Open in app

Sign In

Write

Sign In

Faraday Team
Faraday Team

71 Followers

Home

About

Published in Faraday

·Jan 13

Faraday CTF 2022 Write-up: Reverse Engineering and Exploiting an IoT bug.

At the beginning of November this year, in Buenos Aires, Argentina, Faraday had the privilege to be a sponsor of the EKOParty security conference. As other sponsors, we had to build a couple of challenges for the CTF. Ours had six challenges, from web vulnerabilities to exploits in embedded devices…

Io T

5 min read

Faraday CTF 2022 Write-up: Reverse Engineering and Exploiting an IoT bug.
Faraday CTF 2022 Write-up: Reverse Engineering and Exploiting an IoT bug.
Io T

5 min read


Published in Faraday

·Jan 13

Prioritizing: making your Vulnerability Management Manageable

We orchestrate many scanners results at Faraday into the same pipeline. This is how the process starts, but then we devote some time to deciding the importance or urgency of a vulnerability for our company. …

Scoring

4 min read

Prioritizing: making your Vulnerability Management Manageable
Prioritizing: making your Vulnerability Management Manageable
Scoring

4 min read


Published in Faraday

·Jan 13

Exploring the Hidden Attack Surface of OEM IoT devices live talk — English & Spanish

Watch our researcher’s live talk in our YouTube channel By 2023, the number of devices connected to IP networks will be more than three times the number of people worldwide. Moreover, more people are working from home due to the pandemic. Because of this, the security of a company’s network also depends on the security of the home network…

Iot Vulnerability

1 min read

Exploring the Hidden Attack Surface of OEM IoT devices live talk — English & Spanish
Exploring the Hidden Attack Surface of OEM IoT devices live talk — English & Spanish
Iot Vulnerability

1 min read


Published in Faraday

·Jan 13

Our team’s vulnerabilities disclosures 2022

Our cybersecurity researchers devote time to reporting vulnerabilities in open-source projects we use every day, but our interests are also linked with IoT, pervasive products that are part of our life. So far, so long, these are the CVEs we reported this year. …

Vulnerability

1 min read

Our team’s vulnerabilities disclosures 2022
Our team’s vulnerabilities disclosures 2022
Vulnerability

1 min read


Published in Faraday

·Jan 13

A vulnerability in Realtek´s SDK for eCos OS: pwning thousands of routers

When it comes to seeking vulnerabilities, we are professionals at it. It is in our DNA. We have a history of looking for vulns and there are certainly quite a few that we are very proud of. This time, our team’s latest discovery went big and made it to DEFCON…

5 min read

A vulnerability in Realtek´s SDK for eCos OS: pwning thousands of routers
A vulnerability in Realtek´s SDK for eCos OS: pwning thousands of routers

5 min read


Published in Faraday

·Sep 6, 2022

AWS Common Issues — Part 2

Credentials on EC2 Instances If you ever developed any web application with a certain degree of complexity you must have realized that at some point you also need to store credentials, tokens, secrets, and sensitive information on these applications. In an AWS environment, these applications usually run in EC2 instances…

Aws Ec 2

6 min read

AWS Common Issues — Part 2
AWS Common Issues — Part 2
Aws Ec 2

6 min read


Published in Faraday

·Jul 26, 2022

Cybersecurity is a secondary objective, and that’s what we’ve been getting wrong.

A programmer is close to a deadline and must work fast. For this one time, they choose to skip certain security protocols. They promise not to do so again but fail to accomplish it. A rapidly growing business must choose where to locate its budget. They may continue developing their…

5 min read

Cybersecurity is a secondary objective, and that’s what we’ve been getting wrong.
Cybersecurity is a secondary objective, and that’s what we’ve been getting wrong.

5 min read


Published in Faraday

·Jul 6, 2022

Continuous testing, continuous security

A talk with our Red Team lead, Gabriel Franco Hi Gabriel! We’d like to know more about your background and journey at Faraday Security. How did you enter the cybersecurity world, and what do you enjoy the most about it? -I sometimes define myself as a failed soccer player. When…

Continuous Security

4 min read

Continuous testing, continuous security
Continuous testing, continuous security
Continuous Security

4 min read


Published in Faraday

·Jun 16, 2022

Top 5 security tips: AWS Cloud Infrastructure

Are you trying to improve your security posture on AWS? Read the following recommendations and tips below to avoid these common cloud security issues. This top 5 has been created by our Security Consulting team, based on real-world experience from diverse assessments performed during the last years. 1. Logging One…

Cloud

5 min read

Top 5 security tips: AWS Cloud Infrastructure
Top 5 security tips: AWS Cloud Infrastructure
Cloud

5 min read


Published in Faraday

·May 12, 2022

Password strength

What XKCD passwords comic teaches us about security as a whole Passwords are the first aspect of computer security we think about (and for plenty of people, the only one). …

Devsecops

4 min read

Password strength
Password strength
Devsecops

4 min read

Faraday Team

Faraday Team

71 Followers

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech