Here is a good writeup on the overflow error found in libssh2
https://blog.semmle.com/libssh2-intege...
Read More
Portswigger has some good research on a new angle for criss-site leak attacks:
https://portswigger.n...
Read More
This is a blog entirely dedicated to security analysis of mobine apps. No idea who writes it b...
Read More
The big news of the week is that every iPhone from 1 to X is apparently vulnerable to a bootROM flaw...
Read More
Here's a neat Android reverse engineering game.
https://0x00sec.org/t/reversing-hackex-an-android-ga...
Read More
Only Rails 6.x and 5.2.x are getting security updates. Plan your development accordingly.
http...
Read More
Chrome is finally starting to defend against clickjacking
https://www.theregister.co.uk/2019/08/19/c...
Read More
Apache called out for reporting incorrect versions in Struts vulnerabilities
https://www.infosecurit...
Read More
A researcher found out that you can discover if a user is in incognito mode in Chrome using a timing...
Read More
The Capital One breach leads the news this week, for a dozen good reasons.
https://start.jcolemorris...
Read More
Facebook is under heavy fire for privacy "violations", although they never did anything they didn't...
Read More
It's 1994 again! Encryption is on the table for law enforcement. Be ready for entry in the back door...
Read More