On Tuesday April 10th at 12pm EST, 9am PST, 5pm GMT I’ll be presenting “5 Lessons Learned From Breaking In: Confessions of a Pentester & Other Stories” during a free webinar. I’ll be talking about the five most common ways my team and I break into companies that you would think are highly secured such […]
Below are links over on SlideShare to the latest version of my ever evolving presentation “Attacking & Defending Apple iOS Devices in the Enterprise”. This is the version I presented at the SANS Mobile Device Security Summit a few weeks ago. I include information on iOS 5, the latest jailbreaks at the time (this has
Attacking & Defending Apple iOS Devices in the Enterprise Presentation Updates Read More »
Sorry for the long delay on posting the slides from the presentation that myself, Josh Abraham and Kevin Johnson did at Black Hat USA and DEF CON 19. I’ve uploaded the slides from DEF CON to SlideShare (you can also download a copy there as well) and below are the links to the tools and
Don’t Drop the SOAP: Real World Web Service Testing for Web Hackers Presentation Read More »
Last week I spoke at the Central Ohio ISSA Conference about Attacking and Defending Apple IOS Devices. This talk was based on information gathered from several of the mobile pentests that I conducted at SecureState. I’ll be working on more research that will be going into an white paper that I will hopefully be releasing
Attacking and Defending Apple iOS Devices Presentation Read More »
My employer (SecureState) has released two white papers as part of our Social Media Security Awareness Month. You can also download some cool wallpaper for this month created by Rob our graphic designer (see the picture on the right). 🙂 First is some research several of my colleagues and I worked on. The paper is titled:
Two New Social Media Security White Papers Released Read More »
A few weeks ago the fine folks over at Paterva released the next version of their information gathering tool, Maltego 3. Ever since day one of the product I’ve been a huge fan and have used it in multiple penetration tests and various reconnaissance activities. I know I’m not alone as many of you in
Overview and Review of Maltego 3 Read More »
Everyone has probably already heard that Facebook rolled out new privacy settings today. If you haven’t seen them or gotten the following pop-up box on login…you will soon: There are a great deal of articles already out about how this is such a great improvement and how these new settings give you more control over
New Facebook Privacy Settings: For Better or For Worse? Read More »
Continuing the zombie apocalypse from Defcon…Kevin Johnson and I will again be presenting “Social Zombies: Your Friends Want to Eat Your Brains” at this week’s OWASP AppSec DC conference. We will be speaking Thursday, November 12th at 2:10 in room 146c. We will have some new material and updates from the presentation we gave at
Social Zombies at OWASP AppSec DC this Week Read More »
This is the final article in my series on Enterprise Open Source Intelligence Gathering. This information relates to the main topics from my presentation that I am giving this week at the 7th Annual Ohio Information Security Summit. For more background information, see part one. If you missed part two (blogs, message boards and metadata)
This post is part two of my three part series on Enterprise Open Source Intelligence Gathering. This information relates to the presentation that I am giving this week at the 7th Annual Ohio Information Security Summit. For more background information, see part 1. Part three will be about putting together a simple monitoring program/toolkit and
