This week we discuss the details behind the 'USB / JTAG takeover' of Intel's Management Engine, a rare Project Zero discovery, Microsoft's well-meaning but ill-tested IoT security …

Loveland's interim director of public works mislead Loveland's City Council on December 5, 2017 claiming receivers the city is placing around the community cannot link an individual to a phone.

You give up more privacy than you might think each time you open an email.

In this guest blog, Trend Micro DVLabs researcher Ricky Lawshae discusses the recently disclosed CVE-2017-17411. He discovered and reported this bug through the ZDI program. Earlier this year, I learned that AT&T was starting to move customers away from its…

1 points and 0 comments so far on reddit

They face fines and prison time for their roles in creating and using the botnet.

Hiding content from Git + more on escape sequences | TwistlockLabs Experiment from Twistlock. Dev-to-Production Docker and container security for enterprises.

1 points and 1 comments so far on reddit

Lately I’ve had to deal with setups which had transparent full disk encryption and were pretty hardened. If you are wondering what ‘transparent full disk encryption’  means, that&…

APIs have unique challenges when it comes to testing. Jeff Forristal offers his expert opinion on effective methodologies for security testing APIs.

I often hear that AppLocker is not very safe and it is easy to bypass. Since I really like AppLocker and I recommend it to customers, I decided to do this blogpost series and go over the different …

Occasionally, I feel like I'm just handing an organisation more shovels - "here, keep digging, I'm sure this'll work out just fine..." The latest such event was with NatWest (a bank in the UK), and it culminated with this tweet from them: I'm sorry you feel

Step up your game with a modern voice & text chat app. Crystal clear voice, multiple server and channel support, mobile apps, and more. Get your free server now!

This blogpost is actually a tribute to Matt Graeber’s request from twitter. Since I have learned so much stuff from that guy, I take these sort of request really seriously.   In my post …

Since my ISP thought was a good idea to modify their resolver responses to push me to their own "search engine", I realized the importance…

The

Security Awareness Blog blog pertaining to 2017 EU Security Awareness Summit - After Action Report

The DDoS attack that crippled the internet last fall wasn't the work of a nation-state. It was three college kids working a Minecraft hustle.

Jelvix is a global technology company providing custom software development services to leading businesses in a variety of industries and domains.

Yara Sweeper for Incident Response