Increasing Security With Chroot Jails
In the world of information security, you have to assume that hackers will get into your network. Whether using a zero-day exploit, sending malicious emails to your employees or taking advantage of...
View ArticleEducating Users to Prevent Phishing Attacks
The most successful attacks against an organization are successful because they target the users. Usually, this involves a user clicking on a link that sends the user’s browser to a malicious webpage...
View ArticlePenetration Testing and Metadata
Metadata can make the difference between success and failure on a Penetration Test. These small bits of information contained in externally-facing documents, usually found in the form of usernames and...
View ArticlePower to the Users!
Leveraging Regular User Accounts to Achieve Compromise One of the more common ways penetration testers break in to networks is by leveraging regular user accounts which have been compromised. They can...
View ArticleBurp Suite Series: Using Burp Proxy with Client-Side Certificates and...
Burp’s functionality extends well beyond the usefulness of the tools included within the suite. One such way in which we have used Burp Suite here at SecureState is to use it as a HTTP Proxy for other...
View ArticleDon’t Let Your Guard Down
The events that happened during the Boston Marathon yesterday were tragic, scary, and unnerving. As technology improves, the amount and quality of evidence and content that is produced during these...
View ArticleCourion Authentication Bypass Vulnerability Disclosure (CVE-2013-2747)
The Profiling team at SecureState discovered a critical flaw in an older version of Courion’s Access Risk Management Suite. This vulnerability allows an unauthenticated attacker to remotely compromise...
View Article
More Pages to Explore .....