How to Manipulate Riddle Votes

DISCLAIMER: Don’t do this! Lots of websites like the BBC use to poll their readers’ opinions. It doesn’t seem like Riddle creates a nonce or token for any new vote so it’s simple AF to game it. All you need is Chrome Dev Tools and a Bash terminal. From today’s research I noticed aContinue reading “How to Manipulate Riddle Votes”

Digital Medical Device Security Assessments

Lately I’ve been heavily involved in assessments on a couple of different medical devices. I can’t lay down specifics on the types of device or the companies at the moment but you can use your imagine. The devices are of the ‘smart’ genre and the end-user is a patient with health concerns. These assessments haveContinue reading “Digital Medical Device Security Assessments”

[Wire Security] Threat Modelling using STRIDE

This is a cross-post from I’ve worked on a couple of threat modelling jobs for Wire-Security. We take a STRIDE approach to the methodology. You’ll come across many resources online from other bloggers etc. that will be a much more comprehensive guide for some people but I’m going to keep it simple here, and hopefullyContinue reading “[Wire Security] Threat Modelling using STRIDE”

[Wire Security] How to Pentest Mobile Apps in 2020 – A Sensible Approach

This is a cross-post from Introduction I’m James and I’m a consultant here at Wire Security. I’ve been an app developer since 2012 and I’m just getting started in my career in security. I’ve always felt like a hacker and these days I’m over the moon to actually be one! I’m going to be writing more articles hereContinue reading “[Wire Security] How to Pentest Mobile Apps in 2020 – A Sensible Approach”