49 minutes | Jul 30th 2019

Apples Rotting in Gavin's Vault

In this episode, Bill turns the insecurity tables on Gavin with the iOS 13 keychain bug. The chaps also discuss insecure trains, remote code execution vulnerabilities in Atlassian, and how to publicly respond to a major outage. This episode also features David Wells, who talks about the recent vulnerability he discovered in Comodo AV.

Rundown

https://9to5mac.com/2019/07/15/ios-13-password-bug/

Major software bug in IOS 13 beta reveals stored passwords without authentication

https://www.theregister.co.uk/2019/07/12/train_software_theft
Train software snaffled by employee

https://www.corben.io/atlassian-crowd-rce/
Multiple Atlassian Vulnerabilities

https://medium.com/tenable-techblog/an-exploit-chain-against-citrix-sd-wan-709db08fb4ac
Multiple vulnerabilities to pivot through the Citrix SD-WAN

https://www.tenable.com/press-releases/tenable-research-discovers-vulnerability-in-siemens-critical-infrastructure-design
Tenable research discover major weaknesses in Siemens

https://qz.com/work/1666535/cloudflare-turned-outage-into-teaching-point-about-transparency/
Cloudflare shows the right way to discuss a major public incident

Play
Like
Play Next
Mark Played