Application Security This Week for August 2nd

Check your Docker API permissions.  A new piece of malware has been turning cloud hosted containers into mining rigs.

https://www.intezer.com/container-security/watch-your-containers-doki-infecting-docker-servers-in-the-cloud/

 

Remember when I told you that Microsoft is dropping support for TLS 1.0 and 1.1?  Well, SHA-1 is next.

https://www.theregister.com/2020/07/29/microsoft_windows_sha_1/

 

1d8 posted a good primer on setting up an android security analysis lab.  It's pretty solid.

https://github.com/1d8/Android-Analysis

I did a talk on a similar topic at GrrCon a few years back

http://www.irongeek.com/i.php?page=videos/grrcon2016/114-breaking-android-apps-for-fun-and-profit-bill-sempf

 

Finally, I'll be at the OWASP Booth at Virtual BlackHat Wednesday afternoon (3-7 EDT). I have no idea how it will work yet, but it should be fun! Come have a virtual beer with me.

 

That's the news.  Stay safe out there.

Comments are closed
Mastodon