Owning a device with a single jump

Owning a device with a single jump

Back when I first read about this thing called “hacking” I thought I’d be spending all my days overflowing NSA buffers with plagiarized shell code and going by some cool hacker name like “1337BadGeR”. Sadly for me, upon entering the actual world, I had to get back in...
Android Hard Coded Secrets

Android Hard Coded Secrets

One of the more common findings we report for Android security reviews is an issue involving hard coded secrets. This blog post will specifically focus on hard coded secrets used for encrypting application data. I’ll try to use a bit of light threat modeling and...
Intro To Inzure: New Tool for Azure Deployments

Intro To Inzure: New Tool for Azure Deployments

By Danny Rosseau Cloud providers have a wide variety of different predesigned service offerings, but they’re intended to be created and used quickly and easily, sometimes to the detriment of having secure configurations by default. It can be confusing for...