YoVDO

The New Wave of Deserialization Bugs

Offered By: NorthSec via YouTube

Tags

NorthSec Courses Cybersecurity Courses Python Courses Java Courses PHP Courses Jenkins Courses

Course Description

Overview

Explore the critical issue of deserialization bugs in a 32-minute conference talk from NorthSec. Delve into the recent wave of vulnerabilities affecting major Java software like WebLogic, Jenkins, and JBoss due to a common bug pattern. Gain insights into the risks associated with deserialization mechanisms and learn how these vulnerabilities can be exploited. Discover available fixes for known vulnerable applications and understand the potential risks for proprietary enterprise software. Examine a tool designed to identify vulnerable patterns and extend your knowledge beyond Java, with examples provided for PHP and Python deserialization vulnerabilities.

Syllabus

Philippe Arteau - The New Wave of Deserialization Bugs


Taught by

NorthSec

Related Courses

I Am Become Loadbalancer, Owner of Your Network
NorthSec via YouTube The Risks of RDP and How to Mitigate Them
NorthSec via YouTube Authentication Challenges in SaaS Integration and Cloud Transformation
NorthSec via YouTube Building CANtact Pro - An Open Source CAN Bus Tool
NorthSec via YouTube Unmasking the Chameleons of the Criminal Underground
NorthSec via YouTube