Equifax Breach: Why I am not surprised

| | Breach, Compromise, Equifax, Fraud, ssn
The Equifax breach, announced in September 2017, is said to potentially impact some 143 million Americans. At this point in time Equifax has not shared many details about the breach except the numbers and that the information was extracted through a web application vulnerability. Despite the lack of details, we ... Read More

Are You Ready for Your Pen Test?

It is day three of a five-day penetration test engagement and we still don’t have all the information we need to proceed with the test. This particular test was scoped to focus on internal applications and we were to gain access to those applications through the client’s VPN solution. But ... Read More

Cloud-Base Host Discovery Is Easier Than You Think!

During a recent conversation at DerbyCon it occurred to me that some security folks who are just dipping their toes into AWS are struggling a lot with the idea that cloud (EC2) instances keep popping up spontaneously. Developers and their agile / devops / continuous deployment methodologies are creating a ... Read More