Professionally Evil Insights

Search for keywords or individual blog posts

    Posts

    Finding the Leaks

    One of the common vulnerabilities we find when performing internal network penetration testing is sensitive data on open SMB file shares.  Now, by...

    Secure Ideas Jan 9, 2013

    Spear Phishing: "You guys are Shady!"

    This post is part of our Professionally Evil series of posts that discuss some of the experiences we have had as Security Consultants.  In Kevin’s...

    Secure Ideas Jan 2, 2013

    Happy New Years!

    As we finish 2012 and look forward to 2013, Secure Ideas’ staff would like to wish everyone a happy new year.  We also thought it would be fun to do...

    Kevin Johnson Dec 31, 2012

    Don’t Trust the Replacement Delivery Guy

    Here at Secure Ideas we have had a ton of fun experiences during our work. When we teach or present, people often ask us to talk about the things we...

    Kevin Johnson Dec 26, 2012

    Grey Box Penetration Testing

    A common question I get from potential clients is “what is grey box testing and why do we need it?”  I believe this often stems from the request for...

    Secure Ideas Dec 4, 2012

    SH5ARK: Taking a Byte out of HTML5

    The new features in HTML5 have opened a whole new world of opportunities for developers and for attackers.  Secure Ideas recognized this and  with...

    Secure Ideas Nov 30, 2012

    How To: Encrypting Mac Mail

    As a security consultant, frequently traveling, it is critical to implement security controls to protect sensitive data on my computer.  One of the...

    Secure Ideas Nov 8, 2012

    DerbyCon Wrap Up

    Its a wrap!  DerbyCon has ended for the Secure Ideas crew and we are all headed home.  While a few team members are flying out, the rest of us are...

    Secure Ideas Oct 1, 2012

    DerbyCon Bound

    So the Secure Ideas staff is pretty excited to be headed to DerbyCon even though Jason is the only one smart enough to fly there. (James, Kevin, Tony...

    Kevin Johnson Sep 27, 2012
    Testing

    ViewState XSS: What's the Deal?

    As penetration testers, there are many different technologies that we have to be familiar with.  The more we know and understand about a given...

    Secure Ideas Sep 18, 2012
    1 ... 26 27 28