Good things happen when Forensics and Malware Analysis work together.
The SpiderLabs Incident Response team worked a case earlier this year where previously unseen ...
Read MoreThe SpiderLabs Incident Response team worked a case earlier this year where previously unseen ...
Read MoreMy last two posts have touched on the privacy perspective in relation tomobile applications. This ...
Read MoreIn the web application penetration testing industry, Burp Suite is considered a must-have tool – it ...
Read MoreThis simple blog post was motivated by my desire to look at some mobile applications that I happen ...
Read MoreA couple of weeks ago, Citizen Lab announced the discovery of the mobile component to the ...
Read MoreAs a member of the Physical Security team here at SpiderLabs, some of my job responsibilities ...
Read MoreIn the last blog post, "Opps I pwned your router Part One", I talked about some of poor security ...
Read MoreSpiderLabs' Incident Response team has recently seen credit card fraud involving the suspected ...
Read MoreThose familiar with password cracking know that KoreLogic's rule set for John the Ripper has become ...
Read MoreMany times, in the course of explaining what I do to others that are unfamiliar with information ...
Read MoreJavaScript Object Notation (JSON) is a language and platform independent format for data ...
Read MoreCVSS needs to be extended to accommodate combinations of vulnerabilities. The current documentation ...
Read MoreThis year I've been very busy in terms of conferences, and developing/coordinating new features for ...
Read MoreRecently I've found myself performing a lot of forensic examinations of X-Cart shopping carts. This ...
Read MoreI entered into school with the hope and dream of someday entering into the information security ...
Read MoreRegular Expressions for Input Validation If your web application defensive strategy against ...
Read MoreSo, last time I showed how to get a Unix reverse shell up and running just by using Oracle PL/SQL ...
Read MoreThe ride on the rollercoaster called the web security world never stops and keeps providing us, the ...
Read MoreNumerous technical articles emerge each day about the latest vulnerabilities, flaws, exploits, and ...
Read MoreThis article (along with subsequent articles) will cover the journey I've taken in learning about ...
Read MoreThe recent GoDaddy DNS outage illustrates that the Internet does not just work and sometimes stuff ...
Read MoreAs we mentioned last week there are only two patches this month! Not to mention they are only rated ...
Read MoreIn Louisville, Kentucky next month at Derbycon, Daniel Crowley and I will be giving our ...
Read MoreYes, I imagine you are probably tired to see blog posts about "real-world" PenTesting, people ...
Read MoreMicrosoft has released its Advanced Notification for September 2012. The bad news is that there are ...
Read MoreThis has been a fairly common topic over the last year and I've seen plenty of blog posts and ...
Read MoreIf you combine the dictionary definitions for 'media' and 'hype' you come up with "A means of ...
Read MoreIt has been about 3 months since CryptOMG was released and I will start going through the ...
Read More