Bill Sempf

May 17, 2020

Application Security This Week for May 17

FireEye has an excellent breakdown of a Remote Access Trojan in C# - which is quite a feat given the...

May 10, 2020

Application Security This Week for May 10

Lots of AWS assessments recently, here is a good new tool for IAM checking. https://github.com/sales...

May 03, 2020

Application Security This Week for May 3

Really awesome article on automating application scanning with OWASP ZAP: https://www.zaproxy.org/bl...

May 02, 2020

The rule of threes

In the world of emergency preparedness, which has been a hobby of mine since I was a Scout, there is...

Apr 26, 2020

Application Security This Week for April 26

Really great breakdown of exploitation of cache poisoning. https://samcurry.net/abusing-http-path-no...

Apr 19, 2020

Application Security This Week for April 19

I Forgot To Post On Easter Because I Was Cooking Edition There is a really need VMWare bug th...

Apr 05, 2020

Application Security This Week for April 5

I'm hoping everyone is safe and healthy. This whole thing is weird. But security news marches on. &n...

Mar 29, 2020

Application Security This Week for March 29

Unusual challenges ahead. Remember that with remote working, application security is on the fr...

Mar 22, 2020

Application Security This Week for March 22

Quarantine edition. Microsoft patches the newest SMB flaw. Stop using SMB. https://nake...

Mar 15, 2020

Application Security This Week for March 15

SMBv3 is borked. Block port 445. https://portal.msrc.microsoft.com/en-US/security-guidance/adv...

Mar 08, 2020

Application Security This Week for March 8

NordVPN has yet another interesting application security vulnerability. https://www.theregister.co.u...

Mar 01, 2020

Application Security This Week for March 1

From @baskarmib on Twitter, we have an example of malware that will steal your Google authenticator...

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

2025
- April (1)
- March (2)
- February (1)
2024
- November (1)
- April (1)
- March (2)
- February (2)
2022
- June (1)
- April (1)
- March (1)
- February (1)
2021
- April (3)
- March (3)
- February (3)
- January (4)
2020
- December (5)
- November (5)
- October (3)
- September (4)
- August (5)
- July (4)
- June (5)
- May (6)
- April (3)
- March (5)
- February (4)
- January (5)
2019
- December (5)
- November (4)
- October (4)
- September (3)
- August (5)
- July (4)
- June (4)
- May (2)
- April (4)
- March (6)
- February (3)
- January (3)
2018
- December (5)
- November (4)
- October (3)
- September (3)
- August (4)
- July (6)
- June (5)
- May (8)
- April (7)
- March (2)
- January (1)
2017
- December (1)
- November (2)
- October (1)
- September (2)
- June (2)
2016
- January (1)
2015
- December (6)
- September (2)
- August (1)
- July (1)
- March (1)
- January (1)
2014
- October (1)
- September (3)
- August (2)
- July (1)
- March (2)
- January (3)
2013
- December (2)
- November (1)
- October (2)
- May (1)
- April (1)
- March (2)
- January (1)
2012
- December (1)
- August (1)
- July (6)
- June (1)
- May (2)
- April (1)
- March (3)
- February (2)
- January (1)
2011
- December (1)
- November (1)
- October (4)
- September (2)
- August (1)
- June (1)
- May (1)
- April (2)
- March (1)
- February (1)
- January (3)
2010
- November (1)
- October (2)
- September (6)
- August (8)
- June (5)
- May (1)
- April (4)
- March (4)
- February (5)
- January (4)
2009
- December (2)
- November (3)
- October (4)
- September (4)
- August (2)
- July (3)
- June (6)
- May (2)
- March (1)
- February (4)
2008
- November (2)
- October (1)
- August (1)
- July (1)
- June (2)
- May (2)
- April (2)
- February (2)
- January (1)
2007
- September (1)
- July (6)
- June (4)
2006
- November (3)
- October (1)
- June (2)
- May (2)
- April (2)
- March (1)
2005
- September (1)
- August (2)

Mastodon