Aaron Parecki

#security

• Debugging for Malware Analysis (resources.infosecinstitute.com)

  Wed, Sep 9, 2020 5:46pm -07:00 #malware #security
• Methodology for Reverse-Engineering Malware (zeltser.com)

  Wed, Sep 9, 2020 5:45pm -07:00 #malware #security
• How to Think About OAuth Security

  Sep

  2

  September 2, 2020 11:00am - 11:45am (-0700)

  Online

  Disclosure

  View Slides

  permalink #oauth #security
• Disclosure

  Sep

  2

  September 2, 2020 9:00am - 6:00pm (-0700)

  Online

  permalink #okta #oauth #security
• 

  I'm giving a talk about OAuth security at #DisclosureConf tomorrow! It's not too late to register! https://developer.okta.com/blog/2020/09/01/aaron-parecki-disclosure-conf-2020

  Portland, Oregon • 71°F

  9 likes 5 reposts 1 reply 1 mention

  Tue, Sep 1, 2020 8:33am -07:00 #security #oauth #disclosureconf
• The HID global iClass key (ss23.github.io)

  "3F90EBF0910F7B6F"

  Thu, Aug 27, 2020 6:32pm -07:00 #security
• zardus/wargame-nexus: A sorted and updated list of security wargame sites. (github.com)

  Thu, Aug 27, 2020 6:32pm -07:00 #security
• ::[ www.try2hack.nl ]:: (www.try2hack.nl)

  Thu, Aug 27, 2020 6:32pm -07:00 #security
• Any Proximity HID Keycard Can Easily Be Hacked Using A $10 device (www.getkisi.com)

  Thu, Aug 27, 2020 6:32pm -07:00 #security
• What's New in OAuth 2.1

  Aug

  19

  August 19, 2020 10:50am - 11:15am (+0800)

  Online

  API Days Live Singapore

  permalink #oauth #openid #security #apidays
• API Days Live Singapore

  Aug

  18

  Aug

  19

  Aug

  20

  August 18-20, 2020
  3 days

  Online

  permalink #apidays #oauth #security
• Enhance SMS-delivered code security with domain-bound codes - Discover - Apple Developer (developer.apple.com)

  Mon, Aug 10, 2020 1:31pm -07:00 #sms #security #ios #apple
• 

  This thread is very good security advice even if you are not a YouTuber. You should listen to her.
  
  https://twitter.com/snubs/status/1291174426537533441

  Portland, Oregon • 70°F

  5 likes 9 reposts 1 reply

  Wed, Aug 5, 2020 9:55pm -07:00 #security
• Evilginx 2 - Next Generation of Phishing 2FA Tokens (breakdev.org)

  Tue, Aug 4, 2020 6:18am -07:00 #phishing #security
• Who’s Behind Wednesday’s Epic Twitter Hack? — Krebs on Security (krebsonsecurity.com)

  Fri, Jul 31, 2020 4:39pm -07:00 #twitter #twitterhack #security
• 

  Remember how I always say make sure you audit your third-party JavaScript you embed in your apps, especially in your login pages? Classic example right here, someone inserted malware into the @Twilio SDK because it was in a publicly writable S3 bucket. 😱 https://www.twilio.com/blog/incident-report-taskrouter-js-sdk-july-2020

  Portland, Oregon • 64°F

  4 likes 6 reposts

  Tue, Jul 28, 2020 7:33am -07:00 #security
• OAuth 2.1

  Jul

  22

  July 22, 2020 7:30am - 8:00am (-0700)

  Online

  OAuth Security Workshop

  View Slides

  permalink #oauth #security
• Protecting Single-Page Apps using OAuth

  Jul

  22

  July 22, 2020 5:30am - 6:00am (-0700)

  Online

  OAuth Security Workshop

  View Slides

  permalink #oauth #security
• "if I can do X online, why can't I vote online?" (threader.app)

  Sun, Jul 19, 2020 8:42am -07:00 #voting #security
• 

  Hey @Linode why do you have so many ad trackers on your *login* domain? Of all places that's where you want to use as little 3rd party JS as possible!
  
  Visiting login.linode.com loads trackers from Facebook, Doubleclick, Impact Radius, Oktopost, Linkedin, Google Ads, Bing

  Portland, Oregon, USA

  18 likes 2 reposts 8 replies

  Sat, Jul 18, 2020 12:00pm -07:00 #security