all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Episode 195 - 2022 CVEs, CORS, GraphQL

Add to bookmarks
Jan. 17, 2023, 6 p.m. |

Absolute AppSec absoluteappsec.com

Ken (@cktricky) and Seth (@sethlaw) take a step away from the news to review technical articles and research released in the last couple of weeks. This includes analysis done by Jerry Gamblin on total CVEs released during 2022, a new tool for exploiting weak CORS configurations, an excellent writeup on usage along with an intentionally-vulnerable GraphQL application, and finally some thoughts on prototype pollution style vulnerabilities in other interpreted languages (specifically python).

analysis application articles cors cves exploiting graphql languages python research review technical technical articles tool vulnerabilities vulnerable writeup

Visit resource

More from absoluteappsec.com / Absolute AppSec

Episode 240 - Code Smells, XZ Backdoor, Hallucinations 6 days, 21 hours ago | absoluteappsec.com
backdoor code code review conferences +16
Episode 239 - AppSec Intel, CVEs, Authorization 2 weeks, 6 days ago | absoluteappsec.com
applications appsec authorization blog +18
Episode 238 - AppSec vs. Enterprise Sec, Supply Chain Tool Analysis 3 weeks, 6 days ago | absoluteappsec.com
analysis application appsec back +14
Episode 237 - Security 101, Nation State Hackers, Malicious Code 1 month ago | absoluteappsec.com
breaches chinese code hackers +10
Episode 236 - Memory Safe Languages, LLM Supply Chain Security 1 month, 1 week ago | absoluteappsec.com
back basics internet languages +16
Episode 235 - 2023 Top 10 Web Hacking Techniques, LLM Agent Hacking 1 month, 3 weeks ago | absoluteappsec.com
agent digest dynamic engine +10
Episode 234 - Password Analysis, GitHub Copilot 2 months ago | absoluteappsec.com
administrators analysis copilot github +7
Episode 233 - Scammers, Deep Fakes, Data Exposure 2 months, 1 week ago | absoluteappsec.com
apps appsec article can +18
Episode 232 - Security Jobs, Surveillance, Prompt Injection 2 months, 2 weeks ago | absoluteappsec.com
application application security article browsing +16

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Embedded Penetration Tester - Cyber Security Team [BGSW]

@ Bosch Group | Warszawa, Poland
View on infosec-jobs.com

Staff Cybersecurity Engineer

@ Torc Robotics | Blacksburg, VA; Remote, US
View on infosec-jobs.com

Cybersecurity Engineer

@ Tiro Solutions Group LLC | Downers Grove, Illinois, United States
View on infosec-jobs.com

Director, Network Compliance

@ Marriott International | Bethesda, MD, United States
View on infosec-jobs.com

Cybersecurity Manager

@ Tiro Solutions Group LLC | Downers Grove, Illinois, United States
View on infosec-jobs.com
View more jobs