Application Security This Week for July 22

It has come to my attention that one of Paul Asadoorian's Security Weekly broadcasts is titled Application Security Weekly! I had no idea. It's good too, you should listen.  I caught up with the last few weeks when I drove over to Indianapolis to chat with the Indy Software Artisans meetup.  Anyway, I am changing the title of this recurring series of posts to Application Security This Week because of the mixup.

 

Interesting discussion over at El Reg about the weakest link in software security.

https://www.theregister.co.uk/2018/07/16/who_is_the_weakest_link_in_software_security/

 

Oracle addressed 334 security vulnerabilities in its latest patch series.

https://www.us-cert.gov/ncas/current-activity/2018/07/17/Oracle-Releases-July-2018-Security-Bulletin

 

Shape Security did the math, and 9 out of 10 login attempts on the web are bypass attempts.

http://info.shapesecurity.com/rs/935-ZAM-778/images/Shape_Credential_Spill_Report_2018.pdf?aliId=7269967

Add comment

Bill Sempf

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

 

 

profile for Bill Sempf on Stack Exchange, a network of free, community-driven Q&A sites

MonthList