Atheris Python Fuzzer, Bronze Bit Attack, & FireEye Highlights – ASW #134

FireEye shares supply chain subterfuge, researchers show repeated mistakes in TCP/IP stacks, Google open sources Python fuzzing, Cisco and Microsoft patch their patches for Vulns. in Jabber and printer modules.

Timestamps:

2:25 – “FireEye Shares Details of Recent Cyber Attack, Actions to Protect Community”
7:01 – “Amnesia 33: How TCP/IP Stacks Breed Critical Vulnerabilities in IoT, OT and IT Devices”
9:23 – “Open-source developers say securing their code is a soul-withering waste of time”
15:52 – “Fuzzing makes finding issues easy – but then what?”
19:00 – “How the Atheris Python Fuzzer Works”
20:23 – “Cisco 9.9/10-severity bug: Patch these dangerous Jabber flaws for Windows, MacOS”
23:42 – “OPAQUE: The Best Passwords Never Leave your Device”
27:08 – “Proof-of-concept exploit code published for new Kerberos Bronze Bit attack”

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw134

source

by Security Weekly

linux foundation