by Bill Sempf
22. July 2018 12:56
It has come to my attention that one of Paul Asadoorian's Security Weekly broadcasts is titled Application Security Weekly! I had no idea. It's good too, you should listen. I caught up with the last few weeks when I drove over to Indianapolis to chat with the Indy Software Artisans meetup. Anyway, I am changing the title of this recurring series of posts to Application Security This Week because of the mixup.
Interesting discussion over at El Reg about the weakest link in software security.
https://www.theregister.co.uk/2018/07/16/who_is_the_weakest_link_in_software_security/
Oracle addressed 334 security vulnerabilities in its latest patch series.
https://www.us-cert.gov/ncas/current-activity/2018/07/17/Oracle-Releases-July-2018-Security-Bulletin
Shape Security did the math, and 9 out of 10 login attempts on the web are bypass attempts.
http://info.shapesecurity.com/rs/935-ZAM-778/images/Shape_Credential_Spill_Report_2018.pdf?aliId=7269967
94db4f3c-a4c1-451f-86ee-20cf7dbad71d|0|.0|96d5b379-7e1d-4dac-a6ba-1e50db561b04
Tags:
AppSec
Subscribe