Optiv Blog

Most Common Internal Vulnerabilities Found

· By Kirk Greene ·

You can patch OSes all you want and scan your network with just about any general vulnerability scanner but you've left out one very important step - password policy enforcement beyond just domain accounts.I thought that I take a quick moment to answer an ongoing comment/question that always seems to come up at the various

Continue reading

SCTP Linux Kernel Vulnerability Assessment and Reproduction

· By Unknown ·

Overview: The blog post here makes statements about a vulnerability in the Linux kernel handling of SCTP data. The primary point of the post is to show how a vulnerability that was once thought to be of a relative low risk was incorrectly assessed and it can provide a 3rd party remote access to a server using SCTP.

Continue reading

Accuvant speaks at Blackhat Europe

· By Jon Miller ·

So the week before last Neel Mehta of Google, Alex Wheeler of TippingPoint, Dave Bonvillain of Accuvant, and myself made our way to Amsterdam to speak at Blackhat Europe. The topic of our talk was 'Cutting thru the Hype: An Analysis of Application Security Testing Methodologies' (Dave's name)... we were going to speak about all

Continue reading

The difference between high speed and low drag application assessments.

· By Accuvant LABS R&D Team ·

The difference between a mediocre application assessment and a stellar one is assimilation of information and the ability to apply it to the problem at hand. During an application assessment an individual has a limited amount of time to understand an application, its underlying architecture, the development methodology and compress that into knowledge that can

Continue reading
(694 Results)