Collaborate Disseminate
Considering the metadata such as creation and modification datetimes of files in terms of computer forensics. If tampering of such metadata date information is expected, can Benford’s law be used to proof or disprove the act of metadata al… Continue reading Can Benford’s law be used for the purpose of detecting deviations in a file metadata dates?
From personal experience many mobile apps that I’ve tested don’t actively detect and discourage (with a warning) or even block the app from running on/in:
a rooted/jailbroken Android/iOS device
emulated environment
an end-of-life iOS or e… Continue reading Should mobile app developers actively prevent apps from running on outdated devices/rooted devices/emulators for security purposes?
During security audits I’ve seen several times that DevOps made a ‘special’ user account for CI/CD pipelines, especially when using Azure DevOps. Often this user is the only user where multi-factor authentication (MFA) is disabled, which I… Continue reading Do CI/CD pipelines in Azure DevOps require a dedicated user without MFA?
I was thinking about how to ensure the authenticity of Node.js packages that are installed from a public registry like npmjs.com. The only mechanisms (optionally) in place to my understanding are:
ECDSA registry signatures. Which to my un… Continue reading How can authenticity be ensured for Node.js packages when using a public registry like npmjs.com?
As Wikipedia defines:
White-box testing is a method of software testing that tests internal structures or workings of an application, as opposed to its functionality (i.e. black-box testing).
When the code is a target of its own, this i… Continue reading Are peripheral issues and systems normally considered in a white box penetration testing scope?
Assuming a disk was full-disk encrypted using Bitlocker and the partition table is corrupted or entirely missing. Is it possible in any way to recover from this, given that the original Bitlocker password and Bitlocker recovery key are ava… Continue reading Is it possible to repair a corrupted partition table of a Bitlocker encrypted disk? [migrated]
Background: A Bitlocker encrypted hard disk (5TB WD Elements HDD USB) was accidentally wiped partially using the wiping tool Eraser Classic Portable (using the US DoD 7 passes method). The wiping only went on for a few minutes (max. 5 min… Continue reading How to properly determine if an Bitlocker encrypted disk has a corrupted partition table? [migrated]
I have a situation where I have access to a huge list of Bitlocker recovery keys but only the combination of the identifier (GUID) and recovery key are available. However the disk in question is corrupted and I don’t know which identifier … Continue reading How to identify a GUID of a corrupted Bitlocker disk in order to find the corresponding Bitlocker recovery key? [migrated]
Recently a bunch of Anycubic 3D printers have been hacked as reported in an article from bleedingcomputer.com.
According to a wave of online reports from Anycubic customers, someone hacked their 3D printers to warn that the devices are e… Continue reading What is the potential impact of security risks associated specifically with 3D printers or their hosts? [migrated]
For example considering that ARM has TrustZone technology, and a potential reduced attack vector because it is based on a simpler RISC (Reduced Instruction Set Computing) based architecture instead of the CISC (Complex Instruction Set Comp… Continue reading In general terms does the use of ARM architecture pose any security benefits or risks over other architectures such as x86 and x64?