HackDig : Dig high-quality web security articles for hacker

Discover the Unknown: Analyzing an IoT Device

This blog post will give a brief overview about how a simple IoT device can be assessed. It will show a basic methodology, what tools can be used for different tasks and how to solve problems that may arise during analyses. It is aimed at readers that are interested in how such a device can be assessed, those with general interest in reverse engineering or t
Publish At:2016-04-12 14:20 | Read:5060 | Comments:0 | Tags:Tools AES crypto IoT network nmap NSE reversing

PGP: Still hard to use after 16 years

Earlier this month, SC magazine ran an article about this tweet from Joseph Bonneau at the Electronic Frontier Foundation: Email from Phil Zimmerman: “Sorry, but I cannot decrypt this message. I don’t have a version of PGP that runs on any of my devices” PGP, short for Pretty Good Privacy, is an email encryption system invented by Phil Zimm
Publish At:2015-09-24 17:25 | Read:2784 | Comments:0 | Tags:Uncategorized AES cryptographer encrypting email encryption

POODLE attack takes bytes out of your encrypted data - here's what to do

Imagine that you're a hacker who has taken over a Wi-Fi access point at a coffee shop.You don't need to be there in person; you just need to be able to login to the access point as root (UNIX's name for the system administrator).If you can do that, you can almost certainly spy on, and sneakily modify, everyone's network traffic.However, you're out of luck fo
Publish At:2014-10-16 14:40 | Read:2707 | Comments:0 | Tags:Cryptography Data loss Featured AES authentication CBC ciphe

POODLE attack takes bytes out of your encrypted data - here's what to do

Imagine that you're a hacker who has taken over a Wi-Fi access point at a coffee shop.You don't need to be there in person; you just need to be able to login to the access point as root (UNIX's name for the system administrator).If you can do that, you can almost certainly spy on, and sneakily modify, everyone's network traffic.However, you're out of luck fo
Publish At:2014-10-16 13:05 | Read:3354 | Comments:0 | Tags:Cryptography Data loss Featured AES authentication CBC ciphe

What if AES fails?

Consider for a moment how much sensitive information is in your Enterprise. How much of it is encrypted: is it Gigabytes, Terabytes or more?Now, what would happen if someone told you that all of it was vulnerable - that the encryption didn’t mean anything? Think - for a moment - what would happen if the sky fell and Advanced Encryption Standard (
Publish At:2014-10-04 02:20 | Read:3327 | Comments:0 | Tags:Security In Defense of Data Encryption advanced encryption s

Fresh phish served with a helping of AES

Obfuscated phishing sites are nothing new. Various techniques such as JavaScript encryption tools (which offer very primitive obfuscation), data URIs (where the page content is mostly Base64-encoded), and character escaping are often used. However, recently we have seen a phishing site using the Advanced Encryption Standard (AES).Figure 1. Page s
Publish At:2014-09-04 15:10 | Read:3192 | Comments:0 | Tags:Security Security Response Endpoint Protection (AntiVirus) A

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud