Month: March 2013

GSA Database May Have Leaked Information: Kevin Johnson was Interviewed

Recently it was announced that there was a security flaw found in one of the GSA systems that could have allowed for vendors to see other vendor information.  The original article, which you can read in its entirety, can be found at GSA Database May Have Leaked Contractor Banking and Proprietary Information.  Kevin Johnson, CEO, …

GSA Database May Have Leaked Information: Kevin Johnson was InterviewedRead More »

Tactical Security Ops at Black Hat 2013

Kevin Johnson and John Strand recently gave a presentation at RSA 2013 titled “Tactical Sec Ops: A Guide to Precision Security Operations.”  Not surprisingly, this has been something that we’ve been talking quite a bit about internally.  So much so that Secure Ideas will be teaching Tactical Security Ops at Black Hat USA.  We initially …

Tactical Security Ops at Black Hat 2013Read More »

Who are We: Kevin Johnson

So here at Secure Ideas we have decided to do a small series of posts.  The purpose of these posts is to provide a quick introduction to each of the consultants on staff.  Its kind of a fun and quick post. Please feel free to reach out to each of us with any comments or …

Who are We: Kevin JohnsonRead More »

Admin Consoles, Default Creds, and Sweet Pwnage

When performing internal network penetration tests, one thing that really gets us excited is finding administrative consoles.  Tomcat and PHPMyAdmin are two of the most common that I’ve found from my experience.  The reason we get excited is that many of these consoles have never had the default credentials changed.  Why?  Because they’re on the …

Admin Consoles, Default Creds, and Sweet PwnageRead More »

Podcast Show Notes: Why are Passwords so Difficult

Kevin and James just finished up recording episode 2 of the Professionally Evil Perspective podcast.   In this episode there is a brief discussion from Kevin on his experience at RSA and then we start talking about the topic of passwords.  Although we are now into 2013, passwords still are a very hot topic.  This is …

Podcast Show Notes: Why are Passwords so DifficultRead More »

Ninja Developers Webcast Trilogy Overview

Over the past three months, James Jardine and Kevin Johnson were featured in a webcast trilogy titled “Ninja Developers.”  The series was presented through the SANS Institute and an archive of each episode can be found on the SANS website (links provided below).  The purpose of the presentations is to reach out to developers and …

Ninja Developers Webcast Trilogy OverviewRead More »

Scroll to Top