Privacy Hardening with DNSSEC, TLS 1.3 and Encrypted SNI for your Browser

The amount of private data being collected through networked devices is astounding. Profiles compiled from this information are leveraged to optimize active marketing campaigns. There is little that can be done as an individual in attempt to back peddle against this current. We should be more protective of our personal data as in the wrong hands, it can be used against us. Continue reading “Privacy Hardening with DNSSEC, TLS 1.3 and Encrypted SNI for your Browser”

URGENT/11 VxWorks RTOS

A set of vulnerabilities has been discovered in VxWorks RTOS making it possible to exploit the operating system on over 800,000 devices connected to the web. The 11 vulnerabilities vary in severity and type, the most interesting of the bunch being a stack overflow in their IPnet TCP/IP stack. With a specially crafted IPv4 packet, it is possible for an attacker to force a stack overflow and reach unauthenticated RCE on the vulnerable devices. Continue reading “URGENT/11 VxWorks RTOS”