Secure design and codding

Data leaks from AWS EC2 – how can Bob reveal Alice’s secrets?

  Author: Paweł Rzepa In this blog post I’m going to show you several ways in which sensitive data from an isolated AWS EC2 instance can be...

Buffer overflow x monkeyuser.com

    Everyone enjoys their coffee hot… As long as the amount of coffee fits perfectly into the cup. Otherwise, the exact moment it...

Queue based DoS x monkeyuser.com

  A mischievous joke to those who need a cup of coffee to take off, and there is a long queue to the only coffee machine on the floor… A truly...

Seven-Step Guide to SecuRing your AWS Kingdom

  AWS (Amazon Web Services) tries to decrease the number of security issues among its customer by releasing new services or upgrading the old...

Transaction Authorization Cheat Sheet

Update 23/12/2015  Version 2.0   Transaction authorization is implemented in modern financial systems in order to protect against unauthorized...

Why should you consider pentesting your cloud?

It is true that migrating your business to the cloud indeed mitigates a lot of risks while comparing to a monolithic architecture. Thanks to the...

Mobile payment card cloning possibilities

  Nowadays we are observing very dynamic adoption of mobile contactless payments. These are systems provided by OS manufacturers (Android Pay,...

HCE cloning FAQ

  HCE cloning FAQ Our research demonstrated that it is possible to copy mobile contactless card data, enrol it to another phone, and use it for...

Armouring your SaaS #1: My obviously bulletproof SaaS

Mateusz Olejarka (mateusz.olejarka@securing.pl, @molejarka)   Do you enjoy the feeling that your company is the best, and your products –...