Welcome back to another episode of The 443 – Security Simplified. This week, we cover the latest update on the BlueKeep Windows RDP vulnerability before jumping into an overview of four different protocols that were designed to improve DNS security and privacy. We’ll give you an overview of DNSSec, DNSCrypt, DoT and DoH and how they help secure one of the most used protocols on … [Read more...]
Unpatched 0-Day Android Vulnerability
Having been notified back in March, Google has yet to patch a 0-day vulnerability that allows for privilege escalation attacks. TrendMicro researchers in collaboration with the Zero Day Initiative went public on September 4th, 2019. In order to exploit this vulnerability, attackers must first obtain the ability to execute high-privileged code and would need local access to the … [Read more...]
A Silent Mobile Threat: Simjacker
This post should not be confused with my previously written article about SIM-jacking and should be taken way more seriously. Researchers at AdaptiveMobile Security recently went public with a new but silent threat: Simjacker. To qualify the more serious threat factor, this attack is advanced and reveals a flaw within SIM card implementations, as well as requiring minimal user … [Read more...]
9th Circuit Court of Appeals Makes CFAA Law More Confusing
In an area of law that worries many white hat hackers, the Computer Fraud and Abuse Act (CFAA) makes testing websites and vulnerabilities somewhat risky. In 1986 the CFAA amended the Comprehensive Crime Control Act of 1984, to cover unauthorized access to a computer. Now , it seems that anyone can scrape public data from a website without violating the CFAA. Previously, … [Read more...]
Android APK Reverse Engineering: What’s in an APK
Before building off the previous post, I wanted to take a moment and clarify the objective of this series. The purpose of this series is to break down the APK reverse engineering process into smaller chunks in order to really appreciate each step. As we progress through the series, I want readers to be able to build off of the previous post and see how all the pieces tie … [Read more...]
