Application Security This Week for January 24th

A very Interesting list of exploitable "features" in PDFs.

https://web-in-security.blogspot.com/2021/01/insecure-features-in-pdfs.html?m=1

 

There have been a lot of attacks on Azure's authentication system recently - some of which were even in this newsletter.  Sparrow helps you smoke out vulnerable instances.

https://github.com/cisagov/Sparrow/

 

Didier has been a regular in this newsletter, and he has updated his Strings.py tool to support more encoding. Very cool stuff.

https://blog.didierstevens.com/2021/01/24/update-strings-py-version-0-0-7/

 

Have your kids test your apps.

https://github.com/linuxmint/cinnamon-screensaver/issues/354

 

Stay safe out there.

Comments are closed
Mastodon