Hacking Exposed Web Applications
Samuel Bucholtz is contributing author of “Hacking Exposed Web Applications, Second Edition“
View ArticleHunting Security Bugs
Chris Weber is technical editor of “Hunting Security Bugs” authored by the Microsoft Office Security Test Team.
View ArticleAnalysis of the Storm and Nugache Trojans: P2P Is Here
John Hernandez and other member’s work on the Nugache botnet “Analysis of the Storm and Nugache Trojans: P2P Is Here” in ;login: The USENIX Magazine December 2007, Volume 32, Number 6 Paper: Analysis...
View ArticleExploiting Unicode-enabled Software at UIC32
Chris Weber speaks on “Exploiting Unicode-enabled Software” at the 32nd Internationalization & Unicode Conference.
View ArticleExploiting Unicode-enabled Software at SOURCE Boston
Chris Weber speaks on “Exploiting Unicode-enabled Software” at SOURCE Boston Conference.
View ArticleWatcher: Web security testing tool and passive vulnerability scanner
Casaba releases Watcher for web-application security testing and compliance auditing. Watcher is open source on CodePlex.
View ArticleExploiting Unicode-enabled Software at CanSecWest
Chris Weber speaks on “Exploiting Unicode-enabled Software” at CanSecWest. Slides: Exploiting Unicode-enabled Software at CanSecWest (PDF)
View ArticleCasaba helps red team operations at the 2nd Collegiate Cyber Defense Competition
At the 2nd Collegiate Cyber Defense Competition student teams are presented with a pre-configured systems of a fictitious company that they are tasked to operate. The evil red team with the help of...
View ArticleWatcher adds support for OWASP Application Security Verification Standard
The Watcher web-app security tool, open source at CodePlex, now includes support for OWASP’s new Application Security Verification Standard.
View ArticleUnraveling Unicode: A Bag of Tricks for Bug Hunting at Black Hat USA
Chris Weber speaks on “Unraveling Unicode: A Bag of Tricks for Bug Hunting” at Black Hat USA Paper: Unraveling Unicode (PDF) Slides: Unraveling Unicode Slides (PDF)
View ArticleUnicode Transformations and Security Vulnerabilities at UIC33
Chris Weber speaks on “Unicode Transformations and Security Vulnerabilities” the Internationalization and Unicode Conference 33.
View ArticleCharacter Transformations: Finding Hidden Vulnerabilities at BlueHat
Chris Weber speaks on “Character Transformations: Finding Hidden Vulnerabilities” at Microsoft’s BlueHat on Unicode and Globalization security testing.
View ArticleSecurity Tesing with Watcher at AppSecDC
Chris Weber speaks on “Security Tesing with Watcher” at OWASP’s AppSecDC on Unicode security testing and Web-app security testing with the Watcher tool.
View ArticleCasaba a Consulting Member of Microsoft SDL Pro Network
Casaba is now a member of Microsoft’s SDL Pro Network. This relationship with Microsoft’s SDL Pro Network will foster Casaba’s commitment to providing top-quality SDL services to our clients.
View ArticleHacking IRL: Crafting for the Modern Geek at OSCON
Casaba Security joins the Open Source Convention (OSCON) lineup as Mary Kelly presents Hacking IRL: Crafting for the Modern Geek. What do you get when you mix fractals, 3D printers, robotics, open...
View ArticleWhy Microsoft has been a leader in responding to cyberattacks
Chris Weber’s guest blog post on The Last Watchdog concerning Microsoft’s leadership in responding to threats and vulnerabilities in “Why Microsoft has been a leader in responding to cyberattacks.”
View Article‘Hacktivist’ Jester Claims Responsibility for WikiLeaks Attack
Jason Glassberg interviewed by FOX News on “‘Hacktivist’ Jester Claims Responsibility for WikiLeaks Attack“
View ArticleApplying Microsoft SDL Requirements Practices within Windows Azure
Chris Weber, Managing Partner and Robert Mooney, Senior Software Development, Casaba, speak about applying Microsoft SDL Requirements security practices to applications built on top of Windows Azure,...
View ArticleMicrosoft SDL Requirements Phase: Security Practices
Chris Weber, Managing Partner and Robert Mooney, Senior Software Development, Casaba, speak about the security practices of the “Requirements” phase of the Microsoft SDL. Chris and Robert explain the...
View ArticleAmazon.com’s Success in Wikileaks Attack is Proof of Cloud Safety for Businesses
Chris Weber on why Amazon.com’s Success in Wikileaks Attack is Proof of Cloud Safety for Businesses.
View ArticleWhich E-mail Service is Safest?
Chris Weber’s article on “Which E-mail Service is Safest?” goes online. Explore the key differences between Hotmail, Gmail, Yahoo Mail, and Facebook and some of the alternatives such as Hushmail and...
View ArticleMicrosoft SDL Release Phase: Security Practices
Jason Glassberg, Co-Founder, Casaba, discusses the three security practices of the Microsoft SDL Release phase. Jason talks about the planning for post-release contingencies by creating a well...
View ArticleWhat Would You Do If Your Computer Got Hacked?
Chris Weber and Jason Glassberg on Seattle’s Q13 Fox News story “What Would You Do If Your Computer Got Hacked?“
View ArticleIs the Internet Running Out of Room?
Samuel Bucholtz discusses the implications of IPv4 depletion and the IPv6 transition in “Is the Internet Running Out of Room?“
View ArticleEgyptians Use Low-Tech Gadgets to Get Around Communications Block
Chris Weber discusses how “Egyptians Use Low-Tech Gadgets to Get Around Communications Block” with FoxNews.com
View ArticleToor’n to San Diego for some MS-SQL post-exploitation
A little over a year ago I presented at SOURCE Seattle about SQL post-exploitation; discussing things that are still possible in the MS-SQL environment, as well as those techniques that people seem to...
View ArticleThe End of Another Toor
Well, another ToorCon has come and gone. As with previous ToorCons, I can’t say enough good things about this conference, so many great people and awesome presentations. I was lucky enough to speak...
View ArticleCasaba on Komo News
Jason Glassberg and Walter Pearce will be featured on Komo News (local station 4) in Seattle, today (Tuesday) December 11, 2012 in a segment on mobile phone hacking. Tune in this evening at 4pm and 6pm!
View ArticleCasaba on Komo News – [Update] Smartphone scams plentiful during holiday season
In case you missed it, see Casaba demonstrating the risks associated with running untrusted applications on your mobile devices. Jason Glassberg and Walter Pearce “follow” news reporter Connie Thompson...
View ArticleCasaba Makes a Cameo at DRIVE 2013
DRIVE is a unique event healed at the University of Washington that brings together the a growing community of non-profit IT professionals seeking to leverage big data in order to maximize the...
View ArticleDRIVE 2013: Transferring Sensitive Data (Session Notes)
Yesterday I gave a talk at DRIVE 2013 on best practices for securing the exchange of sensitive data entitled, “Data Exchange: Transferring Sensitive Data Between Systems.” [pdf] What follows are my...
View ArticleCanSecWest 2013 and more MS-SQL Shenanigans
Once again I’ll be taking the SQL-show on the road, this time up to Vancouver, BC for CanSecWest 2013. My talk will focus on the methods and mayhem that can be had in a MS-SQL post-exploitation...
View Article