ASW Episode45

From Paul's Security Weekly
Jump to: navigation, search

Recorded January 7, 2019 at G-Unit Studios in Rhode Island!

Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Announcements

    • RSA Conference 2019 is the place to be for the latest in cybersecurity data, innovation and thought leadership. From March 4 – 8, San Francisco will come alive with cybersecurity’s brightest minds as they gather together to discuss the industry’s newest developments. Go to rsaconference.com/securityweekly-us19 to register now using the discount code 5U9SWFD to receive $100 off a full conference pass!
    • If you are interested in quality over quantity and having meaningful conversations instead of just a badge scan, join us April 1-3, at Disney's Contemporary Resort for InfoSec World 2019 where you can connect and network with like-minded individuals in search of actionable information. Use the registration code OS19-SECWEEK for 15% off the Main Conference or World Pass.
    • Check out our On-Demand material! Some of our previously recorded webcasts are now available On-Demand at: securityweekly.com/ondemand.

    Interview: Ken Johnson, GitHub

    Ken Johnson
    is a Application Security Engineer at GitHub.
    Ken Johnson, has been hacking web applications professionally for 10 years and given security training for 7 of those years. Ken is both a breaker and builder and currently works on the GitHub application security team. Previously, Ken has spoken at RSA, You Sh0t the Sheriff, Insomnihack, CERN, DerbyCon, AppSec USA, AppSec DC, AppSec California, DevOpsDays DC, LASCON, RubyNation, and numerous Ruby, OWASP, and AWS events about appsec, devops security, and AWS security. Ken’s current projects are WeirdAAL, OWASP Railsgoat, and the Absolute AppSec podcast with Seth Law.


    News

    Bugs, Breaches, and More!

    1.) Wormable Stored XSS on WordPress.org

    2.) At Blind, a security lapse revelead private complaints from Silican Valley employees

    3.) Hackers hijack thousands of Chromecasts to warn of latest security bug

    If you Build It, They Will Come

    1.) EU to fund bug bounty programs for 14 open source projects starting January 2019

    2.) New machine learning algorithm breaks text CAPTCHAs easier than ever

    3.) How Facebook Tracks Non-Users via Android Apps

    Learning & Tools

    1.) webhint - a linting tool for checking accessibility, speed, and security

    2.) Host Websites on GitHub

    3.) UnCaptcha2

    Food for Thought

    1.) Bug Hunting is Cybersecurity's Sill of the Future

    2.) Intel open-sources HE-Transformer, a tool that allows AI models to operate on encrypted data

    3.) CommitStrip: A simple solution to a complex problem


    Follow us on Twitter Watch Security Weekly videos Listen to Security Weekly Security Weekly fan page Connect with Paul Google+