Application Security This Week for December 16

by Bill Sempf 16. December 2018 11:16

The House oversight report on Equifax is out, and it is a doosy.  Ouch.

Here's a good Twitter thread on it, unrolled


XXE was added to the OWASP Top 10 and some scoffed.  Read this before you blow it off.


OAuth is a thing, and deserves more research.  If Twitter can screw it up, anyone can.


Wordpress 5 got a security release.  Get your hax in while you can.


So SMS based two factor auth is better than NOTHING, but not much.


That's the news, folks.



Comments are closed

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

Find me on Mastodon

profile for Bill Sempf on Stack Exchange, a network of free, community-driven Q&A sites