Application Security This Week for January 27

Here's a thread by Michael Stanek about how bad 7-zip's encryption algorithm is.  I use this all the time and had no idea.

https://threadreaderapp.com/thread/1087848040583626753.html

 

An exploit POC that Mark Haase wrote for the new SCP vulnerability.

https://gist.github.com/mehaase/63e45c17bdbbd59e8e68d02ec58f4ca2

 

Hadoop is the new target for a lot of malware.  Please stop leaving your clusters vulnerable.

https://www.theregister.co.uk/2019/01/24/hadoop_malware_attack/

 

Chrome is turning off the API that UBlock Origin uses. Makes sense - Chrome is free, Google is an ad company. Whatcha gonna do?

https://www.theregister.co.uk/2019/01/22/google_chrome_browser_ad_content_block_change/

 

While you're here, the Central Ohio Infosec Summit has their annual Call For Papers open.  Submit!

https://www.infosecsummit.com/eSites/2019cbusinfosec/Homepage

 

And that's the news.

Comments are closed

Bill Sempf

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

 

 

profile for Bill Sempf on Stack Exchange, a network of free, community-driven Q&A sites

MonthList