Application Security This Week for May 24

by Bill Sempf 24. May 2020 12:45

Happy Memorial Day! Take a minute to learn something new about the seven branches of the US Military (see you learned something already)


A new decompiler for ... wait for it ... Visual Studio Code. Yup. Uses Ghidra and IDApro. Neat.


Tenable did a fantastic writeup of Signal's use of WebRTC, and how to abuse it.  Really good research.


Georgetown University published a paper (PDF) on ethics and Artificial Intelligence.


There was a Remote Code Vulnerability in Google's Cloud Deployment Manager.

There is also a username harvesting vulnerability in Azure Portal, but I'll handle that under separate cover.


Not appsec related, but very interesting.  Windows 10 got tcpdump. Now, it's not a conspiracy, it's a debugging tool. Geez, people.


Hope everyone is doing well. Stay in touch.



Comments are closed

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

Find me on Mastodon

profile for Bill Sempf on Stack Exchange, a network of free, community-driven Q&A sites