This week again, we publish a list of research worth reading! Make sure you check it out!
❤️ PHRACK IS BACK
The latest issue of Phrack is now available! That should keep you busy for a few days: Phrack #71.
📖 OpenSSH Backdoors
A bit of OpenSSH history and modern days mix in this great article from Ben Hawkes: OpenSSH Backdoors.
🤙 “YOLO” is not a valid hash construction
If you like crypto-attacks like length extensions, you will love this article from the Trail of Bits team: “YOLO” is not a valid hash construction.
🍊 Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!
It’s rare to come across some high quality content like this blog post from Orange Tsai on their research into Apache HTTPd: Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!
👉 AppSec eZine #549
AppSec eZine is back with issue #549.
