Introduction While on an assessment I came across HP SiteScope installed on a server. Having never heard of SiteScope before I started with a Google search. According to Wikipedia, HPE SiteScope is agentless monitoring software focused on monitoring the availability...
UPDATE: I actually received a very nice email from an Aruba Security Architect regarding this post. They are actively engaged in making their products more secure and addressing these issues. Could not ask for a better response from a vendor....
This is a somewhat off topic post about Twitter. Twitter is where the InfoSec community currently “lives”. If you’re trying to get into this field then one of the first easy things you can do is get a Twitter account...
Intro Information disclosure vulnerabilities are not the most exciting bugs in the business, and some bug hunters don’t even consider them worthy of note. I’m not going to weigh into that debate, but we recently came across such a bug...
[This is a cross post from my article on graytier.com published on 18 Jan 16] Intro As penetration testers and security professionals we now have a myriad of tools at our disposal. It seems like everyday a new product, program,...