A client sent me a question recently asking whether two factor authentication or password resets using cell phones are safe? My initial reaction was yes.

Our team of Positive Technologies researchers has delved deep into the internal architecture of Intel Management Engine (ME) 11, reveali...

2 points and 0 comments so far on reddit

Learn how to read and summarize encrypted data with InnoVault in this tutorial covering both the InnoVault SDK and the e3db SDK for Ruby.

HTTPS is the future and the future is (finally) here. Secure HTTP requests that provide end-to-end encryption between the client making the request and the server providing it with the requested co…

The way companies manage application secrets is critical. Even today, improper secrets management has resulted in an astonishing number of high profile breaches.

Google has just removed nearly 300 applications from the Store. The Mountain View company realized that these applications could secretly ...

Ever fantasized about playing with docker misconfigurations, privilege escalation, etc. within a container? Download this VM, pull out your pentest hats and get started 🙂 We have 2 Modes: HARD: This would require you to combine your docker skills as well…

Last week I was contacted by someone alerting me to the presence of a spam list. A big one. That's a bit of a relative term though because whilst I've loaded "big" spam lists into Have I been pwned (HIBP) before, the largest to date has been a

tl;dr: this is not an audit nor an endorsement and I take no responsibility, but I had a quick look at the crypto and I think I'm going to use restic for my personal backups. I keep hearing good things about restic. I am redoing my storage solution, and

2 points and 0 comments so far on reddit

2 points and 1 comments so far on reddit

Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.

Earlier this month (August 2017) Troy Hunt founder of the website Have I been pwned? [0] released over 319 million plaintext passwords [1...

Presentations from BSides Manchester 2017 - 17/08/2017

Malware Analysis - Fsociety crypto miner to mine bitcoins.

Use this Password Security Compliance Checklist as a tool to strengthen your existing password policy and ensure compliance.