Search Results

Blog

Category

Ulterius Zero Day Disclosure

Ulterius Zero Day Disclosure

Every now and then, an regular penetration test project can take a decidedly irregular detour into the land of zero-day exploits.  In October 2017, I discovered a zero-day vulnerability in Ulterius, a widely used, open-source remote access software. Come along. I have...
Ulterius Zero Day Disclosure

Ulterius Zero Day Disclosure

Every now and then, an regular penetration test project can take a decidedly irregular detour into the land of zero-day exploits.  In October 2017, I discovered a zero-day vulnerability in Ulterius, a widely used, open-source remote access software. Come along. I have...

Enough with the Stunt Hacking

In the information security industry’s latest attention-grabbing headline, we have the tale of Charlie Miller and Chris Valasek hacking a Jeep Cherokee and disabling it while driving down the highway.  You can read about this hack here. This is stunt hacking. That is,...

The Ethical Conundrums of Vulnerability Research

The boundary between right and wrong resists permanence in cyber-security. Hackers enjoy this ambiguity, as it makes the world of hacking exciting. In 1995, when I discovered SQL injection, I went on a website hacking spree for a few weeks. I would show off to my...