BlastRADIUS Vulnerability Discovered in RADIUS Protocol Used in Corporate Networks and Cloud

Exploiting the BlastRADIUS vulnerability leverages a man-in-the-middle attack on the RADIUS authentication process. Continue reading BlastRADIUS Vulnerability Discovered in RADIUS Protocol Used in Corporate Networks and Cloud

Reverse Engineering the Apple Lightning Connector

A frequent contributor to the hacker community, [stacksmashing] has prepared an excellent instructional video on reverse engineering Apple’s Lighting connector proprietary protocol. The video begins by showing how to gain …read more Continue reading Reverse Engineering the Apple Lightning Connector

Understanding Custom Signal Protocols with Old Nintendos

For retro gaming, there’s really no substitute for original hardware. As it ages, though, a lot of us need to find something passable since antique hardware won’t last forever. If …read more Continue reading Understanding Custom Signal Protocols with Old Nintendos

Man-in-the-Middle Attack Makes PINs Useless for VISA Cards

EMV protocol is vulnerable to a man-in-the-middle attack All VISA credit cards are affected VISA has to issue update for POS terminals Swiss security researchers have discovered a way to bypass the PIN authentication for Visa contactless transactions. … Continue reading Man-in-the-Middle Attack Makes PINs Useless for VISA Cards

The Ceedy World of Message Serialization

Look, I’ve been there too. First the project just prints debug information for a human in nice descriptive strings that are easy to understand. Then some tool needs to log a sensor value so the simple debug messages gain structure. Now your debug messages {{look like : this}}. This is …read more

Continue reading The Ceedy World of Message Serialization

Google may soon add end-to-end encryption for RCS

The dogfood version of the recently updated app shows multiple references to encryption for RCS, the feature-rich successor to SMS messaging. Continue reading Google may soon add end-to-end encryption for RCS

Reverse Engineering Saves Trashed LED Panels

While out riding his bike, [Hammond Pearce] came across a dumpster overflowing with large LED panels. Despite the fact that the model numbers didn’t reveal anything helpful after some online searching, he decided to pedal off with as many as he could safely carry. The COVID-19 lockdown left him with …read more

Continue reading Reverse Engineering Saves Trashed LED Panels

Critical Cisco ‘CDPwn’ Protocol Flaws Explained: Podcast

The researcher behind the five critical Cisco flaws, collectively called CDPwn, talks about why Layer 2 protocols are under-researched when it comes to security vulnerabilities. Continue reading Critical Cisco ‘CDPwn’ Protocol Flaws Explained: Podcast

Milspec Teardown: ID-2124 Howitzer Data Display

It’s time once again for another installment in “Milspec Teardown”, where we get to see what Uncle Sam spends all those defense dollars on. Battle hardened pieces of kit are always a fascinating look at what can be accomplished if money is truly no object. When engineers are given a …read more

Continue reading Milspec Teardown: ID-2124 Howitzer Data Display