making security even easier

Phishing the unphishable — FIDO security keys PIN stealer attack

Cybersecurity professionals and researchers worldwide (including myself) keep promoting using FIDO keys as the authentication method having the highest security level. While I agree with this, there i [...]

TOTP replay attack — Yubikey et al.

I have recently stumbled upon several articles with rather clickbait titles stating that some models of FIDO keys were compromised. If you are not aware, this was a successful attempt by Ninj [...]

MS Teams - Direct Routing -Ribbon SBC – SWe Lite - Microsoft's certificate issue

A small note on the Ribbon SBC – SWe Lite configuration.  Ribbon Communications Session Border Controller Software Edition Lite (SBC SWe Lite) is marketed as the easiest way to connect and [...]

Doctoral Thesis : Context-aware multifactor authentication for the augmented human

Multi-factor authentication is currently one of the de-facto standards for systems requiring strong security. In most of the cases, multi-factor authentication is rather complex and not very user-frie [...]

Web Vulnerability-Based Spear PhishingA Modern Combination of Tools in Cyberterrorism

I have contributed to CRC Press' "Online Terrorist Propaganda, Recruitment, and Radicalization". This chapter describes a number of different techniques that modern attackers use to enh [...]

Hardware TOTP tokens with time synchronization

Although many users nowadays prefer to use mobile applications for TOTP, there are still use cases for separate/isolated standalone hardware TOTP devices. For various technical restrictions, such as t [...]

How to use hardware tokens with Azure MFA

While hosted MFA server (Azure MFA Server) supports any TOTP tokens, however, cloud Azure MFA is currently not supported. Microsoft has announced that this feature is currently in development, but the [...]

Beacon Authpath: Augmented Human Path Authentication

BLE (Bluetooth Low Energy) beacons are being deployed in smart cities, especially to augment the shopping experience of customers in real outlets. Thus, humans, as they walk in cities, pass by differe [...]

G+ profile

follow me : github, habrahabr , linkedin
Feel free to contact me directly :
emin --at huseynov --dot com

Other projects

Google authenticator for Citrix StoreFront
Google authenticator for Citrix Web Interface 5.4
MOTP App with QR based enrolment

Not security related