Application Security This Week for November 25

A new open source project that generated an Android Studio project from an APK

https://maxkersten.nl/2018/11/21/androidprojectcreator-the-how-and-why/

 

Robert Graham has some thoughts on HTTP/3

https://blog.erratasec.com/2018/11/some-notes-about-http3.html?m=0

 

NEWS FLASH!  There is a security hole in Adobe Flash.

https://www.theregister.co.uk/2018/11/20/adobe_flash_bug/

 

Remember when I said there would never be a reliable exploit for the Rowhammer vulnerability?  I was wrong.

https://www.wired.com/story/rowhammer-ecc-memory-data-hack

 

Mr. Krebs was alerted to a vulnerability at USPS that an exasperated researcher had been trying to get them to fix for a year.

https://krebsonsecurity.com/2018/11/usps-site-exposed-data-on-60-million-users/

 

Late addition: PortSwigger posted the Top 10 Web Application Security research for the last couple of years.

https://portswigger.net/blog/top-10-web-hacking-techniques-of-2017

 

And that's the news!!

 

Add comment

Bill Sempf

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

 

 

profile for Bill Sempf on Stack Exchange, a network of free, community-driven Q&A sites

MonthList