OUR BLOG
GDPR vs CCPA 2020 edition
*There is an updated edition of this article that you can read here This blogpost will try to provide a comparison guide concerning the EU General Data Protection Regulation and the California Consumer Privacy Act. The European General Data Protection Regulation...
A touch on CVE-2020-0796
Introduction In this post, we will aim to touch on the CVE-2020-0796 vulnerability, which was initially publicly disclosed by Microsoft. This post also attempts to illustrate basic windbg usage for dynamic vulnerability analysis. IDA disassembler will also be used in...
Entry level resources for penetration testing
This blog post is the first in a series of posts about the world of web app penetration testing. What you are reading now is but an introduction aiming to introduce the aspiring pentester to essential knowledge and tools. Although further articles addressed to more...
12 Cyber Security Tips For Your Holidays Online Shopping
The holiday season is upon us once again. From everyone at TwelveSec I want to extent our best wishes. Along with the season greetings, this time of year also brings holiday shopping. Year after year people abandon the traditional shopping routines and turn online for...
IoT Penetration Testing Part 1
Part 1 In this blog post series, we will show you certain steps among with the tools used in order to conduct IoT security assessments. In this first part you will need a .bin file of a device firmware in order to continue. Tools needed file It...
BSides Athens 2018 – This is a serious laptop; No games and chatting possible, OK?
During the Bsides Athens 2018 conference, I made a presentation on how - during a penetration test exercise - we managed to infiltrate malware and exfiltrate data in/out of a corporate secure laptop, that was using the "Walled Garden" architecture. We managed that by...