Home | Resources | Videos
Exploitation of Vulnerabilities
Utilizing reverse proxies offers a more advanced approach for creating phishing web pages that not only allow the Victim User to fully authenticate to their account through a malicious site, but also how to automate the theft of information within the account.
Learn more
James Sibley
Data Security Breach
Tony UcedaVélez, VerSprite CEO, is interviewed about recent report finding security gaps in DeKalb County’s data center: “Environments where you have too many people having access to sensitive areas is naturally a problem…”
VerSprite
Enterprise Data Security
The recent Georgia Institute of Technology data breach exposed 1.3 million student and employee records. Tony UcedaVélez, VerSprite CEO, was interviewed by WSBTV about why such an elite university makes such an attractive target for hackers.
Tony UcedaVélez
Security Vulnerabilities
In this presentation, we share our Point-of-Sale security research which has revealed a multitude of concerns regarding the secure development of payment applications.
Fabius Watson
Exploit Development
VerSprite’s Director of Security Research, Ben Watson, takes a deep dive into the Dalvik Virtual Machine’s JIT implementation and how it can be used and abused to execute shellcode.
Watch the video of VerSprite’s Security Research presentation at Ekoparty 2018 on Abusing Insecure WCF Endpoints. A trend that the VerSprite Research team noticed in .NET services is the exposure of dangerous methods through insecure WCF endpoints. Most of these services are started automatically as LocalSystem, which is the highest user privilege level available.
PASTA Threat Modeling
Global organizations have been working off of broken or non-existent threat models. Learn why your organization should focus on fixing threat models. This talk exemplifies how key OWASP projects can truly bootstrap the smallest of *Sec groups to make a measurable impact to applying security through measurable technology in lieu of security smokescreens that plague our industry.
This video centers around the idea of modeling threats for applications based upon a higher propensity of threat intelligence, how to harvest and correlate threat patterns to your threat model and also how to correlate a threat model to defining preemptive controls and countermeasures to include in the overall design.
The Process for Attack Simulation and Threat Analysis (PASTA) is a new process for the analysis of cyber threats by focusing on business impacts and with the ultimate objective of protecting the company digital assets such as data and critical business functions.
We are an international squad of professionals working as one.
Email
Phone
