Application Security Weekly for May 27

Portswigger (who builds Burp Suite) has a great article about finding vulnerabilities in bug bounty programs.  Must read.

https://portswigger.net/blog/so-you-want-to-be-a-web-security-researcher

 

SANS has a great article about Antivirus evasion.  Don't try this at home.

https://isc.sans.edu/diary.html

 

Oh hey I almost forgot about this one.  Remember that Electron bug that was patched?  It didn't work.  Patch again.

(Maybe we shouldn't write Windows apps in JavaScript.  Hmm.)

https://www.theregister.co.uk/2018/05/25/electron_patches_blacklist_error/

 

REALLY cool use of HTML5 to attack iOS.  NEat stuff, good writeup.

https://blogthemediatrust.wordpress.com/2018/05/25/html5-safe-haven-malware/

 

And that's the news.

S

Add comment

Bill Sempf

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

 

 

PageList

profile for Bill Sempf on Stack Exchange, a network of free, community-driven Q&A sites

MonthList