Application Security Weekly (Audio)

This week, Paul and April Wright discuss a jQuery Plugin that has been exploited for years is finally getting patched, a flaw in LibSSH leaves thousands of servers at risk, a remote code implantation flaw found in Medtronic Cardiac Programmers, hackers hiding Cryptocurrency malware in Adobe flash updates, how the government is finally rolling out 2 Factor Authentication for Federal Agency Domains, and how Disney is helping women from across their company to become Developers!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode36 Visit https://www.securityweekly.com/asw for all the latest episodes! Visit https://www.activecountermeasures/asw to sign up for a demo or buy our AI Hunter!   Visit our website: https://www.securityweekly.com Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly 

This week, Keith and Paul interview Garrett Gross, Senior Solutions Engineer at Rapid7! They talk about catching bugs earlier in the process of development, what can lead to certain successes in development, and more! In the Application Security News, Git Project patches Remote Code Execution Vulnerability, Google is shutting down Google+ after 500k accounts potentially affected by a data breach, Facebook wants people to Invite its cameras into their homes, GitHub introduces user blocking notifications, DevOps producing more insecure apps than ever, and more on this episode of Application Security Weekly!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode35   Visit https://www.securityweekly.com/asw for all the latest episodes!   Visit https://www.activecountermeasures/asw to sign up for a demo or buy our AI Hunter!   →Visit our website: https://www.securityweekly.com →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly

This week, Keith and Paul talk about landing a job in Application Security! They discuss attending local meetups and conferences, practicing your coding skills, getting educated by World Class security researchers, doing your homework, and much more! In the Application Security News, Facebook discloses the loss of at least 50 millions access tokens, Google admits to allowing hundreds of companies to read your email, FireFox Monitor will alert you when your accounts have been Pwned, Microsoft releases MS-DOS v1.25 and v2.0 as Open Source, and more on this episode of Application Security Weekly!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode34   Visit https://www.securityweekly.com/asw for all the latest episodes!   Visit https://www.activecountermeasures/asw to sign up for a demo or buy our AI Hunter!   →Visit our website: https://www.securityweekly.com →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly

This week, Keith and special guest host April Wright interview Ron Gula, Founder of Tenable and Gula Tech Adventures! They discuss security in the upcoming elections, how to maintain separation of duties, attack simulation, and more! In the Application Security News, Hackers stole customer credit cards in Newegg data breach, John Hancock now requires monitoring bracelets to buy insurance, the man who broke Ticketmaster, new security settings available in iOS 12, State Department confirms data breach exposed employee data, and more!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode33   Visit https://www.securityweekly.com/asw for all the latest episodes!   Visit https://www.activecountermeasures/asw to sign up for a demo or buy our AI Hunter!   →Visit our website: https://www.securityweekly.com →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly

This week, Keith Hoodlet and Paul Asadoorian interview April Wright from ArchitectSecurity.org! Next, bugs, breaches, and more in the Application Security News! Full Show Notes: https://wiki.securityweekly.com/ASW_Episode32 Visit https://www.securityweekly.com/asw for all the latest episodes!

This week, Keith and Paul interview Zane Lackey, Chief Security Officer and Founder of Signal Sciences! In the news, U.S. government releases Post-mortem on Equifax, Microsoft Windows Zero-Day found in Task Scheduler, British Airways breached via XSS, Windows subsystem Linux for Linux Distros, Bug Bounties and mental health, and more on this episode of Application Security Weekly!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode31   Visit https://www.securityweekly.com/asw for all the latest episodes!   Visit https://www.activecountermeasures/asw to sign up for a demo or buy our AI Hunter!   →Visit our website: https://www.securityweekly.com →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly

This week, Keith and Paul discuss The Apache Struts2 RCE Vulnerability! In the news, Using Signal Sciences to defend against Apache Struts, PHP flaw puts WordPress sites at risk, Oracle will charge for Java starting in 2019, how Netflix does Failovers in 7 minutes flat, Burp Suite 2.0 Beta released, even anonymous coders leave fingerprints, and more on this episode of Application Security Weekly!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode30   Visit https://www.securityweekly.com/asw for all the latest episodes!   Visit https://www.activecountermeasures/asw to sign up for a demo or buy our AI Hunter!   →Visit our website: https://www.securityweekly.com →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly

This week, Keith and Paul interview Tom McLaughlin, Founder of ServerlessOps! In the final segment, we air a Pre-Recorded segment with Paul and Matt Alderman, as they sat down at DEF CON to talk all things AppSec, vendors that were there, and companies they had briefings with from our pool cabana!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode29   Visit https://www.securityweekly.com/asw for all the latest episodes!   Visit https://www.activecountermeasures/asw to sign up for a demo or buy our AI Hunter!   →Visit our website: https://www.securityweekly.com →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly

This week, Keith is joined by Dr. Doug White to discuss Secure Coding Practices! In the news, Comcast security flaws, Facebook plans to partner with banks, hacker finds ‘God Mode’ in x86 CPU’s, bypassing CSP using polyglot JPEGs, and more on this episode of Application Security Weekly!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode28   Visit https://www.securityweekly.com/asw for all the latest episodes!   Visit https://www.activecountermeasures/asw to sign up for a demo or buy our AI Hunter!   →Visit our website: https://www.securityweekly.com →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly

This week, Keith and James Wickett interview Galen Hunt, Distinguished Engineer and Director at Microsoft! In the news, hackers automate the laundering of money via Clash of Clans, Epic Games sidesteps the Play Store with Fortnite for Android launch, the most exciting game, and more on this episode of Application Security Weekly!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode27   Visit https://www.securityweekly.com/asw for all the latest episodes!   Visit https://www.activecountermeasures/asw to sign up for a demo or buy our AI Hunter!   →Visit our website: https://www.securityweekly.com →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly