Berislav Kucan
Apple patches Safari arbitrary code execution vulnerabilities
Apple released new versions of their Safari browser – 6.1.6 and 7.0.6 – in which they fixed multiple memory corruption problems in Webkit. Out of the seven …
Disqus WordPress plugin vulnerabilities
During a penetration testing for a client, Australian based independent security consultant Nik Cubrilovic, discovered a couple of security issues within the very popular …
Exploiting wildcards on Linux
DefenseCode released an advisory in which researcher Leon Juranic details security issues related to using wildcards in Unix commands. The topic has been talked about in the …
Web application penetration testing with ImmuniWeb
Switzerland-based ethical hacking and penetration testing experts High-Tech Bridge recently released an interesting security product that uses a hybrid approach towards web …
The story of Pwnie Express
Pwnie Express provides security testing solutions for today’s distributed enterprise and their hard-to-reach branch offices. We have met them at numerous conferences and …
Two-factor authentication for WordPress using Rublon
Rublon provides automatic two factor authentication for web applications. It currently supports Drupal, WordPress, Magento, PrestaShop and OpenCart. Two-factor authentication …
Bypassing security scanners by changing the system language
A substantial security oversight is present in a variety of penetration testing tools, and it has to do with the different languages that a computer system can be set up to …
iPhone secure messaging with self-destruct mechanism via Wickr app
Wickr was one of the most interesting companies I was introduced to at this year’s RSA Conference in San Francisco. The company was one of the finalists of the …
How to social engineer a social network
Social engineering has for a while now been cyber attackers’ best bet to enter systems and compromise accounts when actual hacking doesn’t work, or when they …
The Basics of Web Hacking: Tools and Techniques to Attack the Web
Web security is one of the hot topics that we cover quite a lot on Help Net Security and is something that generates news and catches the interest of ever growing number of …
How to sniff local network traffic on an unrooted Android device
Google Play hosts a number of applications that focus on local network traffic sniffing for Android devices, but for the majority of them you would first need to root the …
Analyzing APK files inside an online Android application sandbox
Anubis is an online project developed by International Secure Systems Lab, which focuses on analyzing of binaries for different type of systems. The online sandbox was first …