Application Security This Week for May 19

Container security is a big deal, with OWASP A9 showing up more and more.  Here is a tool that will help with container scanning, and it is compatible with your continuous integration builds.

https://github.com/knqyf263/trivy

 

WhatsApp had a bug, but that doesn't dismiss the importance of end-to-end encryption.  Discuss.

https://www.wired.com/story/whatsapp-hack-phone-call-voip-buffer-overflow/

 

Someone found a user after free vulnerability in the Linux kernal going alllll the way back.

https://www.bleepingcomputer.com/news/security/linux-kernel-prior-to-508-vulnerable-to-remote-code-execution/

 

And that's the news!

 

 

Add comment

Bill Sempf

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

 

 

profile for Bill Sempf on Stack Exchange, a network of free, community-driven Q&A sites

MonthList