7MS #221: News and Links Roundup
What follows are some of my favorite training opportunities, news bits, tools/scripts and humorous stories to send you into the weekend with!
- The recording from the BHIS Webinar on Web App Security Training is now up on YouTube.
Did you know your phone's battery status can lead to online tracking from advertisers and service providers, such as Uber?
Apple introduces bug bounty program at BlackHat - get $200k for finding vulns in certain Apple products! Wow!
A group of security researchers found remote code execution and other ugly vulns on PornHub.com (not gonna link to that directly...but in case the name isn't self-explanatory, it's not a Disney site).
Sandstorm.io looks to be a pretty cool way to create your own private cloud (the app collection looks decent as well).
Here's a ghetto XSS cheatsheet containing "...XSS payloads that I find to be useful during penetration tests, especially when faced with WAFs or application-based black-list filtering, but feel free to disagree or shoot your AK-74 in the air."
When Google security reacher Tavis Ormandy sets his sights on something boy oh boy do people get passionate!
I'm thinking of changing Friday's episode into a newsletter distribution instead. That way I can free up a bit more time to work on tech how-tos and VulnHub walkthroughs that have both audio and video options.