Blog

7ASecurity shares results of a security audit of DEfO: 5 security-impact findings (2 high), 6 hardening recommendations, and a lightweight threat model for OpenSSL ECH clients and servers.

Previous blog posts you might have missed and maybe you would like to read first for background: Part 1: Intro Part 2: Translating APKs The OWASP Mobile Application Security Verification Standard classifies the flaw explained in this blog post, under section V5: Network Communication Requirements, as follows: MSTG-NETWORK-1: Data is encrypted on the network using …