Archive by Author

Facebook Breach Webcast

Today Rendition Infosec presented a webcast on the Facebook API breach. We covered what we know and what we don’t about the breach up to this point. Note: the audio has a few issues. I apologize for some audio problems we had due to a user interface issue with our webcast provider. We’ve fixed it […]

SEC504 CTF Networking Troubeshooting

I teach SANS SEC504 occasionally and have noted that over the last few years, students are having increasing numbers of issues getting set up for the CTF.  If you’re having trouble getting connected, my first piece of advice is “calm down and don’t blame the instructor for connection issues.” This class is run a LOT. […]

Zip Slip Vulnerability – Updated

We’re posting some information on the newly announced Zip Slip vulnerability. Expect more information later today, but for now we wanted to post some information so you aren’t blindsided when management inevitably asks. The link to the vulnerability announcement is here. The Zip Slip vulnerability is a directory traversal vulnerability that is found in multiple […]