Application Security This Week for March 7

This is a pop culture article about why mobile application can be insecure (from Wired) but it is well written.  It might be behind a paywall for some of you, if so I'm sorry.

https://www.wired.com/story/ios-android-leaky-apps-cloud/

 

Good writeup on the Apache Velocity vulnerability.

https://securitylab.github.com/advisories/GHSL-2020-048-apache-velocity

 

Look, more supply chain problems! Yay! 3,500 pypy packages corrupt, and a tool to discover them.

https://github.com/pypa/pypi-support/issues/923

 

And finally, a series that begins with DLL Search Order Hijacking, something similar to what I have added to this newsletter before. Worth keeping an eye on.

https://github.com/pypa/pypi-support/issues/923

 

S

Add comment

Bill Sempf

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

 

 

profile for Bill Sempf on Stack Exchange, a network of free, community-driven Q&A sites

MonthList