Free online DAST, SAST and Behavioral assessment of your iOS or Android app.

A podcast featuring true stories from the dark side of the Internet.

Mastery and availability of new tools and weapons are a necessity in cybersecurity—chief among them are machine learning and AI.

The U.S. Department of Homeland Security and the Federal Bureau of Investigation have issued a rare joint statement warning that hackers are targeting firms in the energy, nuclear, water, aviation and

A Gigantic IoT Botnet has been discovered by researchers at 360 lab. It has already infected millios of devices in preparation for a malware hurricane.

If you are running Redis locally and, like most people as of this writing, you're using a version older than 3.2.7 (released January 31, 2017), I can most likely copy your entire database, drop an ssh key in your authorized_keys file, overwrite arbitrary…

docker-onion-nmap - Scan .onion hidden services with nmap using Tor, proxychains and dnsmasq in a minimal alpine Docker container.

Remember how the universe forks into multiple sub-universes every time a measurement is taken? Symbolic execution follows a similar…

Gemalto IDPrime.NET almost certainly isn't the only smartcard vulnerable to ROCA.

You need more than one AWS account. This is to isolate production resources, manage limits (especially API rate limiting), handle costs…

Here are some demos on using Microsoft Word built-in feature Dynamic Data Exchange (DDE) for malware execution and attacks.

Our new open source library, which keeps your Certificate Authority certificate bundle up-to-date.

1 points and 0 comments so far on reddit

Broadcasted on French TV show “Complément d’enquête”.

Apple and Google assures to find remedies to fix Krack WiFi flaw to stop hackers to steal credit card numbers, passwords and private messages from...

Before we get started, fair warning: this is going to be a post about a fairly absurd (but non-trivial!) attack on cryptographic systems. But that’s ok, because it’s based on a fairly a…

The Cloud Native Computing Foundation (CNCF) is probably best known for being the home of the Kubernetes container orchestration project, but there plenty of other projects that now fall under the…

protocol about server session SSL/TLS.

iOS-SandBox-Dumper - SandBox-Dumper makes use of multiple private libraries to provide exact locations of the application sandbox, application bundle and some other interesting information

1 points and 0 comments so far on reddit

October 2017, Microsoft patch Tuesday included an optional security advisory, ADV170014, this advisory makes reference to a bug on the NTLM authentication scheme, that allows a malicious attacker t…