$1M Google Hacking Prize, 1.2B Records Exposed in Massive Server Leak, How Attackers Could Hijack Your Android Camera to Spy on You, XSS in GMail’s AMP4Email via DOM Clobbering, and much more!

Visit https://www.securityweekly.com/asw for all the latest episodes!

Full Episode Show Notes

To learn more about our sponsors visit: The Security Weekly Sponsor’s Page

Application News

Bugs, Breaches, and More!

• $1M Google Hacking Prize
• 1.2B Records Exposed in Massive Server Leak
• How Attackers Could Hijack Your Android Camera to Spy on You
• XSS in GMail’s AMP4Email via DOM Clobbering

If you build it, they will come

• Add defense in depth against open firewalls, reverse proxies, and SSRF vulnerabilities with enhancements to the EC2 Instance Metadata Service

Learning & Tools

• What’s in a WAF?
• Introducing Flan Scan: Cloudflare’s Lightweight Network Vulnerability Scanner

Food for Thought

• When You Know Too Much: Protecting Security Data from Security People

Hosts

Guests

Announcements

• We have exciting news about the Security Weekly webcast program: We are now partnered with (ISC)2 as an official CPE provider! If you attend any of our webcasts, you will be receiving 1 CPE credit per webcast! Register for one of our upcoming webcast with Zane Lackey of Signal Sciences, Ian McShane from Endgame, or Stephen Smith and Jeff Braucher of LogRhythm (or all 3!) by going to securityweekly.com/webcasts If you have missed any of our previously recorded webcasts, you can find our on-demand library at securityweekly.com/ondemand