I’ve written about SharePoint security before and my opinion was that it’s getting much better however they have a lot of insecure stigma to shake off. Additionally, securing it can be done however it may become very cumbersome to manage in large environments. Rob Rachwald’s talk pretty much confirmed my thoughts but also led me...
Read more »
Back in the day web shells were all the rage so I was curious what “new” was happening in this area. Ryan Kazanciyan started off with a summary of some of the more poplar web shells he’s seen in the past several years. Two examples included ASPXSpy and China Chopper. He discussed how each...
Read more »
I had the opportunity to attend the “Python Basics for Web App Pentesters – Part 2″ by Justin Searle. Being someone that hasn’t program for a good number of years, this Python talk really appealed to me. I’ve been wanting to relearn to code again to simplify or automate some of my day-to-day security-related...
Read more »
As we announced last month AppSecDC is upon us and I’m excited to be heading down into the city soon! For those interested I’m honored to be presenting twice at this event … one on Wednesday at 2:30 and another on Thursday at 4:30. I’ve included the title and abstracts below. I always enjoy...
Read more »
Last week in our Weekly Rewind post we covered the story “Shopping For Zero-Days” from Forbes. via Forbes.com A clever hacker today has to make tough choices. Find a previously unknown method for dismantling the defenses of a device like an iPhone or iPad, for instance, and you can report it to Apple and...
Read more »
It’s that time of the week again: the time where we take a look at what local security bloggers have been up to. You can take a look at what local security bloggers have been up to but if you can’t get enough of the local security scene, check out our NovaInfosec Twits listfor...
Read more »
Hey, two weeks in a row for the Weekly Rewind post! If you missed anything or happened to be offline, we hope you find this post useful as a quick reference. For some of those readers that may not have noticed, I actually tack on commentary to the industry articles – so check out...
Read more »
Ok … this post isn’t directly security related but when doing infosec research, this little tool is something I find very helpful in finding and organizing web pages. I’m surprised at the number of security professions that have never heard of it. The name of this little secret tool … Tree-Style Tabs. Tree-Style Tabs...
Read more »
Every once in a while I’ll be out at a local infosec meetup and the subject of SharePoint will come up. Many in the group immediately start bashing SharePoint’s security. Others are on the border but follow suit out of peer pressure, leaving the ones that don’t know with the impression that SharePoint is...
Read more »
Last week Gizmodo had a nice article on the myth of Mac security fueled by Apple’s announcement of Gatekeeper in Mountain Lion. They discuss all the relevant pros and cons in comparing Windows and Mac security. The author concludes “To stay secure, Mac users need to follow the same fundamental steps as Windows users…”....
Read more »
Should We Change Our Name to NovaInfosec.com?
Total Voters: 11
Loading ...
