Psychic Paper, Salt RCE, & Love Bugs – ASW #106

This week in the Application Security News, “Psychic Paper” demonstrates why a lack of safe and consistent parsing of XML is disturbing, Beware of the GIF: Account Takeover Vulnerability in Microsoft Teams, Salt Bugs Allow Full RCE as Root on Cloud Servers, Managing risk in today’s IoT landscape: not a one-and-done, and Love Bug’s creator tracked down to repair shop in Manila!Visit https://www.securityweekly.com/asw for all the latest episodes!
Full Episode Show Notes

Psychic Paper, Salt RCE, & Love Bugs

Hosts

John Kinsella
John Kinsella – Vice President of Container Security
Matt Alderman
Matt Alderman – CEO
Mike Shema
Mike Shema – Product Security Lead

Announcements

  • We are looking for high-quality guest suggestions for all of our podcasts to fill our Q3 recording schedule! Submit your suggestions for guests by visiting securityweekly.com/guests and submitting the form! We review suggestions monthly and will reach out to you once reviewed!
  • Learn how penetration testing reduces risk in our next live webcast with Core Security (a Help Systems Company). Register for our upcoming webcasts or virtual trainings by visiting securityweekly.com/webcasts. You can also access our on-demand library of previously recorded webcasts/trainings by visiting securityweekly.com/ondemand.
  • Join us at InfoSecWorld 2020 – June 22nd-24th now a fully virtual event! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code!