Application Security This Week for January 20

A 773 million record file of usernames and passwords discovered

https://www.troyhunt.com/the-773-million-record-collection-1-data-reach/#comment-4289914828

 

Google releases a tool to help with TLS certificate management

https://www.theregister.co.uk/2019/01/09/certs_resh_security/

 

Really cool attack discovered using zero width spaces

https://www.theregister.co.uk/2019/01/09/certs_resh_security/

 

DNS Hijacking on the rise

https://www.fireeye.com/blog/threat-research/2019/01/global-dns-hijacking-campaign-dns-record-manipulation-at-scale.html

 

Late addition: Watch your password control logic, please!

 

That's the news, folks.

Add comment

Bill Sempf

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

 

 

profile for Bill Sempf on Stack Exchange, a network of free, community-driven Q&A sites

MonthList