Disclaimer: The opinions of the columnists are their own and not necessarily those of their employer.

Tag Archives: Penetration Testing

Why I no longer report website vulnerabilities that I stumble upon…

– I wrote this in July 2007 but decided against publishing it at the time. In July, I felt that I did not have a significant, publicly known case to help make the argument legitimized. The Dan Egerstad case prompted me to change my opinion. —- There was a time that if I found a vulnerability…

Elite Drug Sniffing Dog Kidnapped and Rescued

– On a more comical note, why might the kidnappers not have just killed this dog? Didn’t know the dog’s credentials, but came to realize he must be very popular Wanted to ransom it but didn’t know how the police kept finding them (embedded RFID tag) Wanted to use the dog to find…

bloginfosec.com Interviews Jeremiah Grossman on Web App Security

– One of the many blogs on which I keep a close eye is that of Jeremiah Grossman. His expertise is in web application security. I made his acquaintance at the 16th Annual NY Metro ISSA conference and had the good fortune to watch his Cross Site Request Forgery (CSRF) presentation. I had the chance…

Students grasp most important takeaway in teen hacking contest

– This was an interesting article on MSNBC about an Iowa State’s high-school contest in which the student “Blue Teams” are pitted against a “Red Team” of upper-class and professional security experts who try to hack the student’s computer systems. The important…

Hot off the press: Metasploit Framework 3.0 Released

– Click here. More info here. …