Calif
Subscribe
Sign in
Home
Visit Calif
Archive
About
A history of device-bound cookies
The recent announcement from Google about Device Bound Session Credentials (DBSC) sent me down memory lane.
Aug 24
•
Thai Duong
7
Latest
Top
Discussions
“Vibe Hacking”: Abusing Developer Trust in Cursor and VS Code Remote Development
Update: Mauro Soria pointed out that this attack vector can be easily adapted for phishing scenarios:
Aug 18
15
Partnering with Google to Strengthen Open-Source Crypto: An Mbed TLS Security Audit
By Linh Le and Ngan Nguyen
Jul 5
6
Oracle SSO, SOS
You've probably seen the news: Oracle Cloud got popped, exposing 6 million records from over 140,000 tenants.
Apr 8
•
Thai Duong
10
1
YouTube Threat Modeling
Last week, we delivered our first training session with YouTube engineers on the attacker's mindset and threat modeling.
Mar 25
•
Thai Duong
11
Calif Ski Team
In Vietnam, we have three seasons: hot, hotter, and damn hot!
Jan 2
•
Thai Duong
6
CVE-2024-10382: Arbitrary code execution in Android Auto and various apps
In July 2024, Google engaged Calif to audit Android Automotive OS (AAOS) and Android Auto.
Dec 18, 2024
•
Khanh
and
Linhlhq
10
2
What we do when we aren't hacking you
In my last year as a teenager, I worked as an IT assistant for Mr.
Nov 30, 2024
•
Calif
5
See all
Calif
About
Archive
Sitemap
