public
User Enumeration
Blog on why user enumeration is a security risk, especially for systems such as password managers.…
vulnerability
8 posts
public
public
Confluence Unauthenticated RCE - CVE-2022-26134
Details on the Confluence unauthenticated RCE (CVE-2022-26134) vulnerability.…
public
Log4Shell (CVE-2021-44228, CVE-2021-45046 & CVE-2021-45105)
Basic advice for dealing with Log4j (CVE-2021-44228, CVE-2021-45046 & CVE-2021-45105) with recommended actions.…
public
Moving Beyond the FUD
Post about how we as an industry have to become a bit more pragmatic with our messaging.…
public
Dealing with False Positives
Blog post outlining ways in which to deal with false positives.…
public
Google - Open Redirect
Writeup of Google's Meet Open Redirect vulnerability.…
public
Exploiting CVE-2020-0601
Providing 2 examples how an attacker could potentially exploit CVE-2020-0601.…
public
Tips For Information to Include in a Vulnerability Disclosure
Post to give recommendations about what information to include when disclosing a vulnerability and why it is important to do so.…