ASW Episode02

From Paul's Security Weekly
Jump to: navigation, search

Application Security Weekly #2

Recorded January 19, 2018 at G-Unit Studios in Rhode Island!

Episode Audio


  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Annoucements

    • Also check out our On-Demand material! Some of our previously recorded webcasts are now available On-Demand at: Currently On-Demand we have webcasts with: Cybereason, Onapsis, Signal Sciences, BHIS, and Stealthbits!
    • If you work in IT and want to have access to an awesome library of OnDemand training head on over to ITPro.TV/securityweekly! They are now accepting requests for demos of the IT Team solution that allows you and your co-workers to access over 3300 hours of training at any time! Use the code SecWeekly30 for the 7-day free trial and 30% off!
    • InfoSec World is March 19-21st of 2018. It is at Lake Buena Vista, Florida. Security Weekly subscribers can save 15% off the InfoSec World 2018 Main Conference or World Pass with the code OS18-SW! You can catch talks from Adrian Sanabria, Diana Kelley and Ed Moyle, Jennifer Manella, Joseph Zacharias, Mark Arnold, Matias Madou, and Summer Fowler. Good job!
    • Check out our DomainTools Webcast Pivoting Through Malicious Infrastructure. Hosted by Paul Asadoorian, Michael Santarcangelo, and Taylor Wilkes-Pierce. Join Michael and Paul as they explore, using domain names and DNS information in a candid discussion with Taylor Wilkes-Pierce from DomainTools. We’ll deep-dive into one of 2017's most notorious phishing attacks to show you how to use domain data and pivoting to profile threat actors and prevent future attacks.

    Topic: OWASP Top 10 (2017): The Final Five

    OWASP Top 10 (2017)

    Learning & Tools

    Postman API Development Tool


    Bugs, Breaches, and More!

    Confirmed issue with Google Chromecast and Google Home causes temporarily Wifi drops around the world was hacked - attackers injected Coinhive's mining script

    Oracle patches VirtualBox against Meltdown and Spectre

    Lenovo Patches Networking OS Vulnerability Dating Back to 2004

    'Trisis' has the security world spooked, stumped and searching for answers

    Hawaii Ballistic Missile Alert due to bad User Interface design

    If you build it, they will come (for your data)

    Facebook Knows How To Track You Using The Dust On Your Camera Lens

    Intel AMT Security Issue Lets Attackers Bypass Login Credentials in Corporate Laptops

    Apple hands Chinese iCloud to Guizhou-Cloud Big Data Industry

    Apple health data used in murder trial

    Food for Thought

    Mental Models & Security: Thinking Like a Hacker

    The Stress of Remote Working

    Some thoughts on security after ten years of qmail 1.0

    How To Build A Horse with Programming (Comic)

    Follow us on Twitter Watch Security Weekly videos Listen to Security Weekly Security Weekly fan page Connect with Paul Google+