Cyber Security Awareness and Vulnerabilities Blog

RSS

Two extremely important pieces of pending cybersecurity legislation took significant steps forward in Washington last week.

Read More

The Rockefeller-Snowe Cybersecurity Act represents an important milestone in advancing U.S. policy along a number of important lines.

Read More

RSA Security Conference 2010 was a raging success for Core, both in terms of taking measure of itself in the industry and creating an industry for security testing and measurement itself.

Read More

Three of the IT security industry's most respected leaders have signed-on to help guide our future plans. They've done so because they already share our vision for the future of enterprise security testing and measurement.

Read More

In direct response to customer demand, Core Security has announced a direct integration between IMPACT Pro and the open source Metasploit Framework.

Read More

ShmooCon 2010 and all the other Cons have a truly special place in the hearts and minds of security researchers and pen testers, and within the IT security industry itself.

Read More

In Windows systems, path and filename normalization routines have some interesting quirks. In his upcoming ShmooCon presentation, Core's Dan Crowley will demonstrate how these quirks can be used to bypass filters and access control mechanisms, evade IDS detection, alter the way that files are handled and processed, and make brute force attacks to enumerate files easier.

Read More

It's amazing that vulnerabilities such as the Windows GP Trap Handler Privilege Escalation flaw are still wreaking havoc, but they are, so test for them to ensure that you're not exposed, using CORE IMPACT Pro, of course.

Read More

The Operation Aurora Attacks on Google and other tech giants highlight further why penetration testing is the best solution available in terms of help organizations understand precisely where their greatest points of risk exist today.

Read More

Practicing lock picking can be a useful way to consider your approach to thorough penetration testing.

Read More