Player FMアプリでオフラインにしPlayer FMう!
Ancient Curl Bug, AWS re:Invent, Malware in NPM, Census III Report, MS OTP - ASW #311
Manage episode 456090253 series 2794676
Curl's oldest bug yet, RCPs (and more!) from AWS re:Invent, possible controls for NPM's malware proliferation, insights and next steps on protecting top 500 packages from the Census III report, the flawed design choice that made Microsoft's OTP (successfully) brute-forceable, and more!
00:00 - Intro & Cyber Resilience Insights 01:20 - The 25-Year-Old Curl Bug Story 04:17 - Fuzzing for Security: A Missed Opportunity? 08:46 - AWS re:Invent Security Highlights 11:54 - NPM Malware Surge 16:33 - Small Packages, Big Risks in NPM 19:55 - Open Source Security Trends 24:27 - Microsoft MFA Vulnerability Explained 28:28 - Hardware Hacking & DMA Exploits 30:55 - Auditing Ruby’s Package Ecosystem 34:02 - Looking Ahead to 2025
Show Notes: https://securityweekly.com/asw-311
637 つのエピソード
Manage episode 456090253 series 2794676
Curl's oldest bug yet, RCPs (and more!) from AWS re:Invent, possible controls for NPM's malware proliferation, insights and next steps on protecting top 500 packages from the Census III report, the flawed design choice that made Microsoft's OTP (successfully) brute-forceable, and more!
00:00 - Intro & Cyber Resilience Insights 01:20 - The 25-Year-Old Curl Bug Story 04:17 - Fuzzing for Security: A Missed Opportunity? 08:46 - AWS re:Invent Security Highlights 11:54 - NPM Malware Surge 16:33 - Small Packages, Big Risks in NPM 19:55 - Open Source Security Trends 24:27 - Microsoft MFA Vulnerability Explained 28:28 - Hardware Hacking & DMA Exploits 30:55 - Auditing Ruby’s Package Ecosystem 34:02 - Looking Ahead to 2025
Show Notes: https://securityweekly.com/asw-311
637 つのエピソード
Alle episoder
×1 Opengrep & Semgrep, Hacking Subarus, Hacking Synths, Stealing Cookies, and RANsacked - ASW #315 34:57
1 Appsec Predictions for 2025 - Cody Scott - ASW #314 52:10
1 PyPI's Quarantine, Phishing & Awareness, Porting Fishshell to Rust, Cyber Trust Mark - ASW #313 31:43
1 Discussing Useful Security Requirements with Developers - Ixchel Ruiz - ASW #313 36:04
1 Removing Rust, Double Clickjacking, h3i CLI, JWT Mistakes, Reviewing Recursion - ASW #312 33:24
1 DefectDojo and Bringing Quality Appsec Tools to Small Appsec Teams - Greg Anderson - ASW #312 33:48
1 Ancient Curl Bug, AWS re:Invent, Malware in NPM, Census III Report, MS OTP - ASW #311 35:35
1 Applying Usability and Transparency to Security - Hannah Sutor - ASW #311 34:09
1 AI's Junk Vulns, Web3 Backdoor, LLM CTFs, 5 GenAI Mistakes, Top Ten for LLMs - ASW #310 29:02
1 Fuzzing Barcodes, Fuzzing with AI, AI vs. Scammers, CWEs, Repo Swatting - ASW #309 36:34
1 Adding Observability with OpenTelemetry - Adriana Villela - ASW #309 34:24
1 AI fixes everything, C++ the actual worst, IAM is hard - ASW #308 37:14
1 Biometric Frontiers: Unlocking The Future Of Engagement - Andras Cser, Enza Iannopollo - ASW #308 33:19
プレーヤーFMへようこそ!
Player FMは今からすぐに楽しめるために高品質のポッドキャストをウェブでスキャンしています。 これは最高のポッドキャストアプリで、Android、iPhone、そしてWebで動作します。 全ての端末で購読を同期するためにサインアップしてください。