Application News – Application Security Weekly #49

 

 

Three UK customer details exposed in homepage blunder, Microsoft cloud services see global authentication outage, the age of surveillance capitalism, the rise of DevXOps, and much more!

News

Bugs, Breaches, and More!

1.) Three UK customer details exposed in homepage blunder

2.) Microsoft cloud services see global authentication outage

3.) Microsoft Exchange vulnerable to ‘PrivExchange’ zero-day

If you build it, they will come

1.) Advocacy groups are pushing the FTC to break up Facebook

2.) Safari engineers look at different approach to fighting intrusive ads

3.) On Bounties and Boffins

Learning & Tools

1.) The Age of Surveillance Capitalism

2.) The Life of a GitHub Action

3.) Reliable MD5 Collisions are Rea

Food for Thought

1.) Security Isn’t Enough. Silicon Valley Needs ‘Abusability’ Testing

2.) The Rise of DevXOps

3.) CommitStrip: Git-LFS

Full Show Notes

Follow us on Twitter: https://www.twitter.com/securityweekly

Hosts

Keith Hoodlet
Keith Hoodlet – Application Security Manager, Thermo Fisher Scientific.
Paul Asadorian
Paul Asadorian – CEO, Security Weekly.

 

 

 

 

 

Announcements

  • RSA Conference 2019 is coming up March 4 – 8 in San Francisco! Go to rsaconference.com/securityweekly-us19 to register now using the discount code 5U9SWFD to receive $100 off a full conference pass! If you are interested in booking an interview or briefing with Security Weekly, please go to securityweekly.com/conferencerequest to submit your request!
  • Join us April 1-3, at Disney’s Contemporary Resort for InfoSec World 2019 where you can connect and network with like-minded individuals in search of actionable information. Visit https://infosecworld.misti.com/ and use the registration code OS19-SECWEEK for 15% off the Main Conference or World Pass. If you are interested in booking an interview or briefing with Security Weekly, please go to securityweekly.com/conferencerequest to submit your request!