by Danny Rosseau | Aug 30, 2019 | Danny Rosseau, Feature, News
One of the more common findings we report for Android security reviews is an issue involving hard coded secrets. This blog post will specifically focus on hard coded secrets used for encrypting application data. I’ll try to use a bit of light threat modeling and...
by Danny Rosseau | Aug 22, 2019 | Danny Rosseau, Feature, News
When this Project Zero report came out I started thinking more about USB as an interesting attack surface for IoT devices. Many of these devices allow users to plug in a USB and then perform some actions with that USB automatically, and that automatic functionality...
by Danny Rosseau | May 6, 2019 | Danny Rosseau, Feature, News
By Danny Rosseau Cloud providers have a wide variety of different predesigned service offerings, but they’re intended to be created and used quickly and easily, sometimes to the detriment of having secure configurations by default. It can be confusing for...
