Application Security This Week for December 15

by Bill Sempf 15. December 2019 13:36

Nice writup that explains a pivot from and iPhone app all the way through to domain access via chained exploits. Application security is hard.

https://decoder.cloud/2019/12/12/from-iphone-to-nt-authoritysystem/

 

The security.txt file is near becoming an IETF standard.

https://mailarchive.ietf.org/arch/msg/ietf-announce/OFuiGlVv6WgvEEABaGmnYi120yU

 

Cool Azure horizontal privilege escalation writeup using the cloud shell.

https://blog.netspi.com/attacking-azure-cloud-shell/

 

That's the news. Hope everyone is having a stress-free holiday.

Tags:

E-Mail | Kick it! | DZone it! | del.icio.us
Permalink | Comments (0)
Comments are closed

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

Find me on Mastodon

PageList

profile for Bill Sempf on Stack Exchange, a network of free, community-driven Q&A sites

MonthList

TagCloud

Mastodon