This week, US Department of Homeland Security issued an emergency directive to have DNS secured and Go had another CPU DoS vulnerability fix, plus we share recaps and recordings from a couple API security conference talks.
Vulnerabilities
Another CPU DoS vulnerability in Go TLS (CVE-2019-6486) got fixed. This vulnerability impacts APIs implemented as Go microservices. The vulnerability enables attackers to exploit: