Application Security This Week for November 8

Compass Security built a really nice Burp plugin that helps with the reporting of findings by copying the request and response pair from various tools.

https://blog.compass-security.com/2020/10/burp-extension-copy-request-response/

 

Container Security is all the rage.  Here is a good primer.

https://cloudberry.engineering/article/practical-introduction-container-security/

 

Random vulnerability names ... so hawt right now.

https://www.theregister.com/2020/11/03/cert_bug_names/

 

One of the Big 4 consulting/audit firms helpfully built a "test your Hacker IQ" quiz that exposes the DB username and password.

https://www.theregister.com/2020/11/05/deloitte_hacker_test/

 

I have written in this humble publication many times about my disdain over cryptic TLS vulnerabilities (pun intended) and now Let's Encrypt is going to cut off 30% of Android devices.

https://letsencrypt.org/2020/11/06/own-two-feet.html

 

That's the news, folks.

Comments are closed

Bill Sempf

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

 

 

profile for Bill Sempf on Stack Exchange, a network of free, community-driven Q&A sites

MonthList