ASW Episode04

From Paul's Security Weekly
Jump to: navigation, search

Application Security Weekly #4

Recorded February 2, 2018 at G-Unit Studios in Rhode Island!

Episode Audio


  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Annoucements

    • Also check out our On-Demand material! Some of our previously recorded webcasts are now available On-Demand at: Currently On-Demand we have webcasts with: Cybereason, Onapsis, Signal Sciences, BHIS, and Stealthbits!
    • If you work in IT and want to have access to an awesome library of OnDemand training head on over to ITPro.TV/securityweekly! They are now accepting requests for demos of the IT Team solution that allows you and your co-workers to access over 3300 hours of training at any time! Use the code SecWeekly30 for the 7-day free trial and 30% off!
    • InfoSec World is March 19-21st of 2018. It is at Lake Buena Vista, Florida. Security Weekly subscribers can save 15% off the InfoSec World 2018 Main Conference or World Pass with the code OS18-SW! You can catch talks from Adrian Sanabria, Diana Kelley and Ed Moyle, Jennifer Manella, Joseph Zacharias, Mark Arnold, Matias Madou, and Summer Fowler. Good job!

    Topic: OWASP ASVS

    OWASP Application Security Verification Standard

    Learning & Tools

    243 Free eBooks from O'Reilly

    3-hour Epic Music Mix

    Gaming Hype (Music) List



    Bugs, Breaches, and More!

    1.) Update to Disable Mitigation against Spectre, Variant 2

    2.) Intel Warned Chinese Companies of Chip Flaw Before U.S. Government

    3.) Meltdown/Specter-based Malware Coming Soon to Devices Near You, Are You Ready?

    4.) Hacker Compromised Official phpBB Download Links

    5.) $530 million cryptocurrency heist may be biggest ever

    If you build it, they will come

    1.) CloudFlair: Bypassing Cloudflare using Internet-wide scan data

    2.) Florida Cop Bought Powerful Phone Malware That Can Intercept Emails and WhatsApp

    3.) IBM Study: Consumers Weigh in on Biometrics, Authentication and the Future of Identity

    4.) Lenovo fixes Hardcoded Password Flaw Impacting ThinkPad Fingerprint Scanners

    5.) Fitness tracking app Strava gives away location of secret US army bases

    6.) Vulnerable industrial controls directly connected to Internet? Why not?

    Food for Thought

    1.) Cyber security salaries will rise 7% in 2018, says research

    2.) What the F is My Information Security Strategy? (warning: explicit language)

    3.) Article that Paul found: Three Reasons Why DevOps Is a Game-Changer for Security

    Follow us on Twitter Watch Security Weekly videos Listen to Security Weekly Security Weekly fan page Connect with Paul Google+