ASW Episode06

From Paul's Security Weekly
Jump to: navigation, search

Application Security Weekly #6

Recorded February 16, 2018 at G-Unit Studios in Rhode Island!

Episode Audio


  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Annoucements

    • Also check out our On-Demand material! Some of our previously recorded webcasts are now available On-Demand at: Currently On-Demand we have webcasts with: Cybereason, Onapsis, Signal Sciences, BHIS, and Stealthbits!
    • If you work in IT and want to have access to an awesome library of OnDemand training head on over to ITPro.TV/securityweekly! They are now accepting requests for demos of the IT Team solution that allows you and your co-workers to access over 3300 hours of training at any time! Use the code SecWeekly30 for the 7-day free trial and 30% off!
    • The Pros vs. Joes Capture the Flag is coming to InfoSec World 2018! Log in on March 20th, and start attacking a “real” corporate network! From mail servers to web servers, and all the way to a VOIP phone system. Security Weekly listeners can register now and save 15% off the Main Conference or World Pass with the code OS18-SW. See you at Disney's Contemporary Resort March 19-21.

    Topic: Bug Bounties

    Data Security and Bug Bounty Programs: Lessons Learned from the Uber Breach and Security Researchers

    Google paid 2.9 million in Bug Bounties in 2017

    Learning & Tools

    Visual Studio Code


    Bugs, Breaches, and More!

    1.) Mac Privacy: Sandboxed Mac apps can record your screen at any time without you knowing

    2.) Lenovo Warns of Critical Wifi Vulnerability Impacting Dozens of Thinkpad Models

    3.) You can resurrect any deleted GitHub account name. And this is why we have trust issues

    If you build it, they will come

    1.) UK government websites were caught cryptomining. But it could have been a lot worse

    2.) The harmful drive-by currency mining scourge shows no signs of abating

    3.) Salon will use readers' CPUs to mine Monero

    4.) Now that's taking the p... Sewage plant 'hacked' to craft crypto-coins

    5.) Russian nuclear scientists arrested for 'Bitcoin mining plot'

    6.) Bitcoin energy use in Iceland set to overtake homes, says local firm

    7.) (WARNING: Autoplay Video/Audio) Unilever (2nd biggest advertiser int he world) to Facebook and Google: Clean up 'swamp' or we'll pull ads

    8.) (WARNING: Autoplay Video/Audio) After dismissing security flaw, Amazon patches Key smart lock anyway

    Food for Thought

    1.) Remote Workers Are Outperforming Office Workers--Here's Why

    2.) 'Collaboration' Creates Mediocrity, Not Excellence, According to Science

    3.) Oxford Comma Dispute Is Settled as Maine Drivers Get $5 Million

    4.) Tech salaries in Austin, Texas are effectively $66,000 higher than in NYC thanks to the cost of living

    5.) Amazon launches a Polly WordPress plugin that turns blog posts into audio, including podcasts

    Follow us on Twitter Watch Security Weekly videos Listen to Security Weekly Security Weekly fan page Connect with Paul Google+