Application Security This Week for December 15

Nice writup that explains a pivot from and iPhone app all the way through to domain access via chained exploits. Application security is hard.

https://decoder.cloud/2019/12/12/from-iphone-to-nt-authoritysystem/

 

The security.txt file is near becoming an IETF standard.

https://mailarchive.ietf.org/arch/msg/ietf-announce/OFuiGlVv6WgvEEABaGmnYi120yU

 

Cool Azure horizontal privilege escalation writeup using the cloud shell.

https://blog.netspi.com/attacking-azure-cloud-shell/

 

That's the news. Hope everyone is having a stress-free holiday.

Comments are closed
Mastodon