Application Security This Week for January 24th

by Bill Sempf 24. January 2021 12:58

A very Interesting list of exploitable "features" in PDFs.

https://web-in-security.blogspot.com/2021/01/insecure-features-in-pdfs.html?m=1

 

There have been a lot of attacks on Azure's authentication system recently - some of which were even in this newsletter.  Sparrow helps you smoke out vulnerable instances.

https://github.com/cisagov/Sparrow/

 

Didier has been a regular in this newsletter, and he has updated his Strings.py tool to support more encoding. Very cool stuff.

https://blog.didierstevens.com/2021/01/24/update-strings-py-version-0-0-7/

 

Have your kids test your apps.

https://github.com/linuxmint/cinnamon-screensaver/issues/354

 

Stay safe out there.

Tags:

E-Mail | Kick it! | DZone it! | del.icio.us
Permalink | Comments (0)
Comments are closed

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

Find me on Mastodon

PageList

profile for Bill Sempf on Stack Exchange, a network of free, community-driven Q&A sites

MonthList

TagCloud

Mastodon