Software Integrity Blog

Author Archive

Luke Arntson

larntson

Luke Arntson is an associate principal consultant with 11 years of experience in a variety of roles including software engineer, front-end developer, and technical lead. Luke has worked with a number of Fortune 500 companies, including financial institutions, graphics card makers, and coffee distributors. At Synopsys, he has overseen and performed thick client assessments, web penetration tests, source code reviews, mobile assessments, hardware assessments, and manual ethical hacking tests of systems built from a few thousand lines of code to systems containing tens of millions of lines of code C/C++, Java, PHP, ASP.NET, and C#. Luke has an extensive background in Windows security and circumvention, including UAC and token passing techniques, binary reverse engineering, and security tool writing.


Posts by Luke Arntson:

 

What you need to know about BlueBorne Bluetooth flaws

As of Sept. 12, 2017, much of the code vulnerable to BlueBorne Bluetooth attacks remains unpatched. Learn what you can do to secure your code.

Continue Reading...

Posted in Fuzz Testing, IoT Security, Static Analysis (SAST) | Comments Off on What you need to know about BlueBorne Bluetooth flaws

 

3 tips to ramp up your mobile application security

Modern mobile device users often have their devices tightly integrated into daily life. From banking apps to social media feeds, these applications are high visibility targets for hackers and thieves looking to exploit weaknesses or hijack vulnerabilities. By ramping up mobile app security, vendors ensure the safety and security of their users and their infrastructure. Recent mobile attacks and vulnerabilities The latest high-profile mobile threat is the Broadpwn attack. This threat targets the Broadcom chipset used in many popular mobile devices. Broadpwn takes advantage of low-level communications combined with flaws in the Android platform. Thus, allowing a malicious payload to travel from one phone to the next virtually undetected. Fuzz testing tools are an ideal method of detecting this type of flaw.

Continue Reading...

Posted in Mobile App Security | Comments Off on 3 tips to ramp up your mobile application security