Bugs, Breaches, and More – Application Security Weekly #34

Facebook discloses the loss of at least 50M Access Tokens also covered by Motherboard Formjacking is on the rise, Google admits to allowing hundreds of companies read your email, FireFox Monitor will alert you when your accounts have been Pwned, Microsoft releases MS-DOS v1.25 and v2.0 as Open Source, and more! Full Show NotesFollow us […]
The post Bugs, Breaches, and More – Application Security Weekly #34 appeared first on Security Weekly.

Link: http://feedproxy.google.com/~r/securityweekly/Lviv/~3/xnqA1tkRiKQ/

Microsoft, Elon Musk, Kernel and Powershell – Paul’s Security Weekly #575

Microsoft accidentally lets encrypted Windows 10 out the the world, Kernel exploit discovered in macOS, PowerShell obfuscation ups the anty on anti virus, Google outlines incident response process, BombGar buys BeyondTrust, and Neil DeGrasse Tyson speaks on Elon Musk saying: Let the man Get High! All that and more, on this episode of Paul’s Security […]
The post Microsoft, Elon Musk, Kernel and Powershell – Paul’s Security Weekly #575 appeared first on Security Weekly.

Link: http://feedproxy.google.com/~r/securityweekly/Lviv/~3/5xi_2xuShz4/

Microsoft, Equifax, MacOS, and Bug Bounties – Application Security Weekly #31

U.S. Government releases post-mortem on Equifax, MacOS security baseline script by Jerry Gamblin, Equifax mega-breach and nothing has changed, Docker hacking challenge, and Bug Bounties and mental health. News Bugs, Breaches, and More! 1.) U.S. Government releases Post-mortem on Equifax 2.) Micorosft Windows Zero-Day found in Task Scheduler 3.) Government Transparency site revealed Social Security Numbers and other […]
The post Microsoft, Equifax, MacOS, and Bug Bounties – Application Security Weekly #31 appeared first on Security Weekly.

Link: http://feedproxy.google.com/~r/securityweekly/Lviv/~3/0tZD7MRNuk0/

Microsoft Windows Zero-Day Found in Task Scheduler

A Windows task scheduler API function does not check permissions – so any potential local bad actor can alter them to gain elevated privileges.

Link: https://threatpost.com/microsoft-windows-zero-day-found-in-task-scheduler/136977/