Sandbox Evasion Technique

It’s been a while since I’ve written anything on my blog, its been a busy few months at GDT. We’ve been working on developing some cool new security technologies and techniques, and a new type of attack that leverages steganography and DNS exfiltration. I’ll have a write up on that as soon as I get […]

Read More Sandbox Evasion Technique

The Idiot’s Guide to IoT Security

I hate IoT. When notifying some manufacturers about vulnerabilities in their devices, we often get a response along the lines of “Version X.YZ of the firmware has a ton of new features, we’ll add it then when it comes out in 8 months!”. That means for 8 months, that vulnerability remains unpatched. Very few people […]

Read More The Idiot’s Guide to IoT Security

The Christmas of IoT

Tech gifts are awesome. As an engineer, I love getting new gadgets and gizmos to play with, break, and eventually fix. But if someone gets me some mundane object that is internet connected, I’m going to lose my shit. Its a cool concept, instead of a regular bathroom scale, its a machine-learning bathroom scale. It seems appealing […]

Read More The Christmas of IoT

DON’T. SHARE. YOUR. PASSWORDS.

A lot of members of the British Houses of Parliament are under fire this week for some pretty terrifying information security practices. And by terrifying I mean that when I first read this I couldn’t believe that someone in a position of power could be so lax with their security. For those that haven’t seen, […]

Read More DON’T. SHARE. YOUR. PASSWORDS.