The Watering Hole: Is it Safe to Drink?

How many times have you been told you have a vulnerability that you just don’t understand  its relevancy?  Cross-Site scripting comes to mind for many people.   Sure, they get the fact that you can execute scripts in the user’s browser, but often times they really don’t fully understand the impact.  Of course, we determine that …

The Watering Hole: Is it Safe to Drink? Read More »

Professionally Evil: Your Stealth Startup is Showing

During our penetration tests we often get asked about the amount of information that is leaking out via social networks, web pages and the like.  In fact the first step in our methodology is Recon where we search the Internet and social networks for information about the company we are targeting.  It is sometimes surprising what we find when …

Professionally Evil: Your Stealth Startup is Showing Read More »

Professionally Evil Perspective Podcast:Misconfigurations and Default Credentials

So we are at it again!  James Jardine, Jason Wood and I were at BSides Orlando this weekend and decided to take the opportunity to record the latest episode of the Professionally Evil Perspective (even if Jason doesn’t necessarily remember the title of the podcast completely!). As with the previous ones, we try to dig …

Professionally Evil Perspective Podcast:Misconfigurations and Default Credentials Read More »

GSA Database May Have Leaked Information: Kevin Johnson was Interviewed

Recently it was announced that there was a security flaw found in one of the GSA systems that could have allowed for vendors to see other vendor information.  The original article, which you can read in its entirety, can be found at GSA Database May Have Leaked Contractor Banking and Proprietary Information.  Kevin Johnson, CEO, …

GSA Database May Have Leaked Information: Kevin Johnson was Interviewed Read More »

Scroll to Top