Application Security This Week for April 19

I Forgot To Post On Easter Because I Was Cooking Edition

 

There is a really need VMWare bug that has some solid analysis already.  Thanks to John from a client of mine for tuning me into it.

https://www.vmware.com/security/advisories/VMSA-2020-0006.html

https://threatpost.com/critical-vmware-bug-corporate-treasure-hackers/154682/

 

You need to reboot Boeing 787s every couple months or they crash. No big deal. 

https://www.theregister.co.uk/2020/04/02/boeing_787_power_cycle_51_days_stale_data/

 

From the archives (because I just used it on a test): a Command Injection Cheatsheet:

https://hackersonlineclub.com/command-injection-cheatsheet/

 

I was blindingly honored to judge the CBusStudentHack competition this year.  Clearly it was weird, and we had to do it remotely.  Way easier when you can talk to the young women and men on the teams, but we got it done via video. Here are the five finalists - worth a watch if you want to feel god about the next generation of hackers.

https://www.youtube.com/playlist?list=PLXpk4w_SsmmTJgYwm9OLgVlPkl-aQK_kc

 

Please stay safe and healthy.

 

Add comment

Bill Sempf

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

 

 

profile for Bill Sempf on Stack Exchange, a network of free, community-driven Q&A sites

MonthList