7ASecurity completes CoverDrop Audit

About CoverDrop Whistleblowers need a secure method to initiate contact and build trust with journalists. Existing tools often cater to later-stage correspondence, leaving crucial, early touch-points vulnerable to surveillance. In addition, many of these tools are difficult to find on newspaper websites, hard to use securely, and offer insufficient user guidance. After conducting workshops with …

Free Pentest Contest 2024: Strengthen Your Cybersecurity for Free

How secure do you think your digital world is? This year, we’re thrilled to bring back our highly anticipated Free Pentest Contest for 2024, offering you a golden opportunity to test the strength of your cybersecurity – absolutely free! Why Enter the Free Pentest Contest 2024? This is your chance to win a complimentary, professional penetration …

7ASecurity Completes Opaque Security Audit

About Opaque Opaque is a JavaScript package to allow secure password-based, client-server authentication without the server ever obtaining knowledge of the password.  Audit Description Through OTF’s Red Team Lab, 7ASecurity conducted a penetration test and whitebox security review of Opaque. A whitebox review is a form of application testing that provides the tester with complete knowledge of the application …

7ASecurity Completes Disguiser Framework Audit

About Disguiser   Disguiser is a novel framework that enables end-to-end measurement for accurately and comprehensively investigating global internet censorship practices. It’s challenging to conduct large-scale internet censorship measurement, as it involves triggering censors through artificial requests and identifying abnormalities from corresponding responses. Due to the lack of “ground truth” on the expected responses from legitimate services, …

7ASecurity Completes Bridgefy Audit

7ASecurity worked with Bridgefy to complete a whitebox pentest of the mobile app, SDK, cloud infrastructure, and privacy to help improve Bridgefy’s overall security posture. What is Bridgefy? Bridgefy, a popular mobile messaging app, allows you to send offline messages by leveraging Bluetooth technology. This app aims to provide secure messaging when infrastructure is not …

7ASecurity Completes ArgoVPN Audit

This blog post summarizes a whitebox security review conducted by 7ASecurity against the ArgoVPN platform. What is ArgoVPN? ArgoVPN is a free VPN with an unlimited bandwidth that is developed for Android devices. It allows users to visit blocked websites, online services, social media and messaging apps. The developers designed ArgoVPN to meet the needs …

7ASecurity Completes Mozilla K-9 Mail Audit

7ASecurity had the privilege to collaborate with the Open Source Technology Improvement Fund (OSTIF), as well as the K-9 Mail and Thunderbird teams at Mozilla, in a recent security audit of the Mozilla K-9 Mail application. What is K-9 Mail? K-9 Mail is an open source email application that runs on most Android devices. Ideally, the application is reliable, intuitive and secure …

Security Weekly News 22 June 2011 – Summary

In case you missed it, I put together a blog post last week on the OWASP AppSec EU Security Conference in Trinity College, Dublin, Ireland with slides, pictures and experience Feedback and/or contributions to make this better are appreciated and welcome Highlighted quotes of the week: “I would recommend to store at least half a …

Security Weekly News 22 June 2011 – Full List

Category Index Hacking Incidents / Cybercrime Unpatched Vulnerabilities Software Updates Business Case for Security Web Technologies Network Security Cloud Security Crytography Privacy Security FAIL General Outrageous Funny / Hilarious Hacking Incidents / Cybercrime   Document claims LulzSec has obtained 2011 UK Census records  [www.v3.co.uk] Infamous hacking group LulzSec is claiming to have obtained the entire …

Security Weekly News 17 June 2011 – Summary

Smile! it’s Friday! 🙂   In case you missed it I put together a blog post last week regarding my personal experience on the CISSP certification process, etc: CISSP exam, materials, preparation and experience   Feedback and/or contributions to make this better are appreciated and welcome Highlighted quotes of the week: “A pen test should …