Application Security This Week for November 17

Great breakdown on finding bugs in an OAUTH flow

https://blog.teddykatz.com/2019/11/05/github-oauth-bypass.html

 

Only arguably appsec, but there is an artificial intelligence story writer that was determines to be too powerful to release into the wild, and it has been released into the wild

https://nakedsecurity.sophos.com/2019/11/11/ai-wordsmith-too-dangerous-to-be-released-has-been-released/

 

Remember when WordPress malware was all the rage?  Well, not it is Slack Themes

https://fletchto99.dev/2019/november/slack-vulnerability/

 

I am a web guy, not an OS guy, so I learned a ton from this rootkit primer

https://capsule8.com/blog/dont-get-kicked-out-a-tale-of-rootkits-and-other-backdoors/

 

That's the news, folks.

Comments are closed
Mastodon