Application Security This Week for December 16

The House oversight report on Equifax is out, and it is a doosy.  Ouch.

Here's a good Twitter thread on it, unrolled


XXE was added to the OWASP Top 10 and some scoffed.  Read this before you blow it off.


OAuth is a thing, and deserves more research.  If Twitter can screw it up, anyone can.


Wordpress 5 got a security release.  Get your hax in while you can.


So SMS based two factor auth is better than NOTHING, but not much.


That's the news, folks.


Comments are closed