Application Security This Week for December 22

Hope everyone has a good holiday.

 

You probably heard that the Russian offices of ngnix were raided by the government.  F5 is doing a code review.

https://www.msn.com/en-us/news/technology/f5-networks-secures-ngnix-software-builds-as-precaution-after-visit-from-russian-law-enforcement/ar-BBY357u?ocid=ARWLCHR

 

Solid research on privilege escalation in Amazon Web Services.  Very real problem.

https://know.bishopfox.com/research/privilege-escalation-in-aws

 

Do you want to bone up on real world appsec skills over the week?  I recommend the PortSwigger Web Academy.

https://portswigger.net/web-security

 

That's the news.

Comments are closed
Mastodon