Application Security This Week for April 5

I'm hoping everyone is safe and healthy. This whole thing is weird. But security news marches on.

 

There was a vulnerability discovered in Pi-hole.  If you don't know what it is, don't worry, but if you do, you need to patch right meow.  Either way, neat application security lessons. Good writeup here:

https://natedotred.wordpress.com/2020/03/28/cve-2020-8816-pi-hole-remote-code-execution/

 

Along those lines, there is a vulnerability in OpenWRT. Again, if you aren't using it don't sweat it but cool writeup about the vulnerability:

https://nakedsecurity.sophos.com/2020/03/31/patch-now-critical-flaw-found-in-openwrt-router-software/

 

HTML 6 is coming! See what's new here:

https://morioh.com/p/6d422fc49bd2

 

The incredible Binni Shah tuned me in to two some really interesting new C# memory injection tools:

https://github.com/coffeegist/changeling

https://github.com/pwndizzle/c-sharp-memory-injection

 

That's the news. Stay safe, everyone.

Comments are closed
Mastodon