protocol about server session SSL/TLS.

iOS-SandBox-Dumper - SandBox-Dumper makes use of multiple private libraries to provide exact locations of the application sandbox, application bundle and some other interesting information

1 points and 0 comments so far on reddit

October 2017, Microsoft patch Tuesday included an optional security advisory, ADV170014, this advisory makes reference to a bug on the NTLM authentication scheme, that allows a malicious attacker t…

You need more than one AWS account. This is to isolate production resources, manage limits (especially API rate limiting), handle costs…

Disclaimer : I am not an electronics engineer. I just play one on Twitter. A lot of the following might be heresy to someone who ever ...

It is time to sunset the practice of producing reports for reporting’s sake to satisfy regulators. Organizations need to go beyond just producing reports to continuous monitoring of their compliance position. Automation becomes key here. In my post I discuss…

Continuing with the OWASP Top 10 series we are on number 2, Broken Authentication and Session Management. What is it? How can be exploited? This episode breaks down what this covers and why it's number two in the Top 10.  OWAPS A2 - Broken Authentication…

Security Awareness Blog blog pertaining to Three Commandments to Building a Mature Awareness Program

A short story about CCTV cameras in hotels and how to hack them.

Virtual patching (VP) has been one of the most popular trends in application protection in recent years. Implemented at the level of a w...

A short story about CCTV cameras in hotels and how to hack them.

The internet of things (IoT) is opening a whole new world of possibilities. Unfortunately, it also is creating a whole new world of threats too, such as ransomware of things (RoT). Here are seven things enterprises can do to better secure their IoT. Know…

Deception technology firm Cymmetria offers a new offense option for defenders.

Today we will try to solve Fusion 4. This level is a lot more complicated than the previous ones, so I might split it into 2 articles. What we will do: Read and understand the program well. Find th…

Contextually Aware Security testing is MI3 Security’s answer to the
limitations of one time application specific scans.

InfoCon.org is an archive of hacking and security conference videos, documentaries, rainbow tables, word lists and podcasts.