ISC StormCast for Wednesday, March 21st 2018

Admin Password Bad Practices
https://isc.sans.edu/forums/diary/Administrators+Password+Bad+Practice/23465/
WebKit Protecting Against HSTS Abuse
https://webkit.org/blog/8146/protecting-against-hsts-abuse/
Coverity Code Scanner Compromise
https://scan.coverity.com
Bypassing Payment Confirmations via Webhooks
https://lightningsecurity.io/blog/bypassing-payments-using-webhooks/