David Fletcher // Recently, while assessing a web application I noticed content on one of the pages that appeared to be derived from sensitive information stored within the site’s user profiles. To evaluate this functionality and illustrate the potential for sensitive information leakage I needed to: Enumerate the values on my profile page to create […]
Derek Banks // More than occasionally I am asked how to get into Information Security as a profession. As attacks and breaches continue to escalate in frequency the demand rises for information security talent. I also frequently hear from those in a hiring role that it is hard to find people with the right skill set. […]
Dakota Nelson // It’s become more and more common lately to see advanced attackers using legitimate internet channels to move data in and out of networks. Social networks such as Twitter and Tumblr, utilities such as Dropbox and Soundcloud, and even business tools such as Salesforce and Google Docs can all be used as channels […]
Brian Fehrman //
John Strand // AV is Dead Long Live Whitelisting. We have been discovering more and more of our tests bypass AV controls with ease. We have yet to see any iteration or vendor in the blacklist space who is adequately preventing attacks using simple blacklist solutions. What needs to be done in this industry is a move towards a whitelisting […]
John Strand // There have been quite a few articles lately on how compliance standard X or Y is broken. Unfortunately, this often leads to blaming the nameless and faceless people behind the standards. It is easy to simply say they are dullards and not fit to be setting any agenda relating to computer security. While this may be […]
Joff Thyer // Many of us in the penetration testing community are used to scenarios whereby we land a targeted phishing campaign within a Windows enterprise environment and have that wonderful access into the world of Windows command line networking tools. You get your shell and before you know it, you are ready to […]
Joff Thyer // When performing a penetration of test of organizations with Windows desktops, many testers will now resort to using tools like Veil’s Powershell Empire in order to inject shellcode directly into memory. Without doubt, this is a fantastic technique as it avoids writing to disk and running headlong into a direct hit […]
Carrie Roberts // Continuing on the thread of highlighting Nessus vulnerability scan results that turned out to be more severe than reported . . . I always review the “Info” level “Service Detection” finding reported by Nessus, particularly any web servers that it lists because there are often blatant security issues hidden in there. This is as […]
