Apple ends QuickTime for Windows support as 2 high-severity vulnerabilities are disclosed by the Zero Day Initiative (ZDI).
The cornerstone of every effective ethical hacker is the establishment of their virtual lab environment in order to conduct all kinds of operations from penetration testing known vulnerable servers to analyzing malware in a controlled environment. By our very nature as white hat hackers we do not attack systems owned by others without their expressed […]
Jeremy Brown gave an awesome presentation at DEFCON 18 about Exploiting SCADA systems. That was almost 7 years ago. Several other industry professionals including my self have given presentations on defending, security, and exploiting these systems. They are all posted online and you can access them for free. All of these talks highlight a common […]
Everyone knows about the end result of a hack whether it is by a exploit, malware or a successful social engineering attack. But what goes into these attacks? What is the first point of compromise on a system? We can steal a user’s credentials with a carefully crafted webpage or email. However what delivers malware, or an exploit […]
Defense in Depth, conceptually, is described in such a way that layered security increases the security of a system as a whole. In the event where one system is compromised, other mechanisms provide the necessary security to protect the system. It is the antithesis of a singular point of failure, and actively avoids this […]
I recently had some one come to me and ask for advice on how to get into the cyber security field, specifically web application security. I recommended a couple good books and certifications to look at, as well as some good resources for video training materials, but I only recommended learning one tool – Burp Suite. […]
You’ve just broken into your target’s internal network, whether it was some perfectly executed social engineering scheme or leveraging an overlooked unpatched vulnerability, you hit the jackpot. Now you figure it’s time to settle yourself in-between the would-be victim with a man in the middle attack and start sniffing traffic for some credentials. You fire […]