Aug 04, 2019 Application Security This Week for August 4 The Capital One breach leads the news this week, for a dozen good reasons. https://start.jcolemorrison.com/the-technical-side-of-the-capital-one-aws-security-breach/ Reeeeeely good writup on Crypto attacks from Checkpoint. More than just reading the unreadable, ya know. https://research.checkpoint.com/cryptographic-attacks-a-guide-for-the-perplexed/ The Node Package Manager is in the news again, thanks to a huge kerfuffle related to someone injecting malware into a much-used package. Think before you import, people. https://harry.garrood.me/blog/malicious-code-in-purescript-npm-installer/ https://medium.com/commitlog/the-internet-is-at-the-mercy-of-a-handful-of-people-73fac4bc5068 Credential stuffing attacks are outpacing phishing, sayth Akamai. https://www.theregister.co.uk/2019/07/31/black_hats_hate_banks_says_akamai/ And we are still talking about weakening encryption, of course: https://www.forbes.com/sites/kalevleetaru/2019/07/26/the-encryption-debate-is-over-dead-at-the-hands-of-facebook/#37320cb05362 That's the news, people. Stay safe.