The application I’m working on has more than a dozen of secrets, SSL certificates and API keys. Currently I have a file that’s added into .gitignore and it contains all my secrets. How to securely store all these secrets? How enterprise ap…
I studied this paper – http://www.cs.kun.nl/~erikpoll/publications/AndroidSecureStorage.pdf archive link which states that if attacker has root access to the device it’s easy to use keystore keys with another (hacker’s) application. Is it …
I am working on the ATMEL TPM device on an embedded platform. While experimenting with the extend operation of the PCR, I extended the PCR 0 with a string of 20 bytes. As mentioned in the TPM specification, the PCRs 0-15 are resettable on …
I’m having a hard time understanding the difference between a rogue AP and an evil twin. I’ve spent some time searching for it, but I don’t think I understand it fully.
Is the AP a device that needs to be physically plugged in (Ethernet ca…
I’m having a hard time understanding the difference between a rogue AP and an evil twin. I’ve spent some time searching for it, but I don’t think I understand it fully.
Is the AP a device that needs to be physically plugged in (Ethernet ca…
I’m making a certificate chain:
..|root
…..|intermediate
……..|server
When my certificates are installed, the intermediate certificate has an error:
This certification authority is not allowed to issue certificates or ca…
I’m working with some exploit code for the MS08-067 vulnerability from ExploitDB.
The section:
WNetAddConnection2(&nr, “”, “”, 0)* fails with an error of 67 (ERROR_BAD_NET_NAME), but I don’t know why.
I’m using the correct IP as the…
Introduction
FireEye recently observed a sophisticated campaign targeting
individuals within the Mongolian government. Targeted individuals that
enabled macros in a malicious Microsoft Word document may have been
infected with Poison
Ivy, a po…
Introduction
FireEye recently observed a sophisticated campaign targeting
individuals within the Mongolian government. Targeted individuals that
enabled macros in a malicious Microsoft Word document may have been
infected with Poison
Ivy, a po…
I’m thinking about man-in-the-middle attacks on a BLE connection … normally when people talk about MITM attacks it’s a separate device that sits between the mobile phone/tablet and the BLE device, which immediately limits its effectivene…
