Log4j for FTC, More JNDI, Cache Poisoning, Improving Default Configs, ThinkstScapes – ASW #179
The FTC issues a warning about taking log4j seriously, JNDI is elsewhere, cache poisoning shows challenges in normalizing strings, semgrep for refactoring configs with security in mind, the Q4 2021 ThinkstScape quarterly, Salesforce to require MFA Visit https://www.securityweekly.com/asw for all the latest episodes!
Log4j for FTC, More JNDI, Cache Poisoning, Improving Default Configs, ThinkstScapes
Hosts
|
John Kinsella – Co-founder & CTO at Cysense @johnlkinsella
John Kinsella is the Chief Architect for Accurics |
|
Mike Shema – Security Partner at Square @Codexatron
Mike Shema is a Security Partner at Square. |
Announcements
-
Don’t miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
-
Join us January 20th to learn how to build your own security lab at home! Then join us February 16th to learn about validation techniques within applications. Finally, join us March 2nd to learn five things you can do to catch more bad guys! Don’t forget to check out our library of on-demand webcasts & technical trainings at https://securityweekly.com/ondemand.