While performing an application security assessment on a Ruby on Rails project, I discovered upload functionality that allowed users to upload text, CSV, and YAML files. »
Stratum performs an ever-increasing number of AWS security assessments for our customers from large to small. These deep-dive assessments help identify deficiencies within the customer's AWS »
As more details about the Capital One breach are released in court filings and media reporting, we can start to look at where controls failed to »
Use of DNS infrastructure is a staple of blind application testing and data exfiltration. Both of these scenarios are applicable in most pentest engagements, but building »
Proof of Concept (PoC) Date: 09/04/2018 Exploit Author: Jonathan Gaines Vendor Homepage: https://www.tridium.com/ Version: Affects Tridium Niagara AX Versions: 3.8 »
