Application Security This Week for December 6

An astonishingly well-written article by Google Project Zero on a vulnerability in iPhone's proximity features.

https://googleprojectzero.blogspot.com/2020/12/an-ios-zero-click-radio-proximity.html?m=1

 

For something totally different, a tool that de-pixelizes values in images.

https://github.com/beurtschipper/Depix

 

Another fuzzer, ostensibly for debugging, but you know how that goes.

https://opensource.googleblog.com/2020/12/announcing-atheris-python-fuzzer.html

 

Fortinet has a good writeup of some info disclosure problems with current browsers.

https://www.fortinet.com/blog/threat-research/leaking-browser-url-protocol-handlers

 

That's the news! Have a fantastic week.

 

Add comment

Bill Sempf

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

 

 

profile for Bill Sempf on Stack Exchange, a network of free, community-driven Q&A sites

MonthList