaming platform, Twitch!
Security Weekly Unlocked will be held IN PERSON this December 5-7 at the Hilton Lake Buena Vista!
We are excited to announce our speakers: Lesley Carhart, John Strand, Alyssa Miller, Dave Kennedy, O’Shea Bowens, Marina Ciavatta, Patrick Coble, Chris Eng, Eric Escobar, Nick Leghorn, Michael Schladt, Kevin Johnson, Justin Kohler, Jay Beale, Trenton Ivey & Ryan Cobb!
Security Analyst at Black Hills Information Security
U.S. Company Sold Zero-Click Hacking Tool to UAE Spy Operation – “Baier, Adams, and Gericke are alleged to have violated the International Traffic in Arms Regulations and conspired to commit access device fraud and computer hacking offenses. In another filing, prosecutors added that they will drop the charges if the three men cooperate with U.S. authorities, pay a financial penalty, and agree to a list of unspecified restrictions on their employment” – So, turns out, you can’t just sell exploits to anyone willy niilly…(or if you do, there are consequences)
There Are Too Many Underemployed Former Spies Running Around Selling Their Services to the Highest Bidder – Agree? “This has been a years-long investigation and, in addition, far from the spotlight, policymakers have been trying to update the laws and regulations regarding how much of their expertise former American intelligence operatives can peddle to foreign countries, which will use that expertise to, oh, let’s just say, ratfck any attempts to reform their oil-sodden repression. This cannot be a space that is beyond the law.”
Google is backing security reviews of these key open source projects – “OSTIF has identified a total of 25 MAP projects targeted for funding, including the eight that Google has funded to date. Other projects with funding pending support include well-known systems and tools developers use, such as the Drupal and Joomla web content management systems, webpack, reprepro, cephs, Facebook-maintained React Native, salt, Gatsby, Google-maintained Angular, Red Hat’s Ansible, and Google’s Guava Java framework. “
Apple Issues Urgent Updates to Fix New Zero-Day Linked to Pegasus Spyware – “The updates arrive weeks after researchers from the University of Toronto’s Citizen Lab revealed details of a zero-day exploit called “FORCEDENTRY” (aka Megalodon) that was weaponized by Israeli surveillance vendor NSO Group and allegedly put to use by the government of Bahrain to install Pegasus spyware on the phones of nine activists in the country since February this year.”
Anonymous Claims to Have Stolen Huge Trove of Data From Epik, the Right-Wing’s Favorite Web Host – “Members of the hacktivist collective Anonymous claim to have hacked web registration company Epik, allegedly stealing “a decade’s worth of data,” including reams of information about its clients and their domains. Epik is controversial, having been known to host a variety of rightwing clients, including ones that other web hosting providers, like GoDaddy, have dropped for various reasons.” – How active is Anonymous these days?
No Patch for High-Severity Bug in Legacy IBM System X Servers – “By sending a specially-crafted request through SSH or Telnet session, an attacker could exploit this vulnerability to execute arbitrary commands on the system.” The fix is easy LOL: “Disable SSH and Telnet (This can be done in the Security and Network Protocol sections of the navigation pane after logging into the IMM web interface)”
Security Researchers Unhappy With Apple’s Bug Bounty Program – So get this, researchers say: “Security researchers said that Apple limits feedback on which bugs will receive a bounty, and former and current Apple employees said there’s a “massive backlog” of bugs that have yet to be addressed.” and “In interviews with more than two dozen security researchers, The Washington Post collected a number of complaints. Apple is slow to fix bugs, and doesn’t always pay out what’s owed.”. YET, Apple says: “Apple feels the program has been a success, and that Apple has doubled the amount that it paid in bug bounties in 2020 compared to 2019. Apple is, however, still working to scale the program, and will offer new rewards in the future”
Critical vulnerability in HAProxy – “HTTP Request Smuggling is an attack technique that emerged in 2005. It is based on interfering with the processing of HTTP requests between the frontend server (i.e. HAProxy) and the backend server. An adversary typically exploits this technique by sending a specially crafted request that includes an additional request in its body. On a successful attack, the inner request is smuggled through the frontend (that considers it as only the request’s body) but is consumed as a normal request by the backend.”
PoC released for Ghostscript vulnerability that exposed Airbnb, Dropbox – “Hackers have released proof-of-concept code that exploits a recently demonstrated vulnerability in older but still widely used versions of Ghostscript, the popular server-side image conversion software package. Security researcher Emil Lerner demonstrated an unpatched vulnerability for Ghostscript version 9.50 at the ZeroNights X conference in Saint Petersburg, Russia last month.” – PoC: https://github.com/duc-nt/RCE-0-day-for-GhostScript-9.50 and more info: https://therecord.media/ghostscript-zero-day-allows-full-server-compromises/ (Originally From: https://twitter.com/jensvoid/status/1435631308294795264)