Episode 0x74 Quarantine 2020 Edition All the late shows are doing the "I phoned in from home" why shouldn't we? Upcoming this week... Lots of…
Sometimes after looking at web application security, IoT botnets, and various malware I long for the pre-2000 hacking days. Where, instead of looking for XSS…
Years ago I was working on a project that had a rather interesting premise. It was a way to send a file between two parties…
Apache .htaccess changes led to arbitrary file upload vulnerabilities in jQuery project I attended the Messaging, Malware and Mobile Anti-Abuse Working Group (m3aawg.org) meeting in…
What makes security practitioners tick? That's a simple question with a lot of drivers underneath it. We want to find out; please help us by signing…
This is a repost of a blog that Joe Marshall (@ImmortanJo3) and I wrote on February 22, 2016 and @da_667 posted to his blog (which is now…
I’ve spent a fair amount of my time examining code for vulnerabilities, I recently began to focus specifically on SQL injection. While investigating this specific…
Deep web, Dark web, Darknet... These terms are often used interchangeably despite representing distinct, but related segments of the Internet. The deep web (sometimes called the…
RSA Parties 2017 List It is that time of year again and the RSA Parties 2017 list is back again! The RSA Security Conference approaches…
I have been focused on vulnerability research against WordPress Plugins and more recently Joomla Extensions. During my talk at Defcon 24, I spoke about my…