It has been a while since I did a CTF so i decided to dive into one and I selected the Bulldog CTF created by Nick Frichette, you can find it here https://www.vulnhub.com/entry/bulldog-1,211/. It was a great exercise that helped remind me of some basic things to check when doing pen tests or CTFs. I […]
You know what I’m thankful for? Target. Where else are you going to find a 6 shelf, 80 inch bookcase for $35? Sure, it’s made of cheap wood and sways I bit if I bump into it, but hell… I gotta display my excessive collection of books some how. If I’m going to spend a […]
The security community has a lot of perks, low unemployment, lots of excitement, new challenges every day, and an endless supply of things to learn. However not everyone likes what we do and not everyone likes to listen to us, ever. There are so many bugs out there that a large amount of us like […]
Apple ends QuickTime for Windows support as 2 high-severity vulnerabilities are disclosed by the Zero Day Initiative (ZDI).
Jeremy Brown gave an awesome presentation at DEFCON 18 about Exploiting SCADA systems. That was almost 7 years ago. Several other industry professionals including my self have given presentations on defending, security, and exploiting these systems. They are all posted online and you can access them for free. All of these talks highlight a common […]
Everyone knows about the end result of a hack whether it is by a exploit, malware or a successful social engineering attack. But what goes into these attacks? What is the first point of compromise on a system? We can steal a user’s credentials with a carefully crafted webpage or email. However what delivers malware, or an exploit […]
Human nature is amazing. I can tell you that there are a million stars in the sky and you will believe me. I can tell you that the paint on the wall is wet, and 8 out of 10 people will touch it to make sure. Social engineering and phishing email scams are part of […]
You gear up for another exciting day in infosec, walk into your building, sit at your cube and open up your email. If you’re like me you also browse social media feeds for the latest news in cybersecurity. That is when you see it, the next named bug…..heartbleed, shellshock, poodle, ghost, and now badlock. You sigh, […]
Look AppSec people, I know you just love dealing with development teams. I know the best part of my day is logging into my computer to be greeted by 3 “we don’t think this vulnerability is an issue” emails. Believe me, I’m sure they share the same warm, fuzzy feelings about us as well. But […]
At this point, I’m sure you’ve all heard about Apple’s on-going fight with the FBI over allowing backdoors into iPhones. In the world of cyber security, encryption, and privacy, this is the battle that will set the tone for the impending war. I have an enormous amount of respect for Apple’s CEO, Tim Cook. In an […]
Hack-Ed 