https://www.emergingdefense.com/blog daily 0.75 2019-05-20 https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1547249350142-ZTEUMAIYDZ71I4J71DKC/cyber4.jpg Latest Posts https://www.emergingdefense.com/blog/2019/1/11/basics-of-embedded-devices monthly 0.5 2019-01-19 https://www.emergingdefense.com/blog/2019/1/16/abusing-aws-metadata-service monthly 0.5 2019-01-19 https://www.emergingdefense.com/blog/2019/1/18/back-to-the-basics-buffer-overflows monthly 0.5 2019-01-19 https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1547850085917-5ZD6MBWGSHDXNZ09HWEB/overflow1.png Latest Posts - Blast from the Past: Memory Corruption - Start The above code takes an argument from the command line and copies it to a local stack variable c. This works fine for command line arguments smaller than 12 characters. Any arguments larger than 11 characters long will result in corruption of the stack. (The maximum number of characters that is safe is one less than the size of the buffer here because in the C programming language strings are terminated by a null byte character. A twelve-character input thus requires thirteen bytes to store, the input followed by the sentinel zero byte. The zero byte then ends up overwriting a memory location that's one byte beyond the end of the buffer.) https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1547849982494-IJIZBG6UMFJEB3Q62ORR/overflow3.png Latest Posts - Blast from the Past: Memory Corruption - Under Attack When an argument larger than 11 bytes is supplied on the command line foo() overwrites local stack data, the saved frame pointer, and most importantly, the return address. When foo() returns it pops the return address off the stack and jumps to that address (i.e. starts executing instructions from that address). Thus, the attacker has overwritten the return address with a pointer to the stack buffer char c[12], which now contains attacker-supplied data. In an actual stack buffer overflow exploit the string of "A"'s would instead be shellcode suitable to the platform and desired function. If this program had special privileges (e.g. the SUID bit set to run as the superuser), then the attacker could use this vulnerability to gain superuser privileges on the affected machine.[3] https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1547850118038-YY5LRCZX9RZ0G7SOHUO4/overflow.png Latest Posts - Blast from the Past: Memory Corruption - Loaded A normal program stack in foo() with various inputs (eg., hello) https://www.emergingdefense.com/blog/2019/1/20/device-backup-jepordizes-app-data monthly 0.5 2019-05-08 https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1547997074280-63QAPAWDMAFWE8Y155CQ/2000px-USB_Icon.svg.png Latest Posts - Device Backup Jepordizes App Data https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1547997195152-TSRYPUJSJQCAZT5BNQTM/Settings-Backup-Sync-icon.png Latest Posts - Device Backup Jepordizes App Data https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1547997032598-GMF6PF301SISYT304EY1/system_score.png Latest Posts - Device Backup Jepordizes App Data https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1547997132176-35OSQH3SA9HSIA6NTHFL/cloud.jpg Latest Posts - Device Backup Jepordizes App Data https://www.emergingdefense.com/blog/2019/1/20/download-a-website-via-git-config-errors monthly 0.5 2019-05-08 https://www.emergingdefense.com/blog/2019/2/4/ios-secure-development-guide monthly 0.5 2019-02-04 https://www.emergingdefense.com/blog/2019/3/14/sim-card-forensics monthly 0.5 2019-03-15 https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1552611219447-6NYUXALGVNTYRP6018LH/last_dial.png Latest Posts - SIM Card Forensics https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1552611102035-1WSF45FN00B3NLIRFMEA/att.png Latest Posts - SIM Card Forensics https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1552611173545-7CVBAACX462WEIOHL2WV/sim_file.jpg Latest Posts - SIM Card Forensics https://www.emergingdefense.com/blog/2019/5/8/the-zero-trust-mobile-security-model monthly 0.5 2019-05-08 https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1557338260489-BCKJZY9ABCSLBBN4TJ15/google_android.png Latest Posts - The Zero-Trust Mobile Security Model https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1557338362405-IQBIJQEPBRJCX205BJ1K/ios_upadte_9.0.2.jpg Latest Posts - The Zero-Trust Mobile Security Model https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1557337984532-EP4WJWBTHI97S3MJ3NWC/warning.png Latest Posts - The Zero-Trust Mobile Security Model https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1557338456341-AD94J5VBW1WROTJRZTMS/phone.jpg Latest Posts - The Zero-Trust Mobile Security Model https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1557338019813-5PT54MPYRZ5F27SAQ7UQ/AppSandbox.jpg Latest Posts - The Zero-Trust Mobile Security Model https://www.emergingdefense.com/blog/2019/5/8/your-phones-status-bar-is-tracking-you monthly 0.5 2019-05-08 https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1557341565828-YVPWWDU5NHZIRYMVCPQW/statusbar2.png Latest Posts - Your phone’s status bar is tracking you https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1557341521004-89TFONDOYR5TC78OKHUD/status.png Latest Posts - Your phone’s status bar is tracking you https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1557341482459-8E1AD8ZSJ6UBAZ52EJN1/untitled.png Latest Posts - Your phone’s status bar is tracking you https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1557341604445-OUKUV0TDY920N425APYH/statusbar3.png Latest Posts - Your phone’s status bar is tracking you https://www.emergingdefense.com/blog/2019/5/5/is-this-the-end-of-the-password monthly 0.5 2019-05-08 https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1557335491711-GIBWVDNBIDSU4FRAZVDS/endpassword.jpg Latest Posts - Is this the end of the password? https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1557336944476-FAQSYI3ZGI8B1C2AS5BF/user_score.png Latest Posts - Is this the end of the password? https://www.emergingdefense.com/blog/2019/5/8/letting-mobile-users-do-what-they-want-might-be-your-best-byod-security-strategy monthly 0.5 2019-05-08 https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1557341046663-IXTFA2DF9MHSWWRP1YJU/47335477_ml.jpg Latest Posts - Letting Mobile Users Do What They Want Might be Your Best BYOD Security Strategy https://www.emergingdefense.com/blog/2019/5/8/3-reasons-your-adaptive-authentication-is-too-dumb-to-protect-you monthly 0.5 2019-05-08 https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1557341294855-ZIWDV3DZ58X7SEDZ2UX0/48175665_m.jpg Latest Posts - 3 Reasons Your Adaptive Authentication is Too Dumb to Protect You https://www.emergingdefense.com/blog/2019/5/8/employees-are-using-personal-credentials-for-corporate-data monthly 0.5 2019-05-08 https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1557340869749-8F86UCLZBUVGNDG8V9HV/60013437_m.jpg Latest Posts - Employees are Using Personal Credentials for Corporate Data https://www.emergingdefense.com/blog/2019/5/8/bioencrypt-faq monthly 0.5 2019-05-08 https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1557343424532-GJABY0X4XGTQEQVS27BP/untitled.png Latest Posts - BioEncrypt FAQ https://www.emergingdefense.com/blog/2019/5/8/unbreakable-passwords-are-not-chosen-by-users-they-are-derived-from-their-lives monthly 0.5 2019-05-08 https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1557341853127-H3HU0AG9VPOY6OHQDS2R/unbreakablePasswords.jpg Latest Posts - Unbreakable Passwords Are Not Chosen By Users, They Are Derived From Their Lives https://www.emergingdefense.com/blog/2019/5/8/will-your-employer-pay-the-ransom-for-your-personal-data monthly 0.5 2019-05-08 https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1557342103507-9CAWUD4D8XB9JDF05W4K/ransome.jpg Latest Posts - Will Your Employer Pay the Ransom For Your Personal Data? https://www.emergingdefense.com/blog/2019/5/20/bootrom-versus-bootloader monthly 0.5 2019-05-20 https://www.emergingdefense.com/blog/2019/5/20/how-to-put-a-qualcomm-phone-into-edl-mode monthly 0.5 2019-05-20 https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1558393600772-0CA7TE1CGW8H2ZDLTUTA/openpst.JPG Latest Posts - Abusing Qualcomm EDL Mode for Device Capture https://www.emergingdefense.com/blog/tag/Memory+Corruption monthly 0.5 https://www.emergingdefense.com/blog/tag/Buffer+Overflow monthly 0.5 https://www.emergingdefense.com/blog/tag/C%2FC%2B%2B monthly 0.5 https://www.emergingdefense.com/blog/tag/Cloud+Security monthly 0.5 https://www.emergingdefense.com/blog/tag/Web+Application+Security monthly 0.5 https://www.emergingdefense.com/blog/tag/Git monthly 0.5 https://www.emergingdefense.com/blog/tag/Application+Security monthly 0.5 https://www.emergingdefense.com/blog/tag/embedded+device+security monthly 0.5 https://www.emergingdefense.com/blog/tag/AWS+Security monthly 0.5 https://www.emergingdefense.com/blog/tag/medical+device+security monthly 0.5 https://www.emergingdefense.com/home daily 0.75 2018-12-28 https://images.squarespace-cdn.com/content/v1/573cc03cc2ea51f428cb5dd6/1494428317951-R5DJD7STX2TGR03B66PV/20130731_Trade+100_0202.jpg Home - A Top 10 Service Here is a description of what makes your company unique. Pellentesque habitant ulcit mori netus et malesuada netus et malesuada. https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1546014690730-TU61K9DM30ZT4SUM07NB/cyber4.jpg Home https://images.squarespace-cdn.com/content/v1/573cc03cc2ea51f428cb5dd6/1470092977225-50P98KC41C7C07JVYJV3/image-asset.jpeg Home - Our Practice Description text. Proin gravida ex id consectetur lobortis. Aliquam ornare, velit vel faucibus dapibus, augue justo ullamcorper turpis. https://www.emergingdefense.com/home-1 daily 1.0 2019-01-20 https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1546023868915-YX3LBOQLP7JXI4AFJOYM/36370_technology_electronic_circuit.jpg Secure Better - Embedded Device Embedded devices from networked appliances to life saving medical devices have been neglected for far too long. Emerging Defense assists device manufacturers and customers to ensure their devices perform as expected with adequate security. Our practitioners reverse engineer these devices with an attacker mindset and identify vulnerabilities that can result in devastating data or life threatening consequences to users. https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1546023797107-ZCG0NF4N8WEOX5HSGSHS/cyber5.jpg Secure Better - Network & Application The targets may change, but we’ve done this for decades. https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1546023928963-ZVST6J9O3CG5FY8255HS/cyber7.png Secure Better - Advanced Threat Simulation Have you been phished? This service emulates real-world scenarios for measuring an organization’s effectiveness at detecting and responding to actual Tactics, Techniques and Procedures (TTP) used by advanced threat actors. We employ methodologies that accurately simulate a complete advanced threat lifecycle observed by targeted attacks against high profile organizations across the world. Emerging Defense will execute simulations against a target organization using zero prior knowledge, attempt to gain a foothold on the organization, and pivot through the internal network to simulate the devastating consequences advanced threats pose to highly regulated industries and organizations with mass amounts of sensitive data. https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1548001587808-0JC3DAHREZ1JAAQ5307B/owl.jpg Secure Better https://www.emergingdefense.com/new-page daily 0.75 2018-12-28 https://www.emergingdefense.com/contact daily 0.75 2019-01-20 https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1546025385050-2ZCRC5XIEHOCB7ZICCS4/cyber2.jpg _ https://www.emergingdefense.com/bioencrypt daily 0.75 2019-05-08 https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1555436569488-KBYIFXIWA7BC948UH3GI/iconfinder_blockchain_3218563.png BioEncrypt https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1555429423860-E86JDHCEMR1X2SMDPT9X/crypto.JPG BioEncrypt https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1555422974434-CAUMQY834AFE7DE6HUTC/appstore4.jpg BioEncrypt https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1555423006753-7HTUMTTKUZBHCLKHMBF5/appstore3.jpg BioEncrypt https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1555423181832-IMJCNVE5XI9B1UM5LB4L/trustscore.png BioEncrypt https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1555438272493-8ABLJQJQD6I0ZG2TJOWO/thermometer_small.jpg BioEncrypt https://images.squarespace-cdn.com/content/v1/5c25301f89c17295888e5c24/1555429072494-NL970VWT99QAUH3BIUN3/image-asset.jpeg BioEncrypt