Application News – Application Security Weekly #53

WordPress accounted for 90 percent of all hacked CMS sites in 2018, Japanese police charge 13-year-old for sharing ‘unclosable popup’ prank online, Facebook exploit – Confirm website visitor identities, NSA’s top policy advisor: It’s time to start putting teeth in cyber deterrence, study shows programmers will take the easy way out and not implement proper password security, and the CommitStrip for the week on Why check for incognito mode?

News

Bugs, Breaches, and More!

1.) WordPress accounted for 90 percent of all hacked CMS sites in 2018

2.) Japanese police charge 13-year-old for sharing ‘unclosable popup’ prank online

3.) Facebook exploit – Confirm website visitor identities

If you build it, they will come

1.) Facebook won’t let you opt out of its phone number ‘look up’ setting

2.) Guess what? Facebook still tracks you on Android apps (even if you don’t have a Facebook account)

3.) Here are the data brokers quietly buying and selling your personal information

Learning & Tools

1.) Ghidra

2.) Real-Time Network Monitoring via Shodan

Food for Thought

1.) NSA’s top policy advisor: It’s time to start putting teeth in cyber deterrence

2.) Study shows programmers will take the easy way out and not implement proper password security

3.) CommitStrip: Why check for incognito mode?

Full Show Notes

Hosts

Paul Asadorian
Paul Asadorian – CEO, Security Weekly.
Keith Hoodlet
Keith Hoodlet – Application Security Manager, Thermo Fisher Scientific.

 

 

 

 

 

Announcements

  • Join us April 1-3, at Disney’s Contemporary Resort for InfoSec World 2019 where you can connect and network with like-minded individuals in search of actionable information. Visit https://infosecworld.misti.com/ and use the registration code OS19-SECWEEK for 15% off the Main Conference or World Pass. If you are interested in booking an interview or briefing with Security Weekly, please go to securityweekly.com/conferencerequest to submit your request!
  • SecureWorld Boston is hosting their 15th annual conference March 27-28 @ the Hynes Convention Center. Security Weekly Listeners save $100 off a full conference pass by visiting secureworldexpo.com and using the code ‘SecurityWeekly’
  • John Strand will be teaching Active Defense and Cyber Deception at Black Hat 2019. Please register here! Register Now @ www.blackhat.com