Thanks to everyone involved at making this a successful event. It was my first time out to BeanSec, but unfortunately will likely be my last this year (I am going back to school in September). I made the two hour drive all the way out from Hartford, CT, and it was a blast. There were […]

Web 2.0 has (re)introduced a wide variety of attack vectors that can be used against Internet users to steal sensitive information, control the web browser, and more. The security industry has seen a shift from concentrating on the servers that house data to protecting the data itself. Many web applications and social-networking sites today exhibit flaws that expose them to all sorts of attacks, with much focus on XSS, CSRF, exploiting the same-origin policy and malicious code execution.

Going to keep this one short… nothing too exciting in this issue.
Phrack Issue Two — Released 01/01/1986
Universal Informational Services via ISDN by Taran King
This phile is a basic overview of ISDN.
The central idea of ISDN, as AT&T Network Systems sees it, is to provide an individual user a link to the local central office of […]

For those living in Phoenix, Desert Code Camp is upon us. All morning and afternoon on Saturday, September 15 will be full of sessions that are all about code. My friend Adam Muntner (founder of QuietMove and contributor to Security Catalyst) will be presenting three sessions on information security. They are:
Achieving PCI Compliance
Payment Card Industry […]

I’ve started (finally) filling out the projects section on my site. Check it out, I’ve got a couple neat scripts I wrote for performing various tasks. The section will continue to grow as I get better with various scripting languages and write cooler/better/longer scripts. Feel free to comment on any of them, how to improve […]