"Hello, thank you for inquiring about log4j. This company was vulnerable, however, I exploited it, took over their entire infrastructure, then patched it. This company is no longer vulnerable to log4j."
#OWASP is excited to open our Call for Papers, Call for Trainers, Exhibitors and Sponsorships for the EU Virtual AppSec! The OWASP 2022 Global AppSec European conference will be held virtually June 6-10, 2022. LEARN MORE virtual.globalappsec.org/#Devsecops
Welcome the 2022 OWASP Global Board of Directors
Vandana Verma - Chair
Grant Ongers - Vice Chair
Glenn ten Cate - Treasurer
Avi Douglen - Secretary
Bil Corry - Member at Large
Joubin Jabbari - Member at Large
Martin Knobloch - Member at Large
owasp.org/www-board/
You know those companies that collect vendor security surveys on behalf of their clients?
I just had one use the information they collected to solicit us.
Pro-tip: unethical behavior is not the best way to win new clients.
If you’ve ever wanted to block someone but wanted to figure out whether or not they’d notice first, this piece is for you. consumerreports.org/digital-…
"The Giving Tree" IRL
tldr; a popular massive sand dune is discovered to make beautiful blue glass, and is slowly hauled away until the dune is entirely gone.
blog.newspapers.com/indianas…
Are you looking for a career in cybersecurity or interested in advancing your career, we invite you to join OWASP at our February 2022 Career Fair! Learn more and REGISTER TODAY owaspcareerfair.vfairs.com/#cybersecurity#devsecops#infosec
Super random, but TIL that railroad workers don't pay into Social Security, they have their own retirement program called RRB.
en.wikipedia.org/wiki/Railro…
I'm teaching a course based on my "Security Engineering" book for masters students and final-year undergrads. The first two videos are now online, and open to all: lightbluetouchpaper.org/2022…
Don't rely on obfuscation to protect you.
The show thought it was fraud. No, the guy memorized all of the prices. Never assume people won't take the time to figure out your system. Obfuscation only works against the lazy.
youtube.com/watch?v=HdFKZtZo…
🎉GREAT NEWS! #OWASP is hosting our first ever VIRTUAL CAREER FAIR on Feb. 22. Event is complimentary to all job seekers / small fee requested for participating companies. REGISTER TODAY to connect with numerous companies and/or job seekers owaspcareerfair.vfairs.com/#devsecops
My toothbrush gives me a sad face when I don’t brush long enough.
I’m not sure how I feel being shamed by my appliance, but given it isn’t working, I guess I don’t feel THAT bad.
I now am tempted to see if I can game the system by letting it run for an hour.
Are you looking for a career in cybersecurity or interested in advancing your career, we invite you to join OWASP at our February 2022 Career Fair! Learn more and REGISTER TODAY owaspcareerfair.vfairs.com/#cybersecurity#devsecops#infosec