Thousands of etcd installs are leaking secret server keys online

LinuxSecurity.com: Thousands of servers running etcd are exposing user credentials publicly on the Internet. According to security researcher Giovanni Collazo, a quick query made through the Shodan search engine revealed a total of 2,284 etcd servers which are leaking credentials, including the passwords and keys required for cms_admin, mysql_root, and postgres server infrastructure.

From: Linux Security

Taipan – Web Application Security Scanner

LinuxSecurity.com: Taipan is a an automated web application scanner which allows to identify web vulnerabilities in an automatic fashion. This project is the core engine of a broader project which include other components, like a web dashboard where you can manage your scan or download a PDF report and a scanner agent to run on specific host. Below are some screenshots of the Taipan dashboard:

From: Linux Security

Is Application Security Dead?

LinuxSecurity.com: Spoiler alert: If application security isn’t dead yet, its days are numbered. OK, this is an over-exaggeration, but fear not, application security engineers – the work you do is actually becoming more important than ever, and your budget will soon reflect this. Application security will never die, but it will have to morph to succeed.

From: Linux Security