Application Security This Week for December 9

The big news this week was the first significant flaw in Kubernetes:

https://groups.google.com/forum/m/#!topic/kubernetes-announce/GVllWCg6L88

https://blog.binaryedge.io/2018/12/06/kubernetes-being-hijacked-worldwide/

 

Good research on a PHP RCE flaw

https://lab.wallarm.com/rce-in-php-or-how-to-bypass-disable-functions-in-php-installations-6ccdbf4f52bb

 

More good research on hijacking smart contracts.

https://www.palkeo.com/en/projets/ethereum/stealing_ether.html

 

And that's the news!

 

Add comment

Bill Sempf

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

 

 

profile for Bill Sempf on Stack Exchange, a network of free, community-driven Q&A sites

MonthList