Application Security This Week for January 27

Here's a thread by Michael Stanek about how bad 7-zip's encryption algorithm is.  I use this all the time and had no idea.

https://threadreaderapp.com/thread/1087848040583626753.html

 

An exploit POC that Mark Haase wrote for the new SCP vulnerability.

https://gist.github.com/mehaase/63e45c17bdbbd59e8e68d02ec58f4ca2

 

Hadoop is the new target for a lot of malware.  Please stop leaving your clusters vulnerable.

https://www.theregister.co.uk/2019/01/24/hadoop_malware_attack/

 

Chrome is turning off the API that UBlock Origin uses. Makes sense - Chrome is free, Google is an ad company. Whatcha gonna do?

https://www.theregister.co.uk/2019/01/22/google_chrome_browser_ad_content_block_change/

 

While you're here, the Central Ohio Infosec Summit has their annual Call For Papers open.  Submit!

https://www.infosecsummit.com/eSites/2019cbusinfosec/Homepage

 

And that's the news.

Add comment

Bill Sempf

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

 

 

profile for Bill Sempf on Stack Exchange, a network of free, community-driven Q&A sites

MonthList