Critical Vulnerability Compromising Verizon Email Accounts (Again)

I have worked with Verizon numerous times in the past while reporting serious security vulnerabilities, including a critical vulnerability in their MyFiOS app’s API that exposed the email accounts of all users. While I was recently researching the Verizon webmail portal, I discovered multiple vulnerabilities of varying severities — some of which I will likely write about in the …

Widespread Vulnerable Ads Part Two: Flash Edition (Facebook’s LiveRail, Akamai, Adobe products affected)

Shortly after my recent blog post concerning widespread XSS in ad network code, I discovered similar vulnerabilities in Flash video ads (and other Flash products/components), resulting in a substantial industry-wide mitigation of XSS in Flash-to-JavaScript communication. Perhaps most interestingly, these vulnerabilities presented risks similar to my previous findings except that, in most cases, Ad-Block solutions employed by the …

Compliance Strikes Again: Multiple Vulnerabilities in Worldpay’s Merchant Portal

I had almost forgotten about my experience with Worldpay’s Merchant Portal from just over a year ago, but my recent post regarding another payment processor helped to refresh my memory. I occasionally help one of my family members’ small business with almost anything technology-related, including their e-commerce solution. In this case, I was helping them switch their payment gateway …

Widespread XSS Vulnerabilities in Ad Network Code Affecting Top Tier Publishers, Retailers

For most of us, the title of this post may not be very surprising. Any time we allow 3rd party scripts to run on our sites, we effectively relinquish control of the code that executes on the client. This is particularly important when integrating ad network scripts since they are inherently more dynamic than most other types of integrations, the cause of which is the …

Hijacking Verizon FiOS Accounts

I have written about some of my research into the Verizon My FiOS app in the past, including a vulnerability that compromised the email accounts of all users. I recently revisited this app after considering another possible attack vector against the My FiOS APIs. As a result, I identified a vulnerability that would have allowed an attacker to completely steal another …

Running a Hidden Tor Service with Docker Compose

The Docker craze is in full force and shows no signs of slowing down. Software containers seem to be one of the most significant game changers for DevOps since virtual machines. Docker’s development is active and its supporting projects (Compose, Machine, Swarm) are maturing quickly. Though the complete Docker ecosystem is interesting enough, Docker Compose has caught …

Reverse Engineering the Yik Yak Android App

Every once in awhile, I’ll  come across an app that implements some hardening techniques that make reversing a little more interesting. This was the case when I recently tried proxying the API requests for Yik Yak, a popular social media application exclusively available for mobile platforms that allows semi-anonymous user communication across a 5-mile radius (typically …