Security

Zero-Day Research: CVE-2023-48024 and CVE-2023-48025

Striking a harmonious balance between high-level abstraction and low-level hardware control, the C programming language proves to be efficient for resource-constrained embedded systems. C programs can be finely tuned to optimize memory usage and execution speed, a critical consideration in embedded applications where resources are at a premium.  Despite the many benefits of the C …

Zero-Day Research: CVE-2023-48024 and CVE-2023-48025 Read More »

Auto Answer: Feature or Vulnerability

Auto Answer is a feature in many VoIP phones that allows the phone to go off-hook the very instant a call is received by the instrument. In this video we’ll look at how this feature is setup and talk about the security vulnerabilities. NIST Report: Link Video Conferencing Auto Answer: Link 1 Link 2 Link 3

Monumental Security Practices

Every time I take someone sight seeing in DC, I can’t un-see them. I should be alright with CCTV cameras hanging off of structures. I’m a security professional. We eat vulnerabilities for breakfast and birth countermeasures at dinner. This, however is different. Let me demonstrate my frustration. First, take the lovely Abraham Lincoln Memorial. Be …

Monumental Security Practices Read More »

Skinny Secure 002: Hackers vs Hackers, Airplanes vs Thumb-drives, & Students vs Teachers

Microsoft Hacked, Hackers Rejoice, Hackers Hacked Yesterday the Syrian Electronic Army (SEA) hacked several Microsoft Twitter accounts. The SEA is a contingent of hackers that are supportive of Syrian President Bashar al-Assad. After immediately taking credit for the attack and bragging all over the internet, they are today nursing a small wound of having their …

Skinny Secure 002: Hackers vs Hackers, Airplanes vs Thumb-drives, & Students vs Teachers Read More »