Application Security Weekly for August 18

Apache called out for reporting incorrect versions in Struts vulnerabilities

https://www.infosecurity-magazine.com/news/apache-struts-incorrect-security/

 

A new breach at First American Financial, a mortgage company, might have exposed nearly a billion records

https://krebsonsecurity.com/2019/08/sec-investigating-data-leak-at-first-american-financial-corp/

 

Fireeye is using machine learning to grade the severity of vulnerabilities

https://www.fireeye.com/blog/threat-research/2019/08/automated-prioritization-of-software-vulnerabilities.html

 

Netflix and Google discovered a set of DDoS vulnerabilities in HTTP/2

https://www.theregister.co.uk/2019/08/14/http2_flaw_server/

 

Looks like Paige took a lot more than Capital One's stuff

https://www.theregister.co.uk/2019/08/14/capitalone_hacker_court/

 

That's the news!

 

Add comment

Bill Sempf

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

 

 

profile for Bill Sempf on Stack Exchange, a network of free, community-driven Q&A sites

MonthList