Our team describes how single-factor authentication attack surfaces can be exposed in the AirWatch MDM suite and what steps to take to mitigate risks.

A security vulnerability has been found in the Black Duck Hub REST API Python project (“blackduck” in the PyPI repository). Read more.

Hackers can use the username structure and deployed technologies in an online document’s metadata to successfully breach the perimeter.

Moving functionality from Java to native implementations in Android increases obscurity but not security.

A quick walkthrough of the general steps taken to solve an iOS CTF.

Netwrix Account Lockout Examiner (versions prior to 5.1) allows an unauthenticated remote adversary to capture the NTLMv1/v2 challenge response....

Burp Suite’s Intruder tool can be used to automate testing for weak/default passwords.