Application Security This Week for December 16

The House oversight report on Equifax is out, and it is a doosy.  Ouch.

Here's a good Twitter thread on it, unrolled


XXE was added to the OWASP Top 10 and some scoffed.  Read this before you blow it off.


OAuth is a thing, and deserves more research.  If Twitter can screw it up, anyone can.


Wordpress 5 got a security release.  Get your hax in while you can.


So SMS based two factor auth is better than NOTHING, but not much.


That's the news, folks.


Comments are closed

Bill Sempf

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.



profile for Bill Sempf on Stack Exchange, a network of free, community-driven Q&A sites