Feed cleverhans-blog [copy] http://www.cleverhans.io/feed.xml has loading error: cURL error 22: The requested URL returned error: 404
Feed Security (b)log [copy] http://securityblogru.livejournal.com/data/rss has loading error: cURL error 22: The requested URL returned error: 403 Forbidden
Pwn My Ride: Jailbreaking Cars with CarPlay (god2025)
Apple CarPlay is a widely known protocol that connects smartphones to car multimedia systems. Based on AirPlay, CarPlay is installed in millions of cars, as it is supported by hundreds of car models from dozens of different manufacturers across the globe. In our talk, we will share how we managed to exploit all devices running CarPlay using a single vulnerability we discovered in the AirPlay SDK. We'll take you through our entire exploit development process from identifying the vulnerability, to testing it on a custom device emulator, and finally, executing the exploit on actual devices....
Der Cyber Resilience Act: Wie OWASP für die Software-Hersteller eine entscheidende Rolle spielen kann (god2025)
Der Cyber Resilience Act, kurz CRA, ist eine neue Verordnung der EU und tritt im Dezember 2027 vollständig in Kraft. Das Kernelement der Verordnung ist die Softwaresicherheit für alle so genannten „Produkte mit digitalen Elementen“, die auf dem EU-Markt kommerziell angeboten werden. Diese umfassen sowohl vernetzte Hardware-Produkte, in denen Firmwares laufen, als auch reine Softwareprodukte. Die Anforderungen an die Software-Hersteller erstrecken sich von grundsätzlichem „Security by Design“ und „Secure by Default“, über Bedrohungsanalysen der Software bis hin zu verpflichtendem Patching und Schwachstellenmanagement. Die Themen klingen irgendwie familiär? Kein Wunder, denn eine ganze Reihe von Projekten...
MCP security hot potato: how to stay secure integrating external tools to your LLM (god2025)
Model Context Protocol (MCP) is the latest hot topic in cybersecurity. Business wants it (AI is the new mantra), developers are excited (new toys, new code), and security teams are left to make it safe—often with already packed schedules. Let's treat it like just another Tuesday. Like many shiny new technologies (remember the early days of cloud?), MCP is being built with a “features first, security later” mindset. As a fresh piece of tech, it blends novel vulnerabilities with familiar, well-known ones. If you're an early adopter, it's important to accept that MCP and...
All the WAF power to the devs - why it reduces friction… and where it backfires (god2025)
Web application firewalls are often seen as a hindrance when going live, as perimeter WAFs can clash with GitOps-driven platforms. Empowering development teams with an application-centric WAF setup allows them to run and tune the WAF throughout the entire development lifecycle. It also enables full integration into any CI/CD pipeline or GitOps approach, reducing late surprises during deployment. In this talk, we demonstrate the application-centric approach with Envoy Proxy, OWASP Coraza, and the OWASP Core Rule Set (components are examples and interchangeable; focus is on principles and selection criteria), and take you along our real-world...
News from the Juice Shop ecosystem (god2025)
OWASP Juice Shop went through some significant renovation and enhancements over the last year in order to keep current with the underlying Node.js and Angular frameworks. MultiJuicer was entirely rewritten in GoLang and is now faster and more reliable than ever before. All Juice Shop side-projects have been migrated to TypeScript and brought to a common stack for testing and code linting. But the team did not only clean up and refactor behind the scenes. There are also lots of exciting new features and enhancements available, such as: Several new hacking challenges, e.g. a YAML memory...
How we hacked Y Combinator companies' AI agents (god2025)
We hacked 7 of the16 publicly-accessible YC X25 AI agents. This allowed us to leak user data, execute code remotely, and take over databases. All within 30 minutes each. In this session, we'll walk through the common mistakes these companies made and how you can mitigate these security concerns before your agents put your business at risk.
Licensed to the public under https://creativecommons.org/licenses/by-sa/4.0/
about this event: https://c3voc.de
Video:god2025-56489-eng-How_we_hacked_Y_Combinator_companies_AI_agents_hd.mp4
The Surprising Complexity of Finding Known Vulnerabilities (god2025)
With the increasing reliance on third-party software components, ensuring their security against known vulnerabilities has become a daily challenge for individuals and organizations. Despite the availability of a variety of tools and databases, we found all of them fall short when applied to real-world scenarios - raising questions about their effectiveness, generalizability, and practical utility. Starting from our perspective as penetration testers, we identified three main problems with...
Continuous Vulnerability Scanning with OWASP secureCodeBox (god2025)
The OWASP secureCodeBox project aims to provide a unified way to run and automate open-source scanning tools like nmap, nuclei, zap, ssh-audit, and sslyze to continuously scan the code and infrastructure of entire organizations. This allows setting up automated scans that will regularly scan internal networks and internet-facing systems for vulnerabilities. The SCB also allows defining rules to automatically start more in-depth scans based on previous findings, e.g., to start a specialized SSH scan if a port scan discovers an open SSH port. Scan results can be uniformly handled with prebuilt hooks, e.g. to send out...
YuraScanner: Leveraging LLMs for Task-driven Web App Scanning (god2025)
Web application scanners are popular and effective black-box testing tools, automating the detection of vulnerabilities by exploring and interacting with user interfaces. Despite their effectiveness, these scanners struggle with discovering deeper states in modern web applications due to their limited understanding of workflows. This study addresses this limitation by introducing YuraScanner, a task-driven web application scanner that leverages large-language models (LLMs) to autonomously execute tasks and workflows. YuraScanner operates as a goal-based agent, suggesting actions to achieve predefined objectives by processing webpages to extract semantic information. Unlike traditional methods that rely on user-provided traces, YuraScanner...
Phishing for Passkeys: An Analysis of WebAuthn and CTAP (god2025)
WebAuthn was supposed to replace swords on the web: uniform, secure, manageable authentication for everyone! One of its unique selling points was supposed to be the impossibility of phishing attacks. When passkeys were introduced, some of WebAuthn's security principles were watered down in order to achieve some usability improvements and thus reach more widespread adoption. This presentation discusses the security of passkeys against phishing attacks. It explains...