ASW Episode26

From Paul's Security Weekly
Jump to: navigation, search

Application Security Weekly #26

Recorded July 30, 2018 at G-Unit Studios in Rhode Island!

Episode Audio


  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Annoucements:

    • We just released our 2018 Listener Survey; Please go to to help us continue to provide you with quality content that doesn't break the build.
    • Come to our Pool Cabana @ Black Hat and Def Con to pick up a free copy of "Cyber Hero Adventures". Here you will be able to get the comic book signed by Gary Berman.

    Interview: Jessica Rozhin, Marqeta

    Jessica Rozhin
    is a Security Engineer at Marqeta.
    Jessica Rozhin is currently a Security Engineer at an Oakland financial tech start up called Marqeta. This is her first role in the security space, but she is no stranger to technical operations and incident response. Before Marqeta she spent several years working the the Network Operations Center at Box, focused on preventing, responding to and resolving large scale customer impacting site incidents. Jessica has a passion for crisis management and investigation, a questionable sense of humor and is a self professed silly dancing aficionado.


    Bugs, Breaches, and More!

    1.) New Spectre attack can remotely steal secrets, researchers say

    2.) Vulnerability in Hangouts Chat: from open redirect to code execution

    3.) Microsoft Discovers Supply Chain Attack at Unnamed Maker of PDF Software

    If you build it, they will come

    1.) Microsoft retiring XSS Filter in Edge

    2.) Big tech warns of 'Japan's millennium bug' ahead of Akihito's abdication

    3.) Flaw let researchers snoop on Swann smart security cameras

    Learning & Tools

    1.) OWASP iGoat (Swift) - A Damn Vulnerable Swift Application for iOS

    2.) WTF - A personal terminal-based dashboard utility

    3.) Front-End Performance Checklist

    Food for Thought

    1.) Student's Code could've stopped the Equifax Hack

    2.) Code Prediction with a Neural Network

    3.) CommitStrip: Choosing the right stack]

    Follow us on Twitter Watch Security Weekly videos Listen to Security Weekly Security Weekly fan page Connect with Paul Google+