Application Security This Week for November 25

A new open source project that generated an Android Studio project from an APK

https://maxkersten.nl/2018/11/21/androidprojectcreator-the-how-and-why/

 

Robert Graham has some thoughts on HTTP/3

https://blog.erratasec.com/2018/11/some-notes-about-http3.html?m=0

 

NEWS FLASH!  There is a security hole in Adobe Flash.

https://www.theregister.co.uk/2018/11/20/adobe_flash_bug/

 

Remember when I said there would never be a reliable exploit for the Rowhammer vulnerability?  I was wrong.

https://www.wired.com/story/rowhammer-ecc-memory-data-hack

 

Mr. Krebs was alerted to a vulnerability at USPS that an exasperated researcher had been trying to get them to fix for a year.

https://krebsonsecurity.com/2018/11/usps-site-exposed-data-on-60-million-users/

 

Late addition: PortSwigger posted the Top 10 Web Application Security research for the last couple of years.

https://portswigger.net/blog/top-10-web-hacking-techniques-of-2017

 

And that's the news!!

 

Comments are closed

Bill Sempf

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

 

 

profile for Bill Sempf on Stack Exchange, a network of free, community-driven Q&A sites

MonthList