Explore >> Select a destination
|
You are here 
|
mike.sherov.com | ||
| | | | |
www.martinvigo.com
|
|
| | | | | Today, LastPass issued a security notice on their blog explaining that they detected some suspicious activity on their network. They believe that "LastPass account email addresses, password reminders, server per user salts, and authentication hashes were compromised" but also that the encrypted passwords (the vault) was not accessed. What does all this reallymean? I found ... | |
| | | | |
www.mcafee.com
|
|
| | | | | A major vulnerability affecting the security of cloud services dubbed POODLE was reported on October 14th by three Google security researchers. | |
| | | | |
labanskoller.se
|
|
| | | | | During 2021 I had access to a facility equipped with an alarm system from Securitas Direct. I had access as a regular user to Securitas Direct's My Pages at mypages-pro.securitas-direct.com, which is used to administer some aspects of one's security alarm installation. That web application suffered a CWE-384 Session Fixation vulnerability which can be used by an attacker in a so-called Man-In-The-Middle (MiTM) position. Home page of Securitas Direct My Pages In summary, if an attacker is on the same netw... | |
| | | | |
blog.trailofbits.com
|
|
| | | This post will examine the cryptography behind passkeys, the guarantees they do or do not give, and interesting cryptographic things you can do with them, such as generating cryptographic keys and storing certificates. | ||
