Exploiting The Entity: XXE (XML External Entity Injection)
History In the recent year, major tech giants, like Google, Facebook, Magento, Shopify, Uber, Twitter, and Microsoft, have undergone XML …
Read More
How To Protect Tomorrow’s Critical Infrastructure
Imagine a city the size of London thrown into chaos, as public transport grinds to a halt and traffic lights …
Read More
Viktor Minin: On Process Migration
Hi, Today I want to talk about an old technique used by many automation scripts and shells: Process Migration. Most …
Read More
Why Machine Learning is More Likely to Cure Cancer Than to Stop Malware – Webinar on Feb 27th 3 PM EST!
Machine Learning (ML) has become the shiny new object for security and is the foundational pillar of products such as …
Read More
Effects of Biometrics Co-Used with Password
It appears that, amazingly, many people are still trapped in a false sense of security that biometrics helps us for …
Read More
Networks, What do you mean by that?
Have you ever heard of words like Generation X, Generation Y, Lost generation, etc.? These are the words that are …
Read More
Thick Client Penetration Testing – Exploiting JAVA Deserialization Vulnerability for Remote Code Execution
Thick Client? What do you mean by that? Thick client is the kind of application which is installed on the …
Read More
Extending attack surface in distributed environments
I am currently working in the RCNTEC company where I have a deal with distributed environments everyday. Once I had …
Read More
Do You Think Your Mobile is Secure with a Finger Print? Think Again!
With smartphones companies allowing people a convenience to perform multiple tasks and purchase transaction over their phone, also opens the …
Read More
There is a shell in your lunch-box by Rotimi Akinyele
My team was recently engaged by a client (Hackme) to perform a black-box external penetration test. The objective was simple …
Read More