Break&Build SecurityOWASP Global AppSec Dublin 2023I gave my talk about [T]OTP brute forcing in OWASP Global AppSec Dublin in February 2023, I had given a similar talk in DEFCON 2022, and…2 min read·Feb 28, 2023----
Break&Build SecurityDEFCON30: AES GCM common pitfalls and how to work around themI wanted to share one of the talks I gave at DEFCON30, 2022, “AES GCM common pitfalls and how to work around them”. It was presented live…1 min read·Aug 24, 2022----
Break&Build SecurityPatent: “Verifying incoming communications”I’m happy to announce the patent I co-wrote as lead inventor along with Lucas Vidal, and Serge Kruppa is finally published.3 min read·Jul 30, 2022----
Break&Build SecurityFixing vulnerabilities in WAF is OK, right?A few weeks ago I had a discussion with a Principal Software Engineer on the best strategy to patch a vulnerability, they insisted on WAF…6 min read·May 3, 2022--1--1
Break&Build SecurityinSystem WeaknessDefeating OTP through probabilistic attacks and how to mitigateYou likely receive OTPs (one-time-passwords) all the time, usually in the form of an SMS with a 4 to 8 digit code in it. Pretty common when…7 min read·Mar 21, 2022----
Break&Build SecurityMoving to Medium (for now)After many years of blogging in Blogspot, I’m finally moving out of it. It didn’t feel like a modern platform anymore (for a long time…1 min read·Mar 21, 2022----