Successful mitigation of today’s security threats requires an approach that is both on the offensive and on the defensive. Here, we give our take on how to approach and handle specific security challenges, as well as our reaction to some of the latest industry topics.
Exploring Fake News Detection as a Service Automated or machine-learning solutions for fake news detection are both necessary and challenging in the fight against misinformation. This post explores the first automatic, content-agnostic approach to fake news detection, FNDaaS, which considers both new and unstudied website features. The Challenges of Fake News Detection Using Current Methods… Read more »
The Pros and Cons of Leveraging Artificial Intelligence for Code Development Using an AI coding assistant is rapidly becoming an attractive choice for developers. Instead of analyzing your own problem-solving processes and translating them into code, why not draw on the massive body of developed software that has likely solved your problem a hundred times?… Read more »
How Safe are Electric Vehicle Charging Mobile Applications from Attack? This post provides a review of research on mobile EVCS app security and how vulnerable these apps are from attack. I have detailed my take on the research and findings, as well as what we learn from the research on improving security for mobile electric… Read more »
Can These Languages Eliminate Memory-Handling Vulnerabilities for Programmers? Much has been made recently of the memory safety provided by programming languages like Rust and Go. These languages have been designed to eliminate some of the language weaknesses that make it so easy for C and C++ programmers to write vulnerable software. These memory-safe languages are… Read more »
How Safe are Radar Sensors from Adversarial Attack? This post provides a review of research on radar security and how vulnerable a particular type of radar is to adversarial attack. I have detailed my take on the research and findings, as well as what we learn from the research on improving security within radar-based environments.… Read more »
What We Can Learn From an Examination of the Misapplication of Cryptography In this post, I present my thoughts and learnings from a research paper focused on cryptography use cases demonstrating misapplication. The authors undertook a study building on some previous work by other authors, going further to study the prevalence of false positives in… Read more »
A Deep Dive into ThirdEye and What Researchers Found In this post, I present my thoughts and learnings from a research paper about ThirdEye, an automated Android application testing tool that was created by the paper’s authors. While this tool does not appear to have been released to the public at the time of publication,… Read more »
Apex Labs Dissects a 4-Part Study on Privacy and Security Issues in Electronics Repair Is there data snooping by electronics technicians when we bring our devices in for repair? The researchers in this paper claim to have conducted the first-ever comprehensive study to understand the state of privacy in the electronics repair services industry. While… Read more »
How We Used Vishing to Attack an Internal Corporate Network We are back with the third and final write-up of our social engineering blog series to add to previous posts about an email phishing campaign and target phishing scenarios using social media. This post is all about a vishing call! Vishing or Voice Phishing is… Read more »
How We Identified a Critical Situation for Our Client This is the story of a routine internal network penetration test that led to the identification of a critical security issue. As part of the normal process, I was exploring the target IPs to discover services, and I could not find anything interesting. In this type… Read more »
