Information Security Think Tank
Notes
3 of 97 notesSee All
- Old-school remote command exec vulnerabilities on Avaya Intuity 1:32am Sep 17
- Skydive 12:12pm Sep 7
- Free Web Application Security Testing Tool 1:02am Aug 7
This post is gonna be a quick one, since it’s nothing more than the result of me tiding up my pendrive files. ...
Automated Web Application Security Testing tools are in the core of modern penetrating testing practices. You cannot rely 100% on the results they produce, without considering seriously their limitations...
I’ve been meaning to talk about CONFidence and EUSecWest for quite a while, but May was such an intense month for me, that’s hardly left me with any time for other things. I eventually got caught up with other matters, which resulted in me publishing this post about 2 months late. I’...
I couldn’t find any public PoC/exploit for this phpMyAdmin vulnerability, despite it being a serious bug affecting a popular open-source project. ...
This article is a continuation of the following GNUCITIZEN articles: Hacking Linksys IP Cameras (pt 1), Hacking Linksys IP Cameras (pt 2), Hacking Linksys IP Cameras (pt 3), Hacking Linksys IP Cameras (pt 4)...
This is going to be one of these quick posts which just makes you think what the information security landscape will be like in 5 years. Before I move on with my commentary, here is a video which is essential for you to watch. Got the idea? No! Let me explain...
Two of the most popular Firefox extensions are at war, fighting for their own piece of land. More examples will follow. Oh yes, the digital battlefield is taking unusual shapes. The latest manifestation of cyber warfare is a conflict between the Adblock Plus and the NoScript extensions...
When I was playing/introducing the partial disclosure practice an year and something ago, I did get contacted by numerous dodgy characters willing to buy yet undisclosed vulnerabilities for substantial amount of money. Of course, requests of that nature were kindly ignored...
With this post I would like to inform you that Jeriko moved in its own source code repository which you will be able to find here. There is also a discussion group here, if you feel like using it. The version inside the new code repository is very different from the version you’ve seen before. ...
This article is a continuation of the following GNUCITIZEN articles, which include an introduction to the topic and also some initial observations: Hacking Linksys IP Cameras (pt 1), Hacking Linksys IP Cameras (pt 2), Hacking Linksys IP Cameras (pt 3)...
This article is a continuation of the following GNUCITIZEN articles, which include an introduction to the topic and also some initial observations: Hacking Linksys IP Cameras (pt 1), Hacking Linksys IP Cameras (pt 2)...
This article is a continuation of the following GNUCITIZEN article, which includes an introduction to the topic and also some initial observations: Hacking Linksys IP Cameras (pt 1)...
During the easter break, I was playing with my my wireless Linksys IP camera which, although I bought several months ago, I hadn’t taken my time to give the attention this beauty deserves until now! ...
On the 14th this month, Computerworld published an interesting article titled ‘Mafiaboy’ spills the beans at IT360 on underground hackers. Interesting read but nothing too exciting. The article is yet another proof that we are all in big trouble. Si...
