5 retweets 3 favorites
As part of most vulnerability assessments and penetration tests against a website, we almost always run some kind of scanner. Burp (commercial) and ZAP (free from OWASP) are two commonly used scanners. Once youve done a few website assessments, you start to get a feel for what pages and fields are likely candidates for exploit.
This demo video describes McAfee SiteAdvisor Enterprise as a Browser Helper Object for web security protection. SiteAdvisor is installed into the ePO Master Repository via the Software Manager….
6 retweets 2 favorites
Yesterday, a number of news sites published speculative reports about a possible OpenSSLbug to be fixed today.
Yesterday and today, a post on reddit.org caused quite a bit of uncertainty about the security of 1024 bit RSA keys if used with OpenSSL. The past referred to a presentation given at a cryptography conference, stating that 1024 Bit SSL keys can be factored with moderate resources (“20 minutes on a Laptop”). It was suggested that this is at least in part due to a bug in OpenSSL, which according to the post doesn’t pick the random keys from the entire space available.