FireEye has an excellent breakdown of a Remote Access Trojan in C# - which is quite a feat given the...
Read More
Lots of AWS assessments recently, here is a good new tool for IAM checking.
https://github.com/sales...
Read More
Really awesome article on automating application scanning with OWASP ZAP:
https://www.zaproxy.org/bl...
Read More
In the world of emergency preparedness, which has been a hobby of mine since I was a Scout, there is...
Read More
Really great breakdown of exploitation of cache poisoning.
https://samcurry.net/abusing-http-path-no...
Read More
I Forgot To Post On Easter Because I Was Cooking Edition
There is a really need VMWare bug th...
Read More
I'm hoping everyone is safe and healthy. This whole thing is weird. But security news marches on.
&n...
Read More
Unusual challenges ahead. Remember that with remote working, application security is on the fr...
Read More
Quarantine edition.
Microsoft patches the newest SMB flaw. Stop using SMB.
https://nake...
Read More
SMBv3 is borked. Block port 445.
https://portal.msrc.microsoft.com/en-US/security-guidance/adv...
Read More
NordVPN has yet another interesting application security vulnerability.
https://www.theregister.co.u...
Read More
From @baskarmib on Twitter, we have an example of malware that will steal your Google authenticator...
Read More