David Weinstein
@insitusec
CTO, software, code archaeology, security, mobile apps, startups, NP Hard, AI Things
Bạn có thể thích
Could we be witnesses the first AI trojan horse? An AI that will find a way to do something naughty, even if run fully offline. When will we see such a thing? Is DeepSeek the v0?
Developers rolling up for show and tell session be like… x.com/DamnThatsInter…
Great talk from Carlos on the nuts and bolts process of reversing mobile apps to find security and privacy issues in the context of the comprehensive OWASP MAS project. Well done!
Check out my latest talk at r2con in Barcelona: A brand new take on OWASP MAS and reverse engineering with @radareorg and AI. Thanks @trufae and the whole team for bringing r2con back to life, the best security conference in the world! youtube.com/watch?v=l_Q_1W…
youtube.com
YouTube
r2con2024 - day 2 - Hack-proof your mobile apps - grepharder
Opening the CFP from the brand new #r2con2024 website radare.org/con/2024
Apple people, if you need help with privacy manifests please sign up for Observer here nowsecure.com/nowsecure-obse…
apple: you have to add a privacy manifest me: what's that apple: it's a manifest me: is it a plist file? apple: use Xcode to make one me: using Xcode apple: not like that. The manifest file is invalid me: what is valid apple: check documentation me: it doesn't say the actual file…
The xz situation is absolutely insane and almost certainly state sponsored. This is an excellent example of a widely used software being maintained by basically one person. Read this web article and then frown and become sad. boehs.org/node/everythin…
We are excited to announce the MOBILE APP RISK SCORING, a new collaborative effort between industry, academia, and the @owasp MAS project. This proposal introduces a novel formula designed to measure the risk associated with mobile apps. OPEN FOR COMMENTS mas.owasp.org/news/
On my way to #DroidCon NY this week. Would be great to connect if you’re in the city this afternoon thru Friday! Let’s chat developer experience, flutter and hybrid frameworks, application security, data privacy and CI/CD topics. #dcnyc23 #Android #mobile
Been a minute 😅 I’m sure the content could use some freshening up given it’s more than 10 years old already. Yours and ITL research (and other peers of the time) was inspiring and incredibly exciting area of exploration. Y’all are Wizards and I only tried to capture parts of the…
Free online training from @CISAgov and @insitusec on hardware virtualization w/ VT-x. Love seeing that my Vitriol hypervisor rootkit research is mentioned and included in this! niccs.cisa.gov/education-trai…
Free online training from @CISAgov and @insitusec on hardware virtualization w/ VT-x. Love seeing that my Vitriol hypervisor rootkit research is mentioned and included in this! niccs.cisa.gov/education-trai…
The hate I’m seeing around vscode port forwarding is a losing battle IMO and perhaps a little misguided. Let’s (Infosec) maybe figure out how to make it safer, not how to block it or shame devs or msft. The corp firewall/perimeter is also dead so those filter suggestions may not…
Frida 16.1.4 is out w/ improved iOS 17 and rootless support, Android compatibility improvements, and some other goodies 🎉 frida.re/news/2023/08/2…
If you will be in Las Vegas for Black Hat or Defcon August 8 - 11, and we haven’t yet made plans to meet. Reach out directly or request a private meeting (please mention my name in the notes) at this link: info.nowsecure.com/BlackHat-2023.… I look forward to meeting with friends and…
One of the easiest ways to be generous is with your words. It doesn't cost anything to say: "Thank you for..." "I love you." "Great job on..." Generosity is about the attitude of your heart, not the size of your bank account
👀
Want to know about Computing on Encrypted Data? Want to know the difference between MPC, FHE, TEEs and ZKPs? Look no further... ieeexplore.ieee.org/document/10194…
This is the way! 🫡
⚠️ Watch out: Environments encourage behaviors. QA: "Let's batch up work and wait for a separate team to manually test our app and approve before we can deploy." UAT: "Let's batch up work and block deploy until a subset of users approves." Staging: "Let's batch up work,…
United States Xu hướng
- 1. Chiefs 79.4K posts
- 2. #TNABoundForGlory 39.9K posts
- 3. #LoveCabin 1,217 posts
- 4. LaPorta 9,375 posts
- 5. Goff 12.1K posts
- 6. Bryce Miller 3,354 posts
- 7. #OnePride 5,686 posts
- 8. Kelce 13.2K posts
- 9. Butker 7,892 posts
- 10. #DETvsKC 4,010 posts
- 11. #ALCS 9,270 posts
- 12. Baker 50.2K posts
- 13. Gibbs 5,302 posts
- 14. Collinsworth 2,364 posts
- 15. Dan Campbell 2,175 posts
- 16. Pacheco 4,474 posts
- 17. Patrick Mahomes 6,864 posts
- 18. Polanco 6,626 posts
- 19. Mike Santana 2,385 posts
- 20. Tyquan Thornton 1,078 posts
Bạn có thể thích
-
quarkslab
@quarkslab -
fG!
@osxreverser -
Dinesh Shetty
@Din3zh -
NowSecure
@NowSecureMobile -
Rodrigo Branco
@bsdaemon -
Edu Novella
@enovella_ -
Tarjei Mandt
@kernelpool -
AndroBugs
@AndroBugs -
Jacob Soo
@_jsoo_ -
🐘 @[email protected]
@therealsaumil -
Pau Oliva
@pof -
Markus Vervier
@marver -
Collin Mulliner
@collinrm -
Ben Actis
@Ben_RA -
Stephen A. Ridley
@s7ephen
Something went wrong.
Something went wrong.