Patchstack Weekly

By Patchstack Weekly

This is a weekly series where you can get caught up on recent events relevant to open source security, with an initial focus on WordPress security.

This series is brought to you by Patchstack and you... more

Download on the App Store

Download on the App Store

Get it on Google Play

FAQs about Patchstack Weekly:

How many episodes does Patchstack Weekly have?

The podcast currently has 68 episodes available.

Patchstack Weekly episodes:

November 14, 2022 Patchstack Weekly - Dealing With Software End of Life
This week's knowledge share is about the security concern caused when software has been abandoned or has reached its end of life (EOL).
To that point, Robert will also talk about the surprising number of plugins that were recently removed from Wordpress.org for being abandoned.
...more
10min
November 07, 2022 Patchstack Weekly - What Is Type Juggling in PHP?
This week's knowledge share is about the PHP world's smallest security bug. We say smallest because it is one character long.
You may wonder how much trouble could one character possibly cause? Stick around for this week's knowledge share where Robert will be talking about type juggling in PHP.
...more
8min
October 31, 2022 Patchstack Weekly - What Is Cross-Site Scripting?
Cross-site scripting is something we talk about a lot - but what is it exactly?

Cross-site scripting - or XSS - is a prevalent threat. In fact, we add about 50 (!) new XSS vulnerabilities to our database every month. So hop on in to learn about this all-too-common vulnerability with Robert and see what you can do to protect your website against it.
...more
10min
October 24, 2022 Patchstack Weekly - Why Open Redirects Are Dangerous
Hey all - today we're going phishing!

If that made you start packing for the trip with excitement, then you probably misread the word. "Phishing", is when a seemingly familiar or trustworthy website is actually a fake, set up to capture your data or sensitive information.

In this episode, Robert explains how an open redirect bug can be used to carry out such attacks - and how you can prevent them.
...more
10min
October 17, 2022 Patchstack Weekly - Who You Gonna Call When Your Website Goes Down?
Asking a complete stranger to help you with a website emergency can make things from bad to worse.
Every website owner should have a trusted emergency contact at hand when things get dicey. But how do you find those people? How do you know who to trust?
...more
10min
October 10, 2022 Patchstack Weekly - Using OWASP ZAP to Spot User Input
"Never trust user input" - this is security's golden rule. So it's a great thing OWASP ZAP has tools that can show you how much data in a web app is controlled by the browser - and therefore also by the user.

Robert explains how to use those tools to uncover the hidden risk.
...more
8min
October 03, 2022 Patchstack Weekly - How To Use the OWASP ZAP Interface
In this week's knowledge share Robert will continue to share with you some tips and tricks with OWASP ZAP. He'll go over ZAP's HUD - or heads-up display - so you can get an idea of what it can be used for.
In other news, popular online news site Fast Company suffered a major attack last week - let's dig into what we know about the attack, and what lessons we can learn from it.
...more
9min
September 26, 2022 Patchstack Weekly - What Can You Do With the OWASP ZAP Tool?
We should probably start with "what the hell is it?" Well, OWASP ZAP is an open-source web application security tool written by developers, for developers. It is meant for those who want to get their hands dirty testing their web applications.
Of course, it also works great for security researchers and anyone interested in learning about web application security. So buckle up, because we have a lot of ground to cover!
...more
8min
September 19, 2022 Patchstack Weekly - The WCUS 2022 Roundup
We skipped an episode last week as Robert took a drive down to WordCamp US in San Diego - but this week he's back to tell you all about it!

He'll also dig into a critical vulnerability found in the premium WPGateway plugin, which is unfortunately already being used for attacks. However, as always, we like to talk about these things without hyperbole. Stay safe, stay calm!
...more
8min
September 05, 2022 Patchstack Weekly - WordPress 6.0.2 Security Update Details
The WordPress 6.0.2 security release made a splash in the news last week with three vulnerabilities patched with it - but what were they? Should you be worried?

Let's get cozy with Robert as he runs us through the now patched vulnerabilities, and explains why none of them is an immediate risk. Or as he likes to say: "keep on patchin', but don't be worrying."

P.S. You can also catch Robert giving a security talk at WordCamp US in San Diego this weekend - if you're there, come and say hi!
...more
7min

FAQs about Patchstack Weekly:

How many episodes does Patchstack Weekly have?

The podcast currently has 68 episodes available.