Application Security This Week for April 21

Hacky Easter is on!  Go get your CTF rolling.

https://hackyeaster.hacking-lab.com/hackyeaster/

 

XXE discovered in IE 11.

https://seclists.org/fulldisclosure/2019/Apr/20

 

DNS attacks are very much on the rise

https://www.engadget.com/2019/02/24/icann-warns-of-dns-attacks/?ncid=txtlnkusaolp00000618

https://www.golem.de/news/subdomain-takeover-microsoft-loses-control-over-windows-tiles-1904-140717.html

 

YAWAST goes to 0.7.  I use it on every test for recon.

https://adamcaudill.com/2019/04/19/yawast-v0-7-released/

 

Great overview of a white hat attack of a "secure" application.

https://securityaffairs.co/wordpress/84219/breaking-news/hacker-broke-tchap.html

 

That's the news, folks!

Add comment

Bill Sempf

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

 

 

profile for Bill Sempf on Stack Exchange, a network of free, community-driven Q&A sites

MonthList