Hacker News
- Event-driven access to my home after a run https://randywestergren.com/event-driven-access-to-my-home-after-a-run/ 78 comments
- A closer look at recent HTTP/2 vulnerabilities affecting Kubernetes and others https://randywestergren.com/a-closer-look-at-recent-http-2-vulnerabilities-affecting-k8s-and-other-implementations/ 6 comments
- Rave Panic Button: Vulnerabilities in a Nationwide Emergency Alert System https://randywestergren.com/rave-panic-button-vulnerabilities-nationwide-emergency-alert-system/ 27 comments
- Widespread XSS Vulnerabilities in Ad Network Code http://randywestergren.com/widespread-xss-vulnerabilities-ad-network-code-affecting-top-tier-publishers-retailers/ 36 comments
- Widespread XSS Vulnerabilities in Ad Code Affecting Top Tier Publishers http://randywestergren.com/widespread-xss-vulnerabilities-ad-network-code-affecting-top-tier-publishers-retailers/ 2 comments
- Cutting the Lights: Vulnerabilities in a Billboard Lighting System http://randywestergren.com/cutting-the-lights-vulnerabilities-in-a-billboard-lighting-system/ 5 comments
- Reverse Engineering the Subway Android App http://randywestergren.com/reverse-engineering-the-subway-android-app/ 9 comments
- Critical Vulnerability in Verizon Mobile API Compromising User Email Accounts http://randywestergren.com/critical-vulnerability-verizon-mobile-api-compromising-user-email-accounts/ 16 comments
- Men's Wearhouse Perfect Fit App Vulnerability Exposing Customer Information http://randywestergren.com/mens-wearhouse-perfect-fit-app-vulnerability-exposing-customer-information/ 5 comments
Lobsters
- Unauthenticated Remote Code Execution in Motorola Baby Monitors https://randywestergren.com/unauthenticated-remote-code-execution-in-motorola-baby-monitors/ 2 comments security
- Reverse Engineering Watermarks on a Professional Photography Platform https://randywestergren.com/reverse-engineering-watermarks-on-a-professional-photography-platform/ 2 comments programming
- Unauthenticated Remote Code Execution in Motorola Baby Monitors [FIXED] https://randywestergren.com/unauthenticated-remote-code-execution-in-motorola-baby-monitors/ 5 comments netsec
- XSS Vulnerabilities in Multiple iFrame Busters Affecting Top Tier Sites https://randywestergren.com/xss-vulnerabilities-in-multiple-iframe-busters-affecting-top-tier-sites/ 16 comments netsec
- Compromising OpenDrive's Cloud Storage Accounts – Or How Not to Design Session Management https://randywestergren.com/compromising-opendrives-cloud-storage-accounts-or-how-not-to-design-session-management/ 3 comments netsec
- Reverse Engineering the OBi200 Google Voice Appliance: Part 1 https://randywestergren.com/reverse-engineering-obi200-google-voice-appliance-part-1/ 11 comments netsec
- Bright City: A Highly Insecure Police and Municipal Government App https://randywestergren.com/bright-city-highly-insecure-police-municipal-government-app/ 26 comments netsec
- XSS over SMS: Hacking Text Messages in Verizon Messages [FIXED] https://randywestergren.com/xss-sms-hacking-text-messages-verizon-messages/ 4 comments netsec
- Rave Panic Button: Vulnerabilities in a Nationwide Emergency Alert System https://randywestergren.com/rave-panic-button-vulnerabilities-nationwide-emergency-alert-system/ 6 comments netsec
- Persistent XSS in Verizon's Webmail Client https://randywestergren.com/persistent-xss-verizons-webmail-client/ 14 comments netsec
- Widespread Vulnerable Ads Part Two: Flash Edition (Facebook’s LiveRail, Akamai, Adobe products affected) https://randywestergren.com/widespread-vulnerable-ads-part-two-flash-edition-facebooks-liverail-akamai-adobe-products-affected/ 3 comments netsec
- Multiple Vulnerabilities in Worldpay’s Merchant Portal https://randywestergren.com/compliance-strikes-multiple-vulnerabilities-worldpays-merchant-portal/ 6 comments netsec
- Widespread XSS Vulnerabilities in Ad Network Code Affecting Top Tier Publishers, Retailers http://randywestergren.com/widespread-xss-vulnerabilities-ad-network-code-affecting-top-tier-publishers-retailers/ 47 comments netsec
- Hijacking Verizon FiOS Accounts [FIXED] http://randywestergren.com/hijacking-verizon-fios-accounts/ 18 comments netsec
- Reverse Engineering the Yik Yak Android App http://randywestergren.com/reverse-engineering-the-yik-yak-android-app/ 25 comments netsec
- Cutting the Lights: Vulnerabilities in a Billboard Lighting System http://randywestergren.com/cutting-the-lights-vulnerabilities-in-a-billboard-lighting-system/ 29 comments netsec
- United Airlines left a technical bug open for six months after they knew about it that could leak personal info and potentially endanger travelers, where's the FAA or DOJ? http://randywestergren.com/united-airlines-bug-bounty-an-experience-in-reporting-a-serious-vulnerability/ 4 comments politics
- United Airlines Bug Bounty: An experience in reporting a serious vulnerability http://randywestergren.com/united-airlines-bug-bounty-an-experience-in-reporting-a-serious-vulnerability/ 45 comments netsec
- Reverse Engineering the Subway Android App http://randywestergren.com/reverse-engineering-the-subway-android-app/ 62 comments netsec
- Z-Way Controller Home Automation Part 2: An Analysis of Publicly Vulnerable Gateways http://randywestergren.com/z-way-home-automation-part-2-an-analysis-of-publicly-vulnerable-gateways/ 4 comments netsec
- Attacking Z-Way Controlled Home Automation Devices http://randywestergren.com/attacking-z-way-controlled-home-automation-devices/ 41 comments netsec
- Wawa Rewards Gift Card Takeover Vulnerability [FIXED] http://randywestergren.com/wawa-rewards-gift-card-takeover-vulnerability/ 3 comments netsec
- How I Cracked Trivia Crack http://randywestergren.com/how-i-cracked-trivia-crack/ 22 comments programming
- How I Cracked Trivia Crack http://randywestergren.com/how-i-cracked-trivia-crack/ 90 comments netsec
- Visa Gift Card Transactions Exposed by GoWallet Vulnerability [FIXED] http://randywestergren.com/visa-gift-card-transactions-exposed-gowallet-vulnerability/ 15 comments netsec
- Delmarva Power (Pepco) Account Takeover Vulnerability http://randywestergren.com/delmarva-power-pepco-account-takeover-vulnerability/ 3 comments netsec
- Marriott vulnerability exposing hotel reservations and payment info [FIXED] http://randywestergren.com/marriott-hotel-reservations-payment-information-compromised-web-service-vulnerability/ 5 comments netsec
- Verizon email accounts compromised by API vulnerability [FIXED] http://randywestergren.com/critical-vulnerability-verizon-mobile-api-compromising-user-email-accounts/ 24 comments netsec
- Responsible Disclosure of Men's Wearhouse Perfect Fit App Vulnerability Exposing Customer Information http://randywestergren.com/mens-wearhouse-perfect-fit-app-vulnerability-exposing-customer-information/ 16 comments netsec
- A Raspberry Pi Traffic Light with Capistrano Integration http://randywestergren.com/raspberry-pi-traffic-light-capistrano-integration/ 10 comments raspberry_pi
- Vulnerability in MyFitnessPal's Undocumented API http://randywestergren.com/vulnerability-myfitnesspals-undocumented-api/ 24 comments netsec