POPULARITY
Satnam walks us through May’s Patch Tuesday which, even at 111 vulnerabilities, was a bit calmer than prior months’ releases. We also talk about vulnerabilities in vBulletin, Cisco, Salt Framework and Sophos XG Firewall - and more. Satnam highlights primary research including flaws Tenable Research found in Instacart’s website and social media scams. To round it out, Eric Detoisien, Director of Research for WAS Content, joins us to talk about web application scanning and how his small-but-brilliant team develops WAS plugins.Show References:SophosLabs on “Asnarök” Trojan - https://news.sophos.com/en-us/2020/04/26/asnarok/Second Grader Hacks System, Shows Kids How to Access Any Student Account - https://bocanewsnow.com/2020/05/12/coronavirus-massive-palm-beach-county-school-district-student-password-breach/WAS SSL/TLS plugins - https://staging.tenable.com/plugins/was/families/SSL%2FTLSRecently from Research:https://www.tenable.com/blog/scams-exploit-covid-19-giveaways-via-venmo-paypal-and-cash-app https://www.tenable.com/blog/microsoft-s-may-2020-patch-tuesday-addresses-111-cveshttps://www.tenable.com/blog/instacart-patches-sms-spoofing-vulnerability-discovered-by-tenable-researchhttps://www.tenable.com/blog/cve-2020-12720-vbulletin-urges-users-to-patch-undisclosed-security-vulnerabilityhttps://www.tenable.com/blog/cisco-patches-multiple-flaws-in-adaptive-security-appliance-firepower-threat-cve-2020-3187https://www.tenable.com/blog/cve-2020-11651-cve-2020-11652-critical-salt-framework-vulnerabilities-exploited-in-the-wildhttps://www.tenable.com/blog/wordpress-e-learning-plugin-vulnerabilities-range-from-cheating-to-remote-code-executionhttps://www.tenable.com/blog/cve-2020-12271-zero-day-sql-injection-vulnerability-in-sophos-xg-firewall-exploited-in-the-wildhttps://www.tenable.com/blog/multiple-zero-day-vulnerabilities-in-ios-mail-app-exploited-in-the-wildhttps://www.tenable.com/blog/adv200004-microsoft-releases-out-of-band-advisory-to-address-flaws-in-autodesk-filmbox-fbxhttps://medium.com/tenable-techblog/remapping-python-opcodes-67d79586bfd5https://medium.com/tenable-techblog/getting-root-on-macos-via-3rd-party-backup-software-b804085f0c9Follow the Security Response Team on the Tenable Community https://community.tenable.com/s/group/0F9f2000000fyxyCAA/cyber-exposure-alerts
Benjamin Daniel Mussleris the Senior Security Researcher at Acunetix. Benjamin will come on the show to talk about Web App Scanning with authentication. To learn more about Acunetix, visit: https://securityweekly.com/acunetix Full Show Notes: https://wiki.securityweekly.com/Episode592 Follow us on Twitter: https://www.twitter.com/securityweekly
This week, we welcome Benjamin Daniel Mussler, Senior Security Researcher at Acunetix to talk about Web App Scanning with Authentication! In our second segment, the Security Weekly hosts will discuss the Future of Security, such as major changes, evolving threats, and security culture! In the Security News, 5 tips for access control from an ethical hacker, Japan is to hunt down citizens insecure IoT devices, kid tracking watches allow attackers to monitor real time location data, and Imperva mitigated a DDoS attack that generated 500 million packets per second! Full Show Notes: https://wiki.securityweekly.com/Episode592 Visit https://www.securityweekly.com/psw for all the latest episodes! To learn more about Acunetix, visit: https://www.acunetix.com/securityweekly/ Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Benjamin Daniel Mussleris the Senior Security Researcher at Acunetix. Benjamin will come on the show to talk about Web App Scanning with authentication. Full Show Notes: https://wiki.securityweekly.com/Episode592 Follow us on Twitter: https://www.twitter.com/securityweekly
This week, we welcome Benjamin Daniel Mussler, Senior Security Researcher at Acunetix to talk about Web App Scanning with Authentication! In our second segment, the Security Weekly hosts will discuss the Future of Security, such as major changes, evolving threats, and security culture! In the Security News, 5 tips for access control from an ethical hacker, Japan is to hunt down citizens insecure IoT devices, kid tracking watches allow attackers to monitor real time location data, and Imperva mitigated a DDoS attack that generated 500 million packets per second! Full Show Notes: https://wiki.securityweekly.com/Episode592 Visit https://www.securityweekly.com/psw for all the latest episodes! To learn more about Acunetix, visit: https://www.acunetix.com/securityweekly/ Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly