Collaborate Disseminate
We are delighted to be hosting some unique content from our friend and recovering hacker Alissa Knight. This is the third blog in a series about the security risks exposed by the push to adopt FHIR APIs in US healthcare.
The post Guest Blog: Aliss… Continue reading Guest Blog: Alissa Knight on ‘Playing with FHIR’
Photo credit: iStock.com/Evkaz
We are all very aware of the issues around phishing of user credentials. But it is not only users that can be phished, apps can be too. In previous blogs we’ve shown you how you can make a MITM attack against an app…. Continue reading API Keys Can Be Phished Too
Facebook has introduced a new feature in its platform that has been designed to make it easier for bug bounty hunters to find security flaws in Facebook, Messenger, and Instagram Android applications.
Since almost all Facebook-owned apps by default us… Continue reading New Settings Let Hackers Easily Pentest Facebook, Instagram Mobile Apps
The glitch stems from a functionality intended to allow updates to the UEFI firmware. Continue reading Update Mechanism Flaws Allow Remote Attacks on UEFI Firmware
A thorough review of the top 1 million websites reveals 93 percent fail Mozilla’s Observatory security review. Continue reading Majority of Sites Fail Mozilla’s Comprehensive Security Review
A thorough review of the top 1 million websites reveals 93 percent fail Mozilla’s Observatory security review. Continue reading Majority of Sites Fail Mozilla’s Comprehensive Security Review
Wikileaks has published a new batch of the Vault 7 leak, detailing a man-in-the-middle (MitM) attack tool allegedly created by the United States Central Intelligence Agency (CIA) to target local networks.
Since March, WikiLeaks has published thousands… Continue reading Wikileaks Unveils CIA’s Man-in-the-Middle Attack Tool
Apple takes countermeasures to neutralize OSX/Dok HTTPS-snooping malware by revoking a hijacked certificate updating its XProtect built-in anti-malware software. Continue reading Apple Revokes Certificate Used By OSX/Dok Malware
St. Jude Medical added another Merlin@home Transmitter medical device to its list of equipment vulnerable to a man-in-the-middle attack. Continue reading St. Jude Patches Additional Cardiac Device
Ettercap is a comprehensive suite for man-in-the-middle attacks (MiTM). It features sniffing of live connections, content filtering on the fly and many other interesting tricks. It also supports active and passive dissection of many protocols and inclu… Continue reading Ettercap – A Suite For Man-In-The-Middle Attacks