Oct 28, 2019 | Vulnerabilities
The Capital One breach is grabbing a lot of attention lately. This breach is notable not only for its size of 100M stolen customer records but also because the data was taken from a site hosted at AWS. I will refrain from rehashing the details here; you can read them...
Sep 11, 2019 | Cybersecurity, Millennials, Penetration Testing, Risk Management, System Security, Vulnerabilities
Andrew Plato, CEO & Founder of Anitian, recently sat down with podcast host David “Ledge” Ledgerwood from Gun.io to discuss accidentally finding SQL attacks, gaining his deep appreciation for security, and how the combination of both inspired him to start his own...
Oct 13, 2018 | Application Security, Vulnerabilities, Vulnerability Management, Vulnerability Research
Exploiting a SAML Implementation During a recent web application test, I discovered a bug in a Security Assertion Markup Language (SAML) implementation. This bug involved an insecure implementation of a SAML feature combined with a custom authentication mechanism our...
Apr 2, 2018 | Application Security, Penetration Testing, Vulnerabilities
Welcome to Part 2 of this 2-part blog series looking at the details of exploring and validating an exploit! If you liked this series, I bet you’d be interested in our webinar on How to Think Like A Hacker, check it out! Now on to Part 2: Taking it to the Next...
Mar 27, 2018 | Application Security, Penetration Testing, Vulnerabilities
A Study in Exploit Development: Easychat SEH exploit A typical penetration test involves automated scanning to identify vulnerabilities, followed by a more manual testing process where the tester attempts to validate and exploit those vulnerabilities. Many times, we...
Jan 24, 2018 | Risk Management, Security Analytics, Vulnerabilities
It has been a few weeks since security researchers discovered that nearly every processor on earth is vulnerable to Meltdown and Spectre vulnerabilities. Panic is spreading. We agree that this is a serious set of vulnerabilities. But, no need to panic. We got this....
