threat-mitigation – Page 11

Are phone apps vulnerable to XSS or CSRF? (Webview, Phonegap, chrometab)

Posted on June 7, 2015 by goodguys_activate

Is CSRF or XSS is possible on a phone… using PhoneGap, a Webview, or specifically a "Chrome Tab" or iOS equivalent.
I believe in theory this is possible, and mitigation is needed, but looking for examples of previous exploits n… Continue reading Are phone apps vulnerable to XSS or CSRF? (Webview, Phonegap, chrometab)→

Data breach policy – immediate actions

Posted on June 1, 2015 by JasonGenX

We have a web application server and a database on AWS.

Is there any “immediate action” policy somewhere we can adopt as to the steps we can take when we suspect or detect a data breach?

Continue reading Data breach policy – immediate actions→

Can a Radius server mitigate an ARP spoofing attack?

Posted on March 1, 2015 by Dremor

I’m helping my school network administrator to try to find a way to mitigate a current ARP spoofing attack on our wifi network. We detected an unknown host (MAC address seem to change, he is probably using mac-changer or some… Continue reading Can a Radius server mitigate an ARP spoofing attack?→

ASLR Randomization BSS

Posted on June 12, 2013 by fahad

Here is some code:

#include <stdio.h>
#include <string.h>

char globalbuf[256];

void function(char *argv) {
char localbuf[256];
strcpy(localbuf, argv);
strcpy(globalbuf, localbuf);
printf(“localbuf a… Continue reading ASLR Randomization BSS→

What damage could be done if a malicious certificate had an identical "Subject Key Identifier"?

Posted on January 9, 2013 by makerofthings7

I’m looking at the the Subject Key Identifier attribute of a CA certificate and am trying to understand the role it plays in validation and infer how validating client software could get it wrong.

What is the role of the Subject Key Iden… Continue reading What damage could be done if a malicious certificate had an identical "Subject Key Identifier"?→

What are the risks of a rogue Access Point? What lessons can be learned from the Wifi Pineapple?

Posted on October 4, 2012 by random65537

I’d like to educate colleagues and peers on rogue access points using the tool “Wifi Pineapple”.

What are some specific security-related lessons I could demonstrate? If applicable, what are the mitigations to those attacks?… Continue reading What are the risks of a rogue Access Point? What lessons can be learned from the Wifi Pineapple?→

How does adding a random serial number improve a certificate’s security?

Posted on June 5, 2012 by LamonteCristo

This article says:

“Finding collisions is a tricky process, since it requires you to muck
with the bits of the public key embedded in the certificate (see this
paper for more details). Also, Microsoft could have prevented this
so… Continue reading How does adding a random serial number improve a certificate’s security?→

Inconsistencies found in OpenID Provider’s HTTP Headers. Which one is the most secure that I should imitate in my STS, and Relying Party?

Posted on October 29, 2011 by halfbit

I’m comparing the HTTP headers of the various providers (LiveID, Google, Yahoo, etc) and notice a broad inconsistency in implementation on the sign in page, sign out page, and subsequent pages.

What headers should I set/ignore, and what i… Continue reading Inconsistencies found in OpenID Provider’s HTTP Headers. Which one is the most secure that I should imitate in my STS, and Relying Party?→